ludwik

merci beaucoup pour ton aide ludwik

salut si tu as le meme probleme je pense qu'il faut tu fasses comme moi regarde depuis le debut du sujet et post ton rapport en attendant que quelqu'un qui s'y connais l'analyse

voici le nouveau rapport: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, March 01, 2007 11:41:46 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 1/03/2007 Kaspersky Anti-Virus database records: 259588 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ Scan Statistics: Total number of scanned objects: 289335 Number of viruses found: 0 Number of infected objects: 0 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:27:03 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-03-01_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\ludwik\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped C:\Documents and Settings\ludwik\Cookies\index.dat Object is locked skipped C:\Documents and Settings\ludwik\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\ludwik\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\ludwik\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\ludwik\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\ludwik\Local Settings\Historique\History.IE5\MSHist012007030120070302\index.dat Object is locked skipped C:\Documents and Settings\ludwik\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\ludwik\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\ludwik\NTUSER.DAT Object is locked skipped C:\Documents and Settings\ludwik\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-02-28.20-26-19.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDALRT.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDCON.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDDBG.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDFW.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDIDS.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDSYS.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVApp.log Object is locked skipped C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVError.log Object is locked skipped C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVVirus.log Object is locked skipped C:\Program Files\Norton SystemWorks\Norton AntiVirus\Savrt235NAV~.TMP Object is locked skipped C:\Program Files\Norton SystemWorks\Norton AntiVirus\Savrt649NAV~.TMP Object is locked skipped C:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{C4899A7A-1F4F-4A94-BE8A-5084CE7FC8C5}\RP411\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeysbfcaf3156083e02d13bb11bc8a29085_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeyseeb23361786b687e40ce8c1402713d1_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\16b150ad9198a35148e4de40896e56e0_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\17bdc0bfd97ffdcc795a9e9865aaf93c_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\17db66450ca2bf31edaaef049af394bd_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b102a88a12c4fb1cc30c7e55746bc8f_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\21e3492e298116b1768d0c39c985b610_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\26690e8050e35e254436f27ef0bc6c81_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2b366fd66641a417652da8f8a4a47ad4_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3512c70c3dc87a47d643199d2df6654d_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d00a89bc30970f9978ca74db2f0431d_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3dbaf8c67510a10c01da002fc41d53db_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4166517cebb51686b0fa8ded90eca25b_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\510886668c235ed28605bda76c6794cc_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\51f37d2bf6264187cb087d3cb73c11bb_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\544400c2968fea99d7a9dc18cd209071_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\58aaf4b4c593f7d20cde6e3d7367581e_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5d6f019bd13fc3793b4c69583f6d9f17_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5d8c1e5ecd67fc27ac0bec80c53b313b_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5daf1aac53f973cead09d1e346d86d94_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\61565b9560fcbaad8db7d19fa54ede0c_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\660cbce9b2270c0ba250ca45db512e53_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\756c81abfb1934129f1128eaf15c5a41_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7bef09099e982fd20838cda8b8d2a910_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7c0e54adc8e062e79fadc87ae7432259_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\83daadebd99908ba46132d59ce2ef143_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\84344a917cc66504a8773117daf4306d_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8ed30d917f9c0056962f9e30b09acb99_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\98b486f50f55028e2edf00414197dfa2_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a5e9be4b629e494e2fd95156b4d398e6_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b342689f6d1de938b5dd6b662c9a437b_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b7d85a7654c97c5bca6251741342cf36_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c76d13208ce4aea0af6795e8ffb1411e_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d1413b3ed5a472bfa110710eb5c69752_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d9c98d2067c5b2a64339686e8d9c512d_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e9acbc89052a113392fcffecfeaccf85_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ee891dada5d96dfb013ed41ea5d75db8_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fa40e8c1fde079bf4b195b50fa7f3708_91ade756-00ea-4141-83dc-cc73b33e6c48 Object is locked skipped D:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped D:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped D:\System Volume Information\_restore{C4899A7A-1F4F-4A94-BE8A-5084CE7FC8C5}\RP411\change.log Object is locked skipped E:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{C4899A7A-1F4F-4A94-BE8A-5084CE7FC8C5}\RP411\change.log Object is locked skipped G:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped G:\System Volume Information\_restore{C4899A7A-1F4F-4A94-BE8A-5084CE7FC8C5}\RP411\change.log Object is locked skipped Scan process completed.

bon apparament cela n'est encore fini mais bon il ne reste que ces trois virus il faut que te laisse et je te remerci de m'avoir aider je serais la demain a partir de 14h30 merci et passe une bonne soirée Amicalement Ludwik

Incident Statut Analyse Spyware:Cookie/Winantivirus No Désinfecté C:\RECYCLER\S-1-5-21-1659004503-1004336348-725345543-1004\Dc1347.txt Spyware:Cookie/Xiti No Désinfecté C:\RECYCLER\S-1-5-21-1659004503-1004336348-725345543-1004\Dc1644.txt Spyware:Cookie/Advnt No Désinfecté C:\RECYCLER\S-1-5-21-1659004503-1004336348-725345543-1004\Dc1693.txt

--------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 20:14:51 28/02/2007 + Résultat de l'analyse: Rien à signaler. Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 20:29:18, on 28/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\UAService7.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\DOCUME~1\ludwik\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe 02/28/07 20:31:20 [info]: BlackLight Engine 1.0.55 initialized 02/28/07 20:31:20 [info]: OS: 5.1 build 2600 (Service Pack 2) 02/28/07 20:31:20 [Note]: 7019 4 02/28/07 20:31:20 [Note]: 7005 0 02/28/07 20:31:23 [Note]: 7006 0 02/28/07 20:31:23 [Note]: 7011 1776 02/28/07 20:31:23 [Note]: 7026 0 02/28/07 20:31:23 [Note]: 7026 0 02/28/07 20:31:33 [Note]: FSRAW library version 1.7.1021 02/28/07 20:36:26 [Note]: 7007 0 pour le moment je n'ai pas encore eu de pub intempestive,cela veut dire que l'ordinateur n'est plus infecté??

02/28/07 07:33:11 [info]: BlackLight Engine 1.0.55 initialized 02/28/07 07:33:11 [info]: OS: 5.1 build 2600 (Service Pack 2) 02/28/07 07:33:11 [Note]: 7019 4 02/28/07 07:33:11 [Note]: 7005 0 02/28/07 07:33:19 [Note]: 7006 0 02/28/07 07:33:19 [Note]: 7011 1764 02/28/07 07:33:20 [Note]: 7026 0 02/28/07 07:33:20 [Note]: 7026 0 02/28/07 07:33:20 [Note]: 7024 3 02/28/07 07:33:20 [info]: Hidden process: C:\windows\system32\pkmvqsmwas.exe 02/28/07 07:33:21 [Note]: FSRAW library version 1.7.1021 02/28/07 07:35:49 [info]: Hidden file: c:\WINDOWS\system32\pkmvqsmwas.dat 02/28/07 07:35:49 [Note]: 10002 1 02/28/07 07:35:49 [info]: Hidden file: C:\windows\system32\pkmvqsmwas.exe 02/28/07 07:35:49 [Note]: 10002 1 02/28/07 07:35:49 [info]: Hidden file: c:\WINDOWS\system32\pkmvqsmwas_nav.dat 02/28/07 07:35:49 [Note]: 10002 1 02/28/07 07:35:49 [info]: Hidden file: c:\WINDOWS\system32\pkmvqsmwas_navps.dat 02/28/07 07:35:49 [Note]: 10002 1 02/28/07 07:41:43 [Note]: 7007 0

ce soir je serais la vers 5h30 afin de continuer

par contre je n'ai aucun fichier de blacklight je n'ai que ca pkmvqsmwas.exe none pkmvqsmwas.dat none pkmvqsmwas_nav.dat none pkmvqsmwas_navps.dat none et voici le nouveau rapport: Logfile of HijackThis v1.99.1 Scan saved at 07:44:42, on 28/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\UAService7.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Messenger\msmsgs.exe C:\DOCUME~1\ludwik\LOCALS~1\Temp\Répertoire temporaire 3 pour hijackthis[1].zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

Logfile of HijackThis v1.99.1 Scan saved at 22:59:34, on 27/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\UAService7.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Messenger\msmsgs.exe C:\DOCUME~1\ludwik\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis[1].zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe attends un peu je fais la suite et merci encore pour ton aide

bonsoir a tous, Voila deja quelque semaine j'ai plein de pubs x et autres qui apparaissent lorsque je surf sur internet malgres les conseilles que j'ai trouver sur d'autres forums,cela n'as pas resolu le probleme. Si uelqu'un pouvais perdre quelque minutes avec moi pour savoir ce qu'il faire car maintenant je commence a craquer car je suis vraiment nul en informatique. j'ai norton antivirus 2006 avec system premium adaware mais rien ne marche a priri je n'ai pas de virus mais d'ou ca vien alors ? s'il vous plait aidez moi!!!