Eric84

Mon ordi ne ouvre plus window en mode normal... il gele a la page pour entré dans une session... Depuis que j'ai fait la mise a jour de window apres avoir installer internet explorer 7... il na plus redémarer normalement depuis ce temps... Sais pas normal pis j'aime pas sa voici le rapport d'Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 19:43:14, on 2006-12-02 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Crazy Browser\Crazy Browser.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe E:\Logiciel de sécuriter\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ig/dell?hl=fr&cli...amp;ibd=0060928 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.ca/ig/dell?hl=fr&cli...amp;ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file) O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: (no name) - {74a49269-9779-48b4-a0e6-3a5af2a3ade6} - (no file) O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161357769531 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EDD0899-9C1A-4E49-8DD5-B6190C8DE0FB}: NameServer = 142.217.192.9,142.217.192.8 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashserv.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: FireDaemon Service: binconf (binconf) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: FireDaemon Service: windll64 (windll64) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) Merci d'avance pour la réponce

Coucou daccord je fait sa et je t'en donne des nouvelle !!!!! daccord

Coucou le fichier il est introuvable... quand je passe par éxecuté il me dise que le fichier ou le nom d'acces est introuvable !!! thx d'avance pour la réponce !!!!!!

coucou sa dit: imposible d'ouvrire le script: "C:\WINDOW\bGUgYm9zcw\v3o0sA6Wwt.vbs" thx d'avance pour la reponce

Coucou dans l'étape deux NewNet, NewDotNet n'apparait plus & Command ne veux pas se désinstallé... et la ligne suivant n'est pas la non plus... O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s pour ce qui est du reste sais fait ...... voici le rapport Logfile of HijackThis v1.99.1 Scan saved at 04:07:54, on 2006-10-31 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\wt\updater\wcmdmgr.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\Ahead\InCD\InCD.exe C:\program files\topthemesxp\txp.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Sygate\SPF\Smc.exe C:\Program Files\mIRC\mirc.exe C:\Program Files\Crazy Browser\Crazy Browser.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe C:\Documents and Settings\All Users\Documents\SETUP A GRAVER (attendre d'en avoir plein)\Logiciel de sécuriter\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ca.dell.com/content/default.as...;l=FR&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.ca.dell.com/content/default.as...;l=FR&s=gen R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.ca/ig/dell?hl=fr&cli...amp;ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [TXP] c:\program files\topthemesxp\txp.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime O4 - HKCU\..\Run: [TClockEx] C:\PROGRA~1\TClockEx\TCLOCKEX.EXE O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161357769531 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EDD0899-9C1A-4E49-8DD5-B6190C8DE0FB}: NameServer = 142.217.192.9,142.217.192.8 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: FireDaemon Service: binconf (binconf) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: FireDaemon Service: windll64 (windll64) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) Merci énormément d'avance !!! tes vraiment pascient loll

Coucou Pas moi mais surment ma coloc :S voici ce que tu as demander!!! Ad-aware 6 - Traduction FR Ad-aware 6 Professional Adobe Flash Player 9 ActiveX Adobe Reader 7.0.8 - Français Adobe Shockwave Player Archiveur WinRAR AVG Anti-Spyware 7.5 ccCommon CCleaner (remove only) CloneCD Command Conexant D850 56K V.9x DFVc Modem Crazy Browser version 3.0.0 Beta2 CursorXP Dell CinePlayer Dell Driver Reset Tool Digital Line Detect DivxToDVD 0.5.2 DVD Solution FTP Expert 3 Harry Potter and the Goblet of FireTheme HijackThis 1.99.1 hpgobletfireoe.zip InCD Intel® Extreme Graphics 2 Driver Intel® PRO Network Adapters and Drivers Intel® PROSet for Wired Connections InterActual Player Internet Worm Protection Invision 2.0 Build 3515 J2SE Runtime Environment 5.0 Update 6 LiveReg (Symantec Corporation) LiveUpdate 2.5 (Symantec Corporation) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft Works mIRC Modem Helper Mozilla Thunderbird (1.5) MSN Multimedia Launcher Nero OEM NetWaiting Network Monitor Norton AntiVirus 2005 Norton AntiVirus 2005 (Symantec Corporation) Norton AntiVirus Help Norton AntiVirus Parent MSI Norton AntiVirus SYMLT MSI Norton WMI Update Paint Shop Pro 7 Power IEv3 PowerDVD PowerProducer Roxio DLA Roxio MyDVD LE SearchAssist Siemens Subscriber Networks SpeedStream DSL Sonic Activation Module Sonic Update Manager SPBBC Sygate Personal Firewall Pro 5.0 Symantec Symantec Script Blocking Installer SymNet TClockEx v1.4.2 en français TopThemes XP v2.8.0707 URL Assistant VideoLAN VLC media player 0.8.5 WildTangent Updater WildTangent Web Driver Winamp (remove only) Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format Runtime

allo voici les deux rapport: Logfile of HijackThis v1.99.1 Scan saved at 21:11:59, on 2006-10-28 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Sygate\SPF\Smc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\WINDOWS\wt\updater\wcmdmgr.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\system32\rundll32.exe C:\program files\topthemesxp\txp.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\winlogon.exe C:\Documents and Settings\xERIC22x\Bureau\polaris se\Polarise SE.exe C:\Program Files\Crazy Browser\Crazy Browser.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe C:\Documents and Settings\All Users\Documents\SETUP A GRAVER (attendre d'en avoir plein)\Logiciel de sécuriter\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com/ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ca.dell.com/content/default.as...;l=FR&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.ca.dell.com/content/default.as...;l=FR&s=gen R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.ca/ig/dell?hl=fr&cli...amp;ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {2F6F2245-3EFF-6CFE-83B4-C55117E3E950} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [TXP] c:\program files\topthemesxp\txp.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime O4 - HKCU\..\Run: [TClockEx] C:\PROGRA~1\TClockEx\TCLOCKEX.EXE O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\res\DealioSearch.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161357769531 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EDD0899-9C1A-4E49-8DD5-B6190C8DE0FB}: NameServer = 142.217.192.9,142.217.192.8 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: FireDaemon Service: binconf (binconf) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: FireDaemon Service: windll64 (windll64) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 20:59:28 2006-10-28 + Résultat de l'analyse: C:\Program Files\NewDotNet -> Adware.NewDotNet : Nettoyé. C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. C:\Program Files\NewDotNet\readme.html -> Adware.NewDotNet : Nettoyé. C:\Program Files\NewDotNet\uninstall6_38.exe -> Adware.NewDotNet : Nettoyé. C:\Program Files\themexp\Themexp.org File\NNWDAB638.EXE -> Adware.NewDotNet : Nettoyé. C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Nettoyé. HKLM\SOFTWARE\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Nettoyé. HKLM\SOFTWARE\Classes\Tldctl2.URLLink -> Adware.NewDotNet : Nettoyé. HKLM\SOFTWARE\Classes\Tldctl2.URLLink.1 -> Adware.NewDotNet : Nettoyé. HKLM\SOFTWARE\Classes\Tldctl2.URLLink\CLSID -> Adware.NewDotNet : Nettoyé. HKLM\SOFTWARE\Classes\Tldctl2.URLLink\CurVer -> Adware.NewDotNet : Nettoyé. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Nettoyé. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\New.net Startup -> Adware.NewDotNet : Nettoyé. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net -> Adware.NewDotNet : Nettoyé. HKLM\SOFTWARE\New.net -> Adware.NewDotNet : Nettoyé. HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Nettoyé. HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Nettoyé. HKU\S-1-5-21-2188519447-3426012807-3039686145-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Nettoyé. HKU\S-1-5-21-2188519447-3426012807-3039686145-1007\Software\New.net -> Adware.NewDotNet : Nettoyé. HKU\S-1-5-21-2188519447-3426012807-3039686145-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Nettoyé. HKU\S-1-5-21-2188519447-3426012807-3039686145-1008\Software\New.net -> Adware.NewDotNet : Nettoyé. [1128] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [1372] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [1456] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [1604] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [1668] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [1800] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [1872] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [1948] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [1968] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [2072] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [236] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [2660] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [2896] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [3468] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [3532] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [3668] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [3708] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [3744] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [3780] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [3884] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [3908] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [4060] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [456] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Nettoyé. [532] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. [680] C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL -> Adware.NewDotNet : Nettoyé. C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP42\A0022174.exe -> Adware.Relevant : Nettoyé. C:\WINDOWS\system32\rkinstaller.exe -> Adware.Relevant : Nettoyé. C:\Program Files\VVSN\VVSN.exe -> Adware.SaveNow : Nettoyé. C:\Program Files\filesubmit\ahpatpoacursorset.zip\VVSNInst.exe -> Adware.SaveNow : Nettoyé. C:\Program Files\filesubmit\sahpgoficons2.zip\VVSNInst.exe -> Adware.SaveNow : Nettoyé. C:\Program Files\themexp\Themexp.org File\VVSNInst.exe -> Adware.SaveNow : Nettoyé. C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP42\A0022175.exe -> Adware.SaveNow : Nettoyé. C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP42\A0022179.exe -> Adware.SaveNow : Nettoyé. [2628] C:\Program Files\VVSN\VVSN.exe -> Adware.SaveNow : Nettoyé. [3896] C:\Program Files\VVSN\VVSN.exe -> Adware.SaveNow : Nettoyé. [2596] C:\DOCUME~1\Melanie\APPLIC~1\the1\blahdefy.exe -> Downloader.Swizzor.bo : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé. C:\Documents and Settings\Melanie\Cookies\melanie@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@adjuggler[1].txt -> TrackingCookie.Adjuggler : Nettoyé. C:\Documents and Settings\Melanie\Cookies\melanie@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé. C:\Documents and Settings\Melanie\Cookies\melanie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@clickbank[1].txt -> TrackingCookie.Clickbank : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\Melanie\Cookies\melanie@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé. C:\Documents and Settings\Melanie\Cookies\melanie@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé. C:\Documents and Settings\Melanie\Cookies\melanie@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\Melanie\Cookies\melanie@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé. C:\Documents and Settings\Melanie\Cookies\melanie@valueclick[2].txt -> TrackingCookie.Valueclick : Nettoyé. C:\Documents and Settings\Melanie\Cookies\melanie@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\xERIC22x\Cookies\xeric22x@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé. Fin du rapport

Coucou sais fait il y a pus de virus du moin je croit... est-ce que je doit faire autre chose? merci d'avance..

Coucou voici les 2 raport: Look2Me-Destroyer V1.0.12 Scanning for infected files..... Scan started at 2006-10-25 16:52:02 Infected! C:\WINDOWS\system32\kt06l7ds1.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017624.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017625.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0019669.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0019869.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0019872.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020123.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020128.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020133.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020137.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020166.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020191.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020234.dll Infected! C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020243.dll Infected! C:\WINDOWS\system32\dkconfig.dll Infected! C:\WINDOWS\system32\h2l2lc3o1f.dll Infected! C:\WINDOWS\system32\irnml5511.dll Infected! C:\WINDOWS\system32\kqdlv1.dll Infected! C:\WINDOWS\system32\kt06l7ds1.dll Infected! C:\WINDOWS\system32\rumotepg.dll Infected! C:\WINDOWS\system32\sglogcfg.dll Infected! C:\WINDOWS\system32\guard.tmp Attempting to delete infected files... Attempting to delete: C:\WINDOWS\system32\kt06l7ds1.dll C:\WINDOWS\system32\kt06l7ds1.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017624.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017624.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017625.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017625.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0019669.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0019669.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0019869.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0019869.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0019872.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0019872.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020123.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020123.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020128.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020128.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020133.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020133.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020137.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020137.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020166.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020166.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020191.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020191.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020234.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020234.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020243.dll C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP38\A0020243.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\dkconfig.dll C:\WINDOWS\system32\dkconfig.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\h2l2lc3o1f.dll C:\WINDOWS\system32\h2l2lc3o1f.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\irnml5511.dll C:\WINDOWS\system32\irnml5511.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\kqdlv1.dll C:\WINDOWS\system32\kqdlv1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\kt06l7ds1.dll C:\WINDOWS\system32\kt06l7ds1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\rumotepg.dll C:\WINDOWS\system32\rumotepg.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\sglogcfg.dll C:\WINDOWS\system32\sglogcfg.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\guard.tmp C:\WINDOWS\system32\guard.tmp Deleted successfully! Making registry repairs. Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Reinstall Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{38DEBAA9-0531-4C29-804F-DDF3CFC01766}" HKCR\Clsid\{38DEBAA9-0531-4C29-804F-DDF3CFC01766} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{82D6A6C8-2E44-4702-B89D-2968717E5137}" HKCR\Clsid\{82D6A6C8-2E44-4702-B89D-2968717E5137} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{20A3EAC0-0AEE-4013-97E2-9F7FA36CADD6}" HKCR\Clsid\{20A3EAC0-0AEE-4013-97E2-9F7FA36CADD6} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{01BAC69C-3762-4687-B7C8-CEDC966FA115}" HKCR\Clsid\{01BAC69C-3762-4687-B7C8-CEDC966FA115} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{6F0AD9DA-3C96-4B8A-8992-B8706D20869A}" HKCR\Clsid\{6F0AD9DA-3C96-4B8A-8992-B8706D20869A} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{FD542DD0-F288-4AAC-A340-B65D2B48AC93}" HKCR\Clsid\{FD542DD0-F288-4AAC-A340-B65D2B48AC93} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{B8C7BB43-506F-4778-9AE4-ABACFCA2965E}" HKCR\Clsid\{B8C7BB43-506F-4778-9AE4-ABACFCA2965E} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{7464B4E7-BA87-408E-AB5D-9CAF87EA921E}" HKCR\Clsid\{7464B4E7-BA87-408E-AB5D-9CAF87EA921E} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5AF78F91-2128-41C8-9CA1-64B6FF722876}" HKCR\Clsid\{5AF78F91-2128-41C8-9CA1-64B6FF722876} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{A6673AED-6615-4B82-8EB9-8320138F93F2}" HKCR\Clsid\{A6673AED-6615-4B82-8EB9-8320138F93F2} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{7A27691B-D75B-44CA-9F51-97D8B38ACA5C}" HKCR\Clsid\{7A27691B-D75B-44CA-9F51-97D8B38ACA5C} Restoring Windows certificates. Replaced hosts file with default windows hosts file Restoring SeDebugPrivilege for Administrateurs - Succeeded Logfile of HijackThis v1.99.1 Scan saved at 17:01:05, on 2006-10-25 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Sygate\SPF\Smc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\wt\updater\wcmdmgr.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Crazy Browser\Crazy Browser.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe C:\Documents and Settings\All Users\Documents\SETUP A GRAVER (attendre d'en avoir plein)\Logiciel de sécuriter\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com/ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ca.dell.com/content/default.as...;l=FR&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.ca.dell.com/content/default.as...;l=FR&s=gen R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.ca/ig/dell?hl=fr&cli...amp;ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime O4 - HKCU\..\Run: [TClockEx] C:\PROGRA~1\TClockEx\TCLOCKEX.EXE O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161357769531 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EDD0899-9C1A-4E49-8DD5-B6190C8DE0FB}: NameServer = 142.217.192.9,142.217.192.8 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,wbsys.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll O23 - Service: FireDaemon Service: binconf (binconf) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: FireDaemon Service: windll64 (windll64) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) esperon que sa sera positif

Coucou j'ai eu beau faire sa mais le même msg apparait et Look2Me-Destroyer ne démarre pas plus ... est-ce normal?! merci d'avance

coucou bel@tor bien sur que je les faite en mode sans échec

coucou j'ai pourtant suivie l'étape de A @ Z mais après 30 tentative avec lookme-destroyer il ne démare pas et apparait tjrs un message que je sais traduire sauf je ne sais pas comment le démaré :S (J'ai d'l'air fou )..... voici le msg: lookme-destroyer has detected that the Task Sheduler service is not running and will start it now merci d'avance

Coucou il y a quelqu'une des procedure que tu ma dit de faire que je n'ai pas pus executer en voici la liste: pour la procedure 4 je peux faire la premiere acion qui est de désactiver Command Service & Network Monitor mais les bouton (arreter) je ne peux pas y toucher car il aparraise inclicable lopremover ne s'install pas car quand je clic sur le set up il y a qu'un bouton unstall donc ya pas d'instal sais un désinstal que tu ma donner :S j'ai fini le reste voici les rapport: Logfile of HijackThis v1.99.1 Scan saved at 21:18:17, on 2006-10-24 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Sygate\SPF\Smc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\wt\updater\wcmdmgr.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Documents and Settings\All Users\Documents\SETUP A GRAVER (attendre d'en avoir plein)\Logiciel de sécuriter\HijackThis.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com/ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ca.dell.com/content/default.as...;l=FR&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.ca.dell.com/content/default.as...;l=FR&s=gen R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.ca/ig/dell?hl=fr&cli...amp;ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161357769531 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EDD0899-9C1A-4E49-8DD5-B6190C8DE0FB}: NameServer = 142.217.192.9,142.217.192.8 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\system32\g4jo0e13eh.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: FireDaemon Service: binconf (binconf) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe O23 - Service: FireDaemon Service: windll64 (windll64) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) ewido: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP32\A0017127.dll -> Adware.Look2Me : Aucune action entreprise. C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017575.dll -> Adware.Look2Me : Aucune action entreprise. C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017581.dll -> Adware.Look2Me : Aucune action entreprise. C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017599.dll -> Adware.Look2Me : Aucune action entreprise. C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017603.dll -> Adware.Look2Me : Aucune action entreprise. C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP33\A0017613.dll -> Adware.Look2Me : Aucune action entreprise. C:\WINDOWS\system32\dclay.dll -> Adware.Look2Me : Aucune action entreprise. C:\WINDOWS\system32\fp8403lqe.dll -> Adware.Look2Me : Aucune action entreprise. C:\WINDOWS\system32\nptui1.dll -> Adware.Look2Me : Aucune action entreprise. [656] C:\WINDOWS\system32\tcd32.dll -> Adware.Look2Me : Aucune action entreprise. [716] C:\WINDOWS\system32\nptui1.dll -> Adware.Look2Me : Aucune action entreprise. C:\Documents and Settings\xERIC22x\Bureau\lopremover.exe -> Adware.Lop : Aucune action entreprise. C:\Documents and Settings\xERIC22x\Bureau\lopremover.zip/lopremover.exe -> Adware.Lop : Aucune action entreprise. C:\Documents and Settings\xERIC22x\Local Settings\Temp\Temporary Internet Files\Content.IE5\W61E3VHR\lopremover[1].zip/lopremover.exe -> Adware.Lop : Aucune action entreprise. C:\Documents and Settings\xERIC22x\Local Settings\Temporary Internet Files\Content.IE5\6PQ9STCD\lopremover[1].zip/lopremover.exe -> Adware.Lop : Aucune action entreprise. C:\RECYCLER\S-1-5-21-2188519447-3426012807-3039686145-1007\Dc54.rar/Setup.exe -> Backdoor.IRCBot.dd : Aucune action entreprise. C:\Documents and Settings\xERIC22x\Incomplete\T-233472-Zoo Tycoon 2 Marine Mania.exe -> Dropper.VB.lu : Aucune action entreprise. Fin du rapport merci d'avance pour la réponce!

Coucou merci énormément bibi26 :P :P je vais essayer sela on se reparle après la procedure

Bonjour a tous merci d'avance pour votre réponce j'ai plein de virus et je n'arrive pas a les supprimé avec avg car quand il les supprime je relance avg et il réaparais... :S je me demande si ils sont destructible !! voici mon rapport de HijackThis j'attend avec impatience pour une réponce.. car vous êtes un forum tellement efficace merci d'avance Logfile of HijackThis v1.99.1 Scan saved at 16:50:16, on 2006-10-24 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Sygate\SPF\Smc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\wt\updater\wcmdmgr.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\BearShare\BearShare.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\NEONAP~1.0\NEONAP~1.EXE C:\Program Files\Crazy Browser\Crazy Browser.exe C:\Documents and Settings\All Users\Documents\SETUP A GRAVER (attendre d'en avoir plein)\Logiciel de sécuriter\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.ca/hws/sb/dell-row/fr/side.html?channel=ca R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.ca/hws/sb/dell-row/fr/side.html?channel=ca R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com/ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ca.dell.com/content/default.as...;l=FR&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.ca.dell.com/content/default.as...;l=FR&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.ca/ig/dell?hl=fr&cli...amp;ibd=0060928 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program Files\Fichiers communs\{3C18CA46-0AE9-1036-0103-060416200002}\MyToolBar.dll (file missing) O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: C:\Documents and Settings\All Users\Application Data\Second Show List Delete\open live.exe O4 - HKLM\..\Run: [bearShare] "C:\Program Files\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [orl3b7b6] RUNDLL32.EXE w38d9fd4.dll,n 0063b7b00000000a38d9fd4 O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161357769531 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EDD0899-9C1A-4E49-8DD5-B6190C8DE0FB}: NameServer = 142.217.192.9,142.217.192.8 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: CSCSettings - C:\WINDOWS\system32\f22mlcf11f2.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: FireDaemon Service: binconf (binconf) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing) O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\bGUgYm9zcw\command.exe (file missing) O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing) O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe O23 - Service: FireDaemon Service: windll64 (windll64) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE (file missing)

J'ai window xp fam, et j'ai dans mon firewall (symentec fire wall pro) deux fichier suspect qui ce nom: 1- noyau et system nt. 2- ouverture d'application de window nt ... et quand je fait teminate now avec le firewall la barre (démaré) change pour la barre win nt et grossie... kekun pourrais m'aider? svp