shakyna

désolée pour mon temps de réponse , j'étais en vacances lol ah O_o j'ai du vouloir aller trop rapidement en voulant installer spyware terminator, parce que d'habitude, je n'accepte jamais l'installation de toolbars ^_^ merci Pear pour votre aide si précieuse

D'accord Merci tout de même pour votre réponse... C'est seulement que ca m'inquiétait de voir que les éxucutions de Kaspersky ne contenait plus du toutes les pages visitées, mais seulement ce que je vous ai montré... j'ai utilisé OTM. (je dois dire que deja, bien que je ne sais pas du tout ce a quoi ca servait, je sens que mon ordinateur est presque deja redevenu normal O_o) Voici le log demandé : All processes killed ========== PROCESSES ========== ========== FILES ========== File/Folder C:\PROGRA~1\Crawler\ctbr.dll not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: isabelle File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\W5AFGTAF\dB9ZzL8sHPhUjwhwFwBgcIT65MSR6lhk8_8jAfGMWC1u7p1-9Rx1wB3VUZNz47yNd7R7Q8zgZG1wJbH1pHfg0SWz1XTCGxcEhq2El89SftTDPWV8hc2gz_JlldsEFRcB dOWm548Ol2UcFhm9rynEWySrwkS-6YskUytAswCIY[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\W5AFGTAF\oDcFJka3T9OjMJ6JPh0e4p2cEotAMGnLiMP_7bzty5ImYYamAvkbXzZCerFRBPcNPTL8t7Pj5SI xahNsliNrIYFRdcOm5pOZ5-Mq8mV-rwnaBTJEnHk1bjJgKB63shej8FG8iyYKrycVbQsmIdFcibXL7OgRNX042tPx1kIGv[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\GDMN4PE7\cy3K4--8ktC3KExNKmaDd6Uv_SCfQryFA4odaATIzQqr1Nb3MfCEypkdSj1JlhT8_2M8n5vv0-v8VN_BDXHCnvf638vfB9cggWFYrhIh8VCMi9PaVTtfCq2IRXYQM02QcbV54xe-naRtBsLE-siVYaP6Up94nuiNF2Ij9ukAr[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\GDMN4PE7\cy3K4--8ktCRlqc7HOiTLcxB6y-35vVdzu08UJNJTJuaVGYbTymDogshLsryMVqVl3LXjtJFOikOGDARCHZtm2DjvJ-kuWWUg_M_RTJRYIrzWbaDmhWqVvxXv-Ds5hkxyz5qkRaMEgu_YtTs6kM4p9mnUFmDRbaVbLbAEmPBr[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\GDMN4PE7\soXc4eVpkw_g16Ohpw1iVfGXHemZmG9PiM2VRoaC8mf3ueQmw9pWPDFue24SiMJCDRLdR4Py1VJ-tqRDTm2KH2jMZujRgw_p4TN1fn_qXnQ9ETqbcu1cDvzovcGxrTWSW7b4zvbwssGLkgfyqcUpgiXx4Qu3 il6pxEdKIYX8N[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\GDMN4PE7\Ug4aAqQP9o8cvANcyOZTUW_2gzLYd1ncuzVa9hjmh34F2lT9z4e3LvhdDYbzpZ-_XPoxXNxSB-Eo3pugl9EuS1etI1dpIXwg6bmzowHtWIyJp1oV-t9RYznnm7LBRNeteaVdxGW-Aerz84i_o5FIz6WsVwtlLZz92MKNIUJkO[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\G12BKLE7\GyEc6lAhJ5ePEFD6exRj4h-d-JpEQCwc361O3u1zfFDdS2FAQdmLizLyM5mp5fwRT8y6SgQryxWIzcDIVpD1OdEnkgXeOsx6FiEiQmAtv zr64J2F51NucXCemtOHIBG9W7RsfwGdvi72J7llYa6BrKrKolA97oUbbp4G6bDg5[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\G12BKLE7\lGytsW1dnIxczLSlXqjroIgwZ5UdWM6rWhcCaZSQtQe_dAlWLRkinETFeter6GAqbQTlsDLfm0v E3XdYjFs6BwN7DwyvQYebtPzWc6wCVsxsRaEVHGVjZZEd1fC63xqZ_31yoZT9lET_9n-U_iZWVBQ-3FLB23_66qHtxeBSN[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\55VTKSQT\8hZ-S9ZB39_ZWyH01yCgOoYWREogSOwOVFm_IThypKAELpoXKzo_MeoZNVaZb9CVVA-p_CG8S0__8WtuX7cIIce67V8bfLSTzNp0eIPv6YTafJ1FsXWxPgFzeP2WtIBfa5FN78FIJM6--b2klUB1wDj3Jee6u96tjLZ-zy2dL[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\55VTKSQT\eetUnqQ-vzsrER1yEr291IJUit-N3CnqOJ25Mt3lqpStuzjz1BjK3rZZps9yJhRfbirL3g7NCtVPlmtRzFRQEfbp_U4DubjS4CbHLJ5bPyo sXOqKDp-wuNWahKzMiikkNUbkkiZX24DoLhLWiO9ZxVaGkvyQ5BSQds6WiiaPj[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\55VTKSQT\QAEi37xasuvzbfcNWxCh1KEW3UbxpezgdinmicL8EB1RjTc8CpeZCTzaHDcrG7yvfo9H-StEB4PYPnOouemExdvtp471X5zaTUuwLorLw5e5eL39j6JB6aZPAxEBsc7rvTf79efeUZtHsLQSjhfgG uTScrF-iEs5b_OzdgicQ[1].gif scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\55VTKSQT\sbpal2oRYt3i_j6bkPruJHHABZUg0jnalAoF2OyUz1X4d5opeG8UKlLRz97Zrs0lKxpo8CrtdOu ZkLoBqDbTVGaPEKxGzZOgW9AXR1V0A5C_iU99NXF9YBsmTlZpmX85vHsNoE0fIyHEu3DX3Jt4fSCpflk a SRqLYYS93MZMs[1].gif scheduled to be deleted on reboot. ->Temp folder emptied: 313224419 bytes ->Temporary Internet Files folder emptied: 140283914 bytes User: jonathan ->Temp folder emptied: 359 bytes ->Temporary Internet Files folder emptied: 22878169 bytes User: LocalService ->Temp folder emptied: 0 bytes File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2142714 bytes %systemroot%\System32 .tmp files removed: 2577 bytes Windows Temp folder emptied: 54481044 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 508,38 mb OTM by OldTimer - Version 3.0.0.6 log created on 08292009_160446 Files moved on Reboot... File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\W5AFGTAF\dB9ZzL8sHPhUjwhwFwBgcIT65MSR6lhk8_8jAfGMWC1u7p1-9Rx1wB3VUZNz47yNd7R7Q8zgZG1wJbH1pHfg0SWz1XTCGxcEhq2El89SftTDPWV8hc2gz_JlldsEFRcB dOWm548Ol2UcFhm9rynEWySrwkS-6YskUytAswCIY[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\W5AFGTAF\oDcFJka3T9OjMJ6JPh0e4p2cEotAMGnLiMP_7bzty5ImYYamAvkbXzZCerFRBPcNPTL8t7Pj5SI xahNsliNrIYFRdcOm5pOZ5-Mq8mV-rwnaBTJEnHk1bjJgKB63shej8FG8iyYKrycVbQsmIdFcibXL7OgRNX042tPx1kIGv[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\GDMN4PE7\cy3K4--8ktC3KExNKmaDd6Uv_SCfQryFA4odaATIzQqr1Nb3MfCEypkdSj1JlhT8_2M8n5vv0-v8VN_BDXHCnvf638vfB9cggWFYrhIh8VCMi9PaVTtfCq2IRXYQM02QcbV54xe-naRtBsLE-siVYaP6Up94nuiNF2Ij9ukAr[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\GDMN4PE7\cy3K4--8ktCRlqc7HOiTLcxB6y-35vVdzu08UJNJTJuaVGYbTymDogshLsryMVqVl3LXjtJFOikOGDARCHZtm2DjvJ-kuWWUg_M_RTJRYIrzWbaDmhWqVvxXv-Ds5hkxyz5qkRaMEgu_YtTs6kM4p9mnUFmDRbaVbLbAEmPBr[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\GDMN4PE7\soXc4eVpkw_g16Ohpw1iVfGXHemZmG9PiM2VRoaC8mf3ueQmw9pWPDFue24SiMJCDRLdR4Py1VJ-tqRDTm2KH2jMZujRgw_p4TN1fn_qXnQ9ETqbcu1cDvzovcGxrTWSW7b4zvbwssGLkgfyqcUpgiXx4Qu3 il6pxEdKIYX8N[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\GDMN4PE7\Ug4aAqQP9o8cvANcyOZTUW_2gzLYd1ncuzVa9hjmh34F2lT9z4e3LvhdDYbzpZ-_XPoxXNxSB-Eo3pugl9EuS1etI1dpIXwg6bmzowHtWIyJp1oV-t9RYznnm7LBRNeteaVdxGW-Aerz84i_o5FIz6WsVwtlLZz92MKNIUJkO[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\G12BKLE7\GyEc6lAhJ5ePEFD6exRj4h-d-JpEQCwc361O3u1zfFDdS2FAQdmLizLyM5mp5fwRT8y6SgQryxWIzcDIVpD1OdEnkgXeOsx6FiEiQmAtv zr64J2F51NucXCemtOHIBG9W7RsfwGdvi72J7llYa6BrKrKolA97oUbbp4G6bDg5[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\G12BKLE7\lGytsW1dnIxczLSlXqjroIgwZ5UdWM6rWhcCaZSQtQe_dAlWLRkinETFeter6GAqbQTlsDLfm0v E3XdYjFs6BwN7DwyvQYebtPzWc6wCVsxsRaEVHGVjZZEd1fC63xqZ_31yoZT9lET_9n-U_iZWVBQ-3FLB23_66qHtxeBSN[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\55VTKSQT\8hZ-S9ZB39_ZWyH01yCgOoYWREogSOwOVFm_IThypKAELpoXKzo_MeoZNVaZb9CVVA-p_CG8S0__8WtuX7cIIce67V8bfLSTzNp0eIPv6YTafJ1FsXWxPgFzeP2WtIBfa5FN78FIJM6--b2klUB1wDj3Jee6u96tjLZ-zy2dL[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\55VTKSQT\eetUnqQ-vzsrER1yEr291IJUit-N3CnqOJ25Mt3lqpStuzjz1BjK3rZZps9yJhRfbirL3g7NCtVPlmtRzFRQEfbp_U4DubjS4CbHLJ5bPyo sXOqKDp-wuNWahKzMiikkNUbkkiZX24DoLhLWiO9ZxVaGkvyQ5BSQds6WiiaPj[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\55VTKSQT\QAEi37xasuvzbfcNWxCh1KEW3UbxpezgdinmicL8EB1RjTc8CpeZCTzaHDcrG7yvfo9H-StEB4PYPnOouemExdvtp471X5zaTUuwLorLw5e5eL39j6JB6aZPAxEBsc7rvTf79efeUZtHsLQSjhfgG uTScrF-iEs5b_OzdgicQ[1].gif not found! File C:\Documents and Settings\isabelle\Local Settings\Temp\Temporary Internet Files\Content.IE5\55VTKSQT\sbpal2oRYt3i_j6bkPruJHHABZUg0jnalAoF2OyUz1X4d5opeG8UKlLRz97Zrs0lKxpo8CrtdOu ZkLoBqDbTVGaPEKxGzZOgW9AXR1V0A5C_iU99NXF9YBsmTlZpmX85vHsNoE0fIyHEu3DX3Jt4fSCpflk a SRqLYYS93MZMs[1].gif not found! Registry entries deleted on Reboot...

Merci Pear... Je vais commencer les démarches montrées, tout de suite. vous pouvez me dire pourquoi kaspersky ne me montre que tout ca dans son rapport d'évènement??

voila : Logfile of random's system information tool 1.06 (written by random/random) Run by isabelle at 2009-08-29 08:04:58 Microsoft Windows XP Professional Service Pack 2 System drive C: has 66 GB (86%) free of 76 GB Total RAM: 1023 MB (54% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:05:35, on 2009-08-29 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\isabelle\Local Settings\Temporary Internet Files\Content.IE5\2TEPC7K7\RSIT[1].exe C:\isabelle.exe O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Crawler Search - tbr:iemenu O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 3936 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}] C:\PROGRA~1\Crawler\ctbr.dll [2009-08-10 1218560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2007-06-28 218376] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-08-19 282624] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-07-08 7110656] "SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-08-23 2171904] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] "SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-08-23 3055616] C:\Documents and Settings\isabelle\Start Menu\Programs\Startup Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2007-06-28 206088] ________________________________________________________________________________ ____________________________________________ info.txt logfile of random's system information tool 1.06 2009-08-29 08:05:40 ======Uninstall list====== -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001} Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001} Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D} Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001} Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9 Canon Camera Access Library-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini" Canon Camera Support Core Library-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini" Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini" Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini" Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini" Canon G.726 WMP-Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini" Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini" Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini" Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini" Canon Utilities EOS Utility-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini" Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini" Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini" Crawler Toolbar with Web Security Guard-->C:\PROGRA~1\Crawler\CToolbar.exe uninst HijackThis 2.0.2-->"C:\HijackThis.exe" /uninstall Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF} Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF} LastChaos-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0AF3FEAE-B651-4421-97EF-4808A588B4E5}\setup.exe" -l0x9 -removeonly LimeWire 5.2.13-->"C:\Program Files\LimeWire\uninstall.exe" NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" QuickTime-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036 Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe" =====HijackThis Backups===== O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-16] O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-16] O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 [2009-08-16] O4 - HKLM\..\Run: [nwiz] nwiz.exe /install [2009-08-16] O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2009-08-16] O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll [2009-08-16] O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2009-08-16] O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [2009-08-16] O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll [2009-08-16] O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE [2009-08-16] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [2009-08-16] O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [2009-08-16] O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\isabelle\Start Menu\Programs\IMVU\Run IMVU.lnk [2009-08-16] O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2009-08-16] O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm [2009-08-16] O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-16] O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-16] O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2009-08-16] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe [2009-08-16] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2009-08-16] O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll [2009-08-16] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe [2009-08-16] O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-16] O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-16] O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm [2009-08-16] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [2009-08-16] O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2009-08-16] O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-16] O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-16] ======Security center information====== AV: Kaspersky Internet Security FW: Kaspersky Internet Security ======System event log====== Computer Name: HOME-87E12213AD Event Code: 59 Message: Generate Activation Context failed for C:\Program Files\LimeWire\lib\jacob-1.14.3-x86.dll. Reference error message: The operation completed successfully. . Record Number: 194 Source Name: SideBySide Time Written: 20090815105802.000000-420 Event Type: error User: Computer Name: HOME-87E12213AD Event Code: 59 Message: Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . Record Number: 193 Source Name: SideBySide Time Written: 20090815105802.000000-420 Event Type: error User: Computer Name: HOME-87E12213AD Event Code: 32 Message: Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. Record Number: 192 Source Name: SideBySide Time Written: 20090815105802.000000-420 Event Type: error User: Computer Name: HOME-87E12213AD Event Code: 36 Message: The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized. Record Number: 178 Source Name: W32Time Time Written: 20090814150121.000000-420 Event Type: warning User: Computer Name: HOME-87E12213AD Event Code: 60055 Message: Windows Setup encountered non-fatal errors during installation. Please check the setuperr.log found in your Windows directory for more information. Record Number: 9 Source Name: Setup Time Written: 20090813232032.000000-420 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2f02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------

Merci de votre reponse... je suis quand meme sidérée, parce que mon pc est vraiment à son plus mal :/ j'essaie ce que vous m'avez dit de faire et je reviens poster le tout... merci encore de tout coeur pour votre temps et a tres bientot ^^ Isabelle

Bonjour a tous... je suis sous windows XP... depuis quelques temps, j'ai de serieux ennuis avec mon pc et je ne peux meme plus répondre à mes courriels, mon pc est extremement lent, ect... bref... j'ai scanné mon pc au complet avec kaspersky, spybot-search and destroy (qui n'ont rien détectés), puis finalement avec spyware terminator qui a trouvé 4 infections dont 2 trojan.patched.GR.6 and 2 cookie trackings ( o_O ) . J'ai, dans un premier temps, scanné mon pc et envoyé un rapport d'analyse complète au support technique de spyware terminator, qui m'a envoyé une marche a suivre en ''save mode'' pour réanalyser mon pc puis de mettre en quarantaine ce qui avait lieu d'etre retiré... malheureusement, il me reste toujours un trojan.patched dans mon ordi... et bien que j'ai envoyé mon 2e rapport , apres la mise en quarantaine comme demandé par le support technique, ils ne cessent de me renvoyer encore et encore la meme marche a suivre qui ne suffit pas a retirer le virus qui reste... voici donc les deux derniers rapports ( 1. spyware terminator et 2. highjackthis) : 1)spyware terminator Logfile of Spyware Terminator v2.5.9.223 (db:3.008.027.000) Scan Time: 2009-08-27 19:00:53 length: 47 s Platform: WXP (5.1.0.2600) User: Admin Boot Mode: Normal Scan type: Fast_Spyware_Scan Scanned Objects: 46244 (Critical:1) Filter: No System items, No Safe items, No Invalid items Running Processes avp.exe [Kaspersky Lab] : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe nvsvc32.exe [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe CALMAIN.exe [Canon Inc.] : C:\Program Files\Canon\CAL\CALMAIN.exe avp.exe [Kaspersky Lab] : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe HijackThis.exe [Trend Micro Inc.] : C:\HijackThis.exe Internet Settings R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain = R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName = StartUps 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AVP : [Kaspersky Lab] : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe Shell Extensions Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll - {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll Statistiques d’Anti-Virus Internet - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - [Kaspersky Lab] : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll Services 23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS 23 - [Kaspersky Lab] : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe 23 - [Canon Inc.] : C:\Program Files\Canon\CAL\CALMAIN.exe 23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvata.sys 23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 23 - [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe 23 - [Crawler.com] : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys Advanced Files Report %PROGRAMFILES%\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=65DCD932B54FFACB748B3DFC715CFDC2 SIZE=91400 %PROGRAMFILES%\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=33FCC52971C12B6EDCED3E7F1E717E7E SIZE=91400 %PROGRAMFILES%\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=2812CCA795BF75BA201252C728F92787 SIZE=95496 %SYSDIR%\nvsvc32.exe [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 77.74] MD5=153C0BA143A174B38CB06338C6EF4CC5 SIZE=127043 %PROGRAMFILES%\Canon\CAL\CALMAIN.exe [Canon Inc.] MD5=20F89E232173985A455BC9A5F70D1166 SIZE=96341 %PROGRAMFILES%\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=E1A195577A9447A7A0B06EA3C056C286 SIZE=161032 %SystemDiskRoot%\HijackThis.exe [Trend Micro Inc.] [HijackThis] MD5=C4CA7416A6DF6D95075F81D9E3B41AD1 SIZE=396288 %PROGRAMFILES%\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=5EAB075DA506344C59EB9FC795E26E2A SIZE=34056 %PROGRAMFILES%\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=E839429A75ECF00B5BCE8C738EB3D2C0 SIZE=95496 %PROGRAMFILES%\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=D1823B6A0673D46189D8A1C0F22E10FB SIZE=283912 %PROGRAMFILES%\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=DA48FF384BB1D1771EB9259596FC54DF SIZE=147456 %PROGRAMFILES%\kaspersky lab\kaspersky internet security 7.0\params.ppl [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=F3838DEF59B8D47E9D90435F457823C6 SIZE=442368 %PROGRAMFILES%\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=DC4B4AD3C268C439EFDFC1766D0BAAA7 SIZE=23040 %PROGRAMFILES%\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=C5AB3E738071258B066859C7CE2A218E SIZE=9728 %PROGRAMFILES%\kaspersky lab\kaspersky internet security 7.0\nfio.ppl [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=5094B278016B25AA705DD2D29B3ED968 SIZE=86016 %PROGRAMFILES%\kaspersky lab\kaspersky internet security 7.0\fsdrvplg.ppl [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=480D0AAF933AEC7AAD144B4F8B47D330 SIZE=18944 %PROGRAMFILES%\kaspersky lab\kaspersky internet security 7.0\basegui.ppl [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=1BFD2FB862C46F7127D313BD9F60C74C SIZE=729088 %PROGRAMFILES%\kaspersky lab\kaspersky internet security 7.0\thpimpl.ppl [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=C5C80E4BAEB4383CC3324EC8A2787CEA SIZE=19968 %PROGRAMFILES%\kaspersky lab\kaspersky internet security 7.0\FSSync.dll [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=27D174F6B106E541246B27C534BAFF7C SIZE=37640 %PROGRAMFILES%\kaspersky lab\kaspersky internet security 7.0\winreg.ppl [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=7E99499F58C9A80211BC8F9673B6493C SIZE=25088 %SYSDIR%\Macromed\Flash\Flash10c.ocx [Adobe Systems, Inc.] [shockwave Flash] MD5=43C6ACDFB92A18C3E516E6BD5F1ACD51 SIZE=3979680 deskpan.dll %SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 105.29] MD5=14982B1B34A1DBEEFC7648FC81599777 SIZE=466944 %PROGRAMFILES%\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll [Kaspersky Lab] [Kaspersky Anti-Virus] MD5=A89F8FCE1FFEDAFD910B26783DB1CC5A SIZE=222472 %SYSDIR%\drivers\ALCXWDM.SYS [Realtek Semiconductor Corp.] [Windows ® WDM driver for Realtek AC'97 Audio(HRTF data Copyright 1994 by MIT Media Lab)] MD5=F5D4D3899E16E1F75398297844386226 SIZE=2304320 %SYSDIR%\svchost.exe -k netsvcs %SYSDIR%\svchost -k DcomLaunch %SYSDIR%\svchost.exe -k NetworkService %SYSDIR%\svchost.exe -k HTTPFilter %SYSDIR%\svchost.exe -k LocalService %SYSDIR%\DRIVERS\nvata.sys [NVIDIA Corporation] [NVIDIA nForce IDE Driver] MD5=DCE353985C988BFB7E84FD942068151F SIZE=92800 %SYSDIR%\DRIVERS\NVENETFD.sys [NVIDIA Corporation] [NVENETFD] MD5=720CC533EECB65553BD86B139CA04433 SIZE=33536 %SYSDIR%\DRIVERS\nvnetbus.sys [NVIDIA Corporation] [NVNETBUS] MD5=5F9F545CC5904DD8765F84EE1D056406 SIZE=12928 %SYSDIR%\svchost -k rpcss %SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592 %SYSDIR%\svchost.exe -k imgsvc End of Report 2) hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:52:40, on 2009-08-27 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe C:\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Crawler Search - tbr:iemenu O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 3829 bytes merci de votre aide

Moi J'ai Lauyan TOWeb... http://www.lauyan.com/fr/tw-home/index.html cest gratuit si tu ne télécharge que la version de base

Bon... J'ai enfin reussi a savoir ce qui clochait en cherchant tout ce qui avait pu etre endommagé dans mon ordinateur... Il n'y a pas si longtemps, jai eu toute une gamme de virus, dont des Trojans , (Adviva, Avenue A.Inc, Bluestreak, Doubleclic, FastClick, MediaPlex, Statcounter et Zedo...) qui revenaient le lendemain, meme si je les avaient "deletés" la veille... Ils se remettaient a chaque redemarrage de Windows... J'avais plusieurs choses qui avaient été endommagées par ces virus : Windows Genuine Advantage Validation Tool (2 fois), MSN Photo upload (3fois), Shockwav ActiveX Control (2 fois), Java Runtime Environment 1.6.0 (1 fois), et Shockwav Flash Object (1 fois)... Cetait veritablement l'enfer... Je ne pouvais plus rien faire sur mon pc a part du MSN Les virus ont tout simplement désactiver ces fonctions sur mon ordinateur, changer les configurations de mon ordi, en me faisant croire que les programmes n'étaient plus là, ou endommagés... Quels batards ces virus!!! J'ai eu tout simplement a aller dans : IE/Outils/Options Internet/Sécurité (onglet)/Personnaliser le niveau ..... ensuite, le tout etait de réactiver TOUTES les fonctions SCRIPT... des heures de plaisir!!! Merci a moi... oh mais de rien a toi.... oh mais de rien, merci....

sil vous plait?.....

erreur de manipulation desolée....

quand j'essaie d'aller sur hotmail, ca va... mais quand j'entre mon mot de passe je tombe sans cesse sur une page blanche... je vais ensuite sur outils/diagnostiquer les problemes de connections... ca me dit q

en attente dune reponse sil vous plait... aidez moi pitié!!!!!!!!

est ce quil faut que jattende que narco4 soit la pour pouvoir resoudre mon probleme? desolée je suis nouvelle ici, je sais vraiment pas... merci beaucoup de prendre le temps de me repondre sil vous plait... bonne journée a tous et a toutes.

dsl je nai pas eu de nouvelles de vous

je te renvoie un rapport après avoir recommencer les manoeuvres dites.... dis moi ce que tu en penses..... merci davance. Logfile of HijackThis v1.99.1 Scan saved at 15:29:35, on 2007-01-29 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe C:\Program Files\DriveCleaner 2006 Free\udc6cw.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\wuauclt.exe C:\unzipped\hijackthis\Scanner.exe.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: (no name) - {45A4902E-4479-4EAE-A186-8D0F7E4C78DE} - C:\Program Files\Starware316\bin\Starware316.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing) O3 - Toolbar: Starware Screensavers Toolbar - {9FB3908C-6565-4CB0-95F8-E9F85258723C} - C:\Program Files\Starware316\bin\Starware316.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe" /min O4 - HKLM\..\Run: [sDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe" O4 - HKLM\..\Run: [udc6cw] "C:\Program Files\DriveCleaner 2006 Free\udc6cw.exe" -c O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

je suis vraiment embêtée.... par ou dois je recommencer sil te plait?

tiens jespere que c ca lolll Logfile of HijackThis v1.99.1 Scan saved at 18:24:27, on 2007-01-25 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe C:\Program Files\DriveCleaner 2006 Free\udc6cw.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Media Player\wmplayer.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe C:\unzipped\hijackthis\Scanner.exe.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: (no name) - {45A4902E-4479-4EAE-A186-8D0F7E4C78DE} - C:\Program Files\Starware316\bin\Starware316.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing) O3 - Toolbar: Starware Screensavers Toolbar - {9FB3908C-6565-4CB0-95F8-E9F85258723C} - C:\Program Files\Starware316\bin\Starware316.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe" /min O4 - HKLM\..\Run: [sDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe" O4 - HKLM\..\Run: [udc6cw] "C:\Program Files\DriveCleaner 2006 Free\udc6cw.exe" -c O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

Rapport Navipromo.bat 0.71 effectué le 2007-01-25 à 20:27:35.92 L'opération se déroule en mode sans échec sous le compte "utilisateur" ** Recherche... Fin du rapport de recherche Adware Navipromo non trouvé avec cette méthode Engagement de la méthode Heuristique Rapport Navipromo.bat 0.72 effectué le 2007-01-25 à 20:27:36.12 L'opération se déroule en mode sans échec sous le compte "utilisateur" ## Suppression Heuristique ------------- Rapport Navipromo.bat 0.71 effectué le 2007-01-25 à 20:27:53.78 L'opération se déroule en mode sans échec sous le compte "utilisateur" ** Recherche... Fin du rapport de recherche Adware Navipromo non trouvé avec cette méthode Engagement de la méthode Heuristique Rapport Navipromo.bat 0.72 effectué le 2007-01-25 à 20:27:53.85 L'opération se déroule en mode sans échec sous le compte "utilisateur" ## Suppression Heuristique * Backups : Aucun résultat par la recherche heuristique ## Fin du rapport Heuristique ------------- Rapport Navipromo.bat 0.72 effectué le 2007-01-25 à 20:28:52.26 L'opération se déroule en mode sans échec sous le compte "utilisateur" ## Suppression Heuristique * Backups : Aucun résultat par la recherche heuristique ## Fin du rapport Heuristique

je pouvais pas vraiment savoir dsl!!! je suis nouvelle c la premiere fois que je viens ici

jai fais ce que vous maviez dit de faire... jsuis devenue une vraie pro!!!!! lollll je me demandais, vu que je navais plus de nouvelles de vous, si les etapes a faire etaient bien terminées mon ordi a repris du poil de la bete en un rien de temps (juste le temps de me scraper la vue a essayer de déchiffrer ce vrai jargon informatique, en fait) lolllll je ne vous ai pas remercié pendant que je mettais en application vos directives, je ne savais pas que je pouvais vous ecrire en vous envoyant les rapports c pas fort dsl rappellez moi de flusher mon petit ami ( celui qui a downloader des cochonneries qui mont infectée!!!! enfin, pas MOI (infectée), mais lordi) lollllll je vais vous épouser dsl c lémotion lollll merci pour tout xxxxxxx vous etes un AS!!!!!!!!!!!!!!!!!

Logfile of HijackThis v1.99.1 Scan saved at 18:24:27, on 2007-01-25 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe C:\Program Files\DriveCleaner 2006 Free\udc6cw.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Media Player\wmplayer.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe C:\unzipped\hijackthis\Scanner.exe.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: (no name) - {45A4902E-4479-4EAE-A186-8D0F7E4C78DE} - C:\Program Files\Starware316\bin\Starware316.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing) O3 - Toolbar: Starware Screensavers Toolbar - {9FB3908C-6565-4CB0-95F8-E9F85258723C} - C:\Program Files\Starware316\bin\Starware316.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe" /min O4 - HKLM\..\Run: [sDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe" O4 - HKLM\..\Run: [udc6cw] "C:\Program Files\DriveCleaner 2006 Free\udc6cw.exe" -c O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

SmitFraudFix v2.135 Rapport fait à 18:06:11.96, 2007-01-25 Executé à partir de C:\Documents and Settings\utilisateur\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{fa19bd7e-50bc-4203-80ac-c4edc81ca9a3}"="hirtellous" [HKEY_CLASSES_ROOT\CLSID\{fa19bd7e-50bc-4203-80ac-c4edc81ca9a3}\InProcServer32] @="C:\WINDOWS\system32\nbbrhbd.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{fa19bd7e-50bc-4203-80ac-c4edc81ca9a3}\InProcServer32] @="C:\WINDOWS\system32\nbbrhbd.dll" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri C:\WINDOWS\system32\nbbrhbd.dll -> Hoax.Win32.Renos.gen.i C:\WINDOWS\system32\nbbrhbd.dll -> Deleted »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\DOCUME~1\UTILIS~1\Favoris\Online Security Test.url supprimé C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url supprimé C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url supprimé C:\Program Files\AntiVerminser\ supprimé C:\Program Files\Video ActiveX Object\ supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

SmitFraudFix v2.135 Rapport fait à 17:31:35.65, 2007-01-25 Executé à partir de C:\Documents and Settings\utilisateur\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\nbbrhbd.dll PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\utilisateur »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\utilisateur\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url PRESENT ! C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\UTILIS~1\Favoris C:\DOCUME~1\UTILIS~1\Favoris\Online Security Test.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\AntiVerminser\ PRESENT ! C:\Program Files\Video ActiveX Object\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{fa19bd7e-50bc-4203-80ac-c4edc81ca9a3}"="hirtellous" [HKEY_CLASSES_ROOT\CLSID\{fa19bd7e-50bc-4203-80ac-c4edc81ca9a3}\InProcServer32] @="C:\WINDOWS\system32\nbbrhbd.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{fa19bd7e-50bc-4203-80ac-c4edc81ca9a3}\InProcServer32] @="C:\WINDOWS\system32\nbbrhbd.dll" »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

bonjour a vous.... je vous ecrits dans le but que vous puissiez me donner un coup de main. jai remarqué ce matin que mon copain avait été sur des sites pour adultes sur mon ordinateur hier... il l'a infecté avec un trojan-spy.win32@mx Moi, personnellement, jy connais rien, mais il y a dans ma barre doutils un petit triangle jaune avec un point dexclamation noir dedans, qui me le répète inlassablement.... mon ordi est archi lent, il y a 36000 systemes anti-virus qui tentent de s'installer, pas capable de men débarasser!!! meme explorer me lache!!! jai la version gratuite de AVG (scanner antivirus). je nai mon ordinateur que depuis 10 jours!! est ce que je dois aller macheter un antivirus neuf ou est ce que vous avez une solution pour moi? (si javais eu une carte de credit, il maurait été bien facile de régler mon probleme; jai plus plus de propositions dantivirus différents que de proposition à aller au resto!!!!!!!) lollll merci a lavance pour vos bons conseils et bonne journée a tous et a toutes