pouet187

voilà le rapport hijackthis:Logfile of HijackThis v1.99.1 Scan saved at 21:42:52, on 11/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe C:\Program Files\Lexmark 1200 Series\lxczbmon.exe C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\System32\sistray.EXE C:\WINDOWS\System32\keyhook.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Pouet187\Bureau\HijackThis.exe R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [TSE_PLUtil] "C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [siS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EBAA6E0A-9363-4D7A-BD54-8A80312DC0A9}: NameServer = 85.255.116.103 85.255.112.214 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Voilà le rapport SDFix: SDFix: Version 1.83 Run by Pouet187 - ven. 11/05/2007 - 16:05:06,37 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\Pouet187\Bureau\sdfix\SDFix Safe Mode: Checking Services: Name: MSWinLogonProcService usbpda ImagePath: "C:\WINDOWS\winlogon.exe" -service %SystemRoot%\System32\svchost.exe -k netsvcs MSWinLogonProcService - Deleted usbpda - Deleted Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Missing Security Center Service Restoring Missing SharedAccess Service Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\LOCALS~1\TEMPOR~1\CONTENT.IE5\87IFQVI9\CAIS2U45.HTM - Deleted C:\WINDOWS\dsrss.exe - Deleted C:\WINDOWS\ieredir.exe - Deleted C:\WINDOWS\ieserver.exe - Deleted C:\WINDOWS\preredir.exe - Deleted C:\WINDOWS\system32\ib15.dll - Deleted C:\WINDOWS\system32\usbpda.dll - Deleted C:\WINDOWS\winlogon.exe - Deleted Removing Temp Files ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" Remaining Files: --------------- Backups Folder: - C:\DOCUME~1\Pouet187\Bureau\sdfix\SDFix\backups\backups.zip Checking For Files with Hidden Attributes: C:\WINDOWS\system32\config\default.tmp.LOG C:\WINDOWS\system32\config\software.tmp.LOG C:\WINDOWS\system32\config\system.tmp.LOG Finished J'ai installé aussi le sp2, sinon le pc va bien, je trouve qu'il est un peu lent au démarrage mais sinon après ça va. merci de ton aide

ok je ferai ça d'ici qque jours parce que là j'ai pas trop le temps avant samedi soir ou dimanche soir, merci en attendant.

désolé d'avoir mis autant de temps. voilà le rapport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 19:39:52, on 10/05/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\winlogon.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe C:\Program Files\Lexmark 1200 Series\lxczbmon.exe C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\System32\sistray.EXE C:\WINDOWS\System32\keyhook.exe C:\WINDOWS\System32\RunDll32.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\dsrss.exe C:\WINDOWS\ieredir.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\SPOOL\DRIVERS\W32X86\3\LXCZPSWX.EXE C:\WINDOWS\System32\SPOOL\DRIVERS\W32X86\3\LXCZJSWX.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\Pouet187\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ib15_27.CBrowserHelper - {1E6CE4CD-161B-4847-B8BF-E2EF72299D69} - C:\WINDOWS\System32\ib15.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [TSE_PLUtil] "C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [siS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Microsoft Windows Logon Process] C:\WINDOWS\winlogon.exe O4 - HKLM\..\Run: [WinSysModule] dsrss.exe O4 - HKLM\..\Run: [iE Redir] C:\WINDOWS\ieredir.exe O4 - HKLM\..\Run: [Microsoft Windows Session Manager Subsystem] C:\WINDOWS\smss.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EBAA6E0A-9363-4D7A-BD54-8A80312DC0A9}: NameServer = 85.255.116.103 85.255.112.214 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Windows Logon Process Service (MSWinLogonProcService) - Unknown owner - C:\WINDOWS\winlogon.exe" -service (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

bonjour Régis voilà j'ai fais les manipulations et remis windows sp1. que dois-je faire maintenant?

ok j'ai sonné à un copain il devrait me le prêter mais je le vois pas dans l'immédiat. je te tiens au courant. merci

le problème c'est que je n'ai pas reçu de cd d'installation avec mon pc.

# Copyright © 1993-1999 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost J'ai un autre problème, à mon avis du à une utilisation hasardeuse de regseeker, quand mon ordinateur passe en veille, l'écran devient noir avec une petite barre blanche clignotante en haut à gauche et quand je bouge la souris rien ne se passe et je dois éteindre et relancer l'ordi.

bonjour me voilà de retour, j'ai passé regseeker, mon ordi a l'air de bien se porter mais j'ai encore un problème: quand je vais sur un forum exemple zébulon, pour passer d'une page à l'autre je vois en bas qu'il se connecte d'abord à pagead2.googlesyndication.com et ça prends beaucoup plus de temps qu'avant et ça peu importe le forum. que peux-t-on faire à ça. Faut-il te faire de nouveausx rapport de qqchoses? merci

je ferai le nettoyage plus tard, là j'en ai un peu marre de nettoyer, télécharger, recommencer. Tu as bien de la patience pour toutça et surtout beaucoup de connaissances. C'est ton métier? moi je vais retourner un peu à ma mécanique. merci

je vais suivre cette manoeuvre. Dis, tu dois en avoir marre de mon pc?

oui ça me redirige parfois sur google. je viens encore de tester.

pour la mise à jour auto, j'ai suivi tes indications et tout était déjà comme il fallait.

bon cette fois j'espère que c'est le bon, j'ai cliqué sur le lien ci-dessus donc je pense que c'est le bon: SmitFraudFix v2.167 Rapport fait à 16:33:23,62, sam. 14/04/2007 Executé à partir de C:\Documents and Settings\Pouet187\Mes documents\smitfraudefix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{3BF77FF3-E054-4728-ADD0-B21EF95EECE1}"="COM+ Service" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{b292ec9f-a074-4115-8342-1f459702d8d2}"="characterizing" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{33453066-A3FD-4655-9548-E64304E3E735}: DhcpNameServer=85.255.116.103,85.255.112.214 HKLM\SYSTEM\CS1\Services\Tcpip\..\{33453066-A3FD-4655-9548-E64304E3E735}: DhcpNameServer=85.255.116.103,85.255.112.214 HKLM\SYSTEM\CS2\Services\Tcpip\..\{33453066-A3FD-4655-9548-E64304E3E735}: DhcpNameServer=85.255.116.103,85.255.112.214 HKLM\SYSTEM\CS2\Services\Tcpip\..\{EBAA6E0A-9363-4D7A-BD54-8A80312DC0A9}: NameServer=85.255.116.103 85.255.112.214 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{3BF77FF3-E054-4728-ADD0-B21EF95EECE1}"="COM+ Service" »»»»»»»»»»»»»»»»»»»»»»»» Fin

voilà le rapport smitfraudfix, j'ai fais les mises à jour: SmitFraudFix v2.127 Rapport fait à 11:31:53,46, sam. 14/04/2007 Executé à partir de C:\Documents and Settings\Pouet187\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{3BF77FF3-E054-4728-ADD0-B21EF95EECE1}"="COM+ Service" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{b292ec9f-a074-4115-8342-1f459702d8d2}"="characterizing" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{3BF77FF3-E054-4728-ADD0-B21EF95EECE1}"="COM+ Service" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{b292ec9f-a074-4115-8342-1f459702d8d2}"="characterizing" »»»»»»»»»»»»»»»»»»»»»»»» Fin Pour la version sp1 j'ai jamais su faire les mises à jour, je l'ai acheté comme ça, je me demande si c'est une version d'origine.

voilà le rapport smitfraufix: SmitFraudFix v2.127 Rapport fait à 15:49:56,71, ven. 13/04/2007 Executé à partir de C:\Documents and Settings\Pouet187\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{3BF77FF3-E054-4728-ADD0-B21EF95EECE1}"="COM+ Service" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{b292ec9f-a074-4115-8342-1f459702d8d2}"="characterizing" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{3BF77FF3-E054-4728-ADD0-B21EF95EECE1}"="COM+ Service" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{b292ec9f-a074-4115-8342-1f459702d8d2}"="characterizing" »»»»»»»»»»»»»»»»»»»»»»»» Fin j'ai une question: comment est-ce possible d'avoir tant de saloperies avec un anti-virus (nod32) et un pare-feu (zonealarm)?

le pc fontionne bien. est-ce que la keylogger qui était dedans y est encore? J'ai tjs ce petit problème qui me redirige de temps à autre vers la page google comme expliqué ci-dessus.

voilà le rapport panda: Incident Statut Analyse Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.adopt.hbmediapro.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.xiti.com/] Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.adtech.de/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.fastclick.net/] Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[fe.lea.lycos.fr/] Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.metriweb.be/] Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\Cathy\Cookies\cathy@adopt.hbmediapro[2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Cathy\Cookies\cathy@bluestreak[2].txt Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\Cathy\Cookies\cathy@fl01.ct2.comclick[2].txt Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Cathy\Cookies\cathy@metriweb[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Cathy\Cookies\cathy@xiti[1].txt Spyware:Cookie/SexList No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.sexlist.com/] Spyware:Cookie/Sextracker No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.sextracker.com/] Spyware:Cookie/Sextracker No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[counter8.sextracker.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.xiti.com/] Spyware:Cookie/Apmebf No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.apmebf.com/] Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.adtech.de/] Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.advertising.com/] Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.perf.overture.com/] Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.atdmt.com/] Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.metriweb.be/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/cs.sexcounter No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.cs.sexcounter.com/] Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.adultfriendfinder.com/] Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/WebtrendsLive No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[statse.webtrendslive.com/] Spyware:Cookie/Ccbill No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.ccbill.com/] Spyware:Cookie/Toplist No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.toplist.cz/] Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.fastclick.net/] Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.zedo.com/] Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[c5.zedo.com/] Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.zedo.com/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/FortuneCity No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.fortunecity.com/] Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.hitbox.com/] Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.ehg-eline.hitbox.com/] Spyware:Cookie/Casalemedia No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.casalemedia.com/] Spyware:Cookie/Yadro No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.yadro.ru/] Spyware:Cookie/HotLog No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.hotlog.ru/] Spyware:Cookie/SpyLog No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.spylog.com/] Spyware:Cookie/Adrevolver No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.adrevolver.com/] Outil indésirable:Application/Pskill.K No Désinfecté C:\Documents and Settings\Pouet187\Bureau\clean\pskill.exe Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Pouet187\Bureau\SDFix\apps\Process.exe Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Pouet187\Bureau\SDFix.exe[sDFix\apps\Process.exe] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Pouet187\Bureau\SmitfraudFix\Process.exe Virus:Trj/Shutdown.Z Désinfecté C:\Documents and Settings\Pouet187\Bureau\SmitfraudFix\restart.exe Spyware:Cookie/Sextracker No Désinfecté C:\Documents and Settings\Pouet187\Cookies\pouet187@counter8.sextracker[1].txt Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Pouet187\Cookies\pouet187@metriweb[1].txt Spyware:Cookie/WebtrendsLive No Désinfecté C:\Documents and Settings\Pouet187\Cookies\pouet187@statse.webtrendslive[2].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Pouet187\Cookies\pouet187@xiti[1].txt Spyware:Cookie/XXXCounter No Désinfecté C:\Documents and Settings\Pouet187\Cookies\pouet187@xxxcounter[1].txt Outil indésirable:Application/Pskill.K No Désinfecté C:\Downloads\clean\clean\pskill.exe Outil indésirable:Application/Pskill.K No Désinfecté C:\Downloads\clean.zip[clean/pskill.exe] Outil indésirable:Application/NirCmd.A No Désinfecté C:\fixwareout\FindT\nircmd.exe Outil indésirable:Application/Processor No Désinfecté C:\Program Files\Mozilla Firefox\SmitfraudFix\Process.exe Virus:Trj/Shutdown.Z Désinfecté C:\Program Files\Mozilla Firefox\SmitfraudFix\restart.exe Outil indésirable:Application/Processor No Désinfecté C:\SDFix\apps\Process.exe Outil indésirable:Application/Processor No Désinfecté C:\WINDOWS\system32\Process.exe

j'ai téléchargé kapersky sur mon pc. La je fais un scan avec panda mais je n'ai pas d'icône pour tout analyser, j'ai soit analyser le bureau, analyser les disques locaux, ou les dossiers ou les lecteurs j'ai fait une analyse du disue local, j'ai bien fait?

bon voilà hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 7:43:12, on 12/04/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\System32\sistray.EXE C:\WINDOWS\System32\keyhook.exe C:\WINDOWS\System32\RunDll32.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Lexmark 1200 Series\lxczbmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Pouet187\Bureau\HijackThis.exe R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [TSE_PLUtil] "C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [siS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EBAA6E0A-9363-4D7A-BD54-8A80312DC0A9}: NameServer = 85.255.116.103 85.255.112.214 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE et voilà kapersky: Scan My Computer ---------------- Scanned: 288691 Detected: 83 Untreated: 0 Start time: 11/04/2007 21:10:19 Duration: 10:31:01 Finish time: 12/04/2007 7:41:20 Detected -------- Status Object ------ ------ deleted: virus P2P-Worm.Win32.Delf.bk File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP100\A0094353.exe//UPX not found: Trojan program Trojan-Spy.Win32.BZub.im File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP102\A0102128.dll deleted: Trojan program Trojan-Downloader.Win32.Small.eib File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP68\A0041520.exe//UPX deleted: virus Email-Worm.Win32.Zhelatin.bl File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP91\A0078235.exe deleted: virus Email-Worm.Win32.Zhelatin.bl File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP92\A0079309.exe deleted: virus Email-Worm.Win32.Zhelatin.bl File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP92\A0081824.exe deleted: Trojan program Trojan-Downloader.Win32.Small.eib File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP92\A0081921.exe//UPX deleted: Trojan program Trojan.Win32.DNSChanger.ik File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP93\A0083012.exe//stream deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP93\A0083044.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP93\A0083167.exe deleted: Trojan program Trojan-Spy.Win32.BZub.ee File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP93\A0083168.exe deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP93\A0084043.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP93\A0084213.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP93\A0084306.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP93\A0084321.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP93\A0085323.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085599.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085617.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085629.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085675.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085711.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085813.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085828.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085851.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085869.dll deleted: Trojan program Trojan-Downloader.Win32.Agent.bkd File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085881.dll//PE_Patch.UPX//UPX deleted: virus Email-Worm.Win32.Zhelatin.al File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085882.exe deleted: Trojan program Trojan-Spy.Win32.BZub.ih File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085883.dll deleted: Trojan program Trojan-Spy.Win32.BZub.ih File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085884.dll deleted: virus Email-Worm.Win32.Zhelatin.bl File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085885.exe deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP94\A0085890.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0085922.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0085995.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0086027.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0086067.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0086113.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0086129.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0086145.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0086185.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0086200.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0086218.dll deleted: Trojan program Trojan-PSW.Win32.Sinowal.co File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0086229.dll deleted: Trojan program Trojan-PSW.Win32.Sinowal.co File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0087215.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0087219.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0087259.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0087294.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0087344.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0087365.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0087380.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0087405.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0088405.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP95\A0089513.exe deleted: Trojan program Trojan-PSW.Win32.Sinowal.co File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP98\A0091562.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP98\A0091565.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP98\A0091575.dll deleted: Trojan program Trojan-PSW.Win32.Sinowal.co File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP98\A0091576.dll deleted: Trojan program Backdoor.Win32.Agent.aju File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP98\A0091634.exe//PE_Patch.UPX//UPX deleted: Trojan program Trojan.Win32.Agent.qt File: C:\System Volume Information\_restore{C49608AD-D1DD-491C-9191-A71D5AA27968}\RP98\A0091674.dll//PE_Patch.PECompact//PecBundle//PECompact deleted: virus P2P-Worm.Win32.Delf.bk File: C:\readme.exe//UPX deleted: Trojan program Trojan.Win32.Agent.qt File: C:\!KillBox\winhun32.dll//PE_Patch.PECompact//PecBundle//PECompact deleted: Trojan program Trojan-Spy.Win32.BZub.im File: C:\Documents and Settings\Pouet187\Bureau\backups\backup-20070411-204754-391.dll deleted: Trojan program Trojan-PSW.Win32.OnLineGames.la File: C:\Documents and Settings\Pouet187\Bureau\SDFix\backups\backups.zip/backups/hook.dll deleted: Trojan program Trojan-PSW.Win32.Sinowal.co File: C:\Documents and Settings\Pouet187\Bureau\SDFix\backups\backups.zip/backups/ibm00004.dll deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\18A.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\18B.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\18C.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\192.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\388.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\38A.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\390.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\391.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\A2.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\A3.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Dropper.Win32.Small.aui File: C:\Documents and Settings\Pouet187\Local Settings\Temp\A9.tmp//PE_Patch//MEW deleted: Trojan program Trojan-Downloader.VBS.Psyme.fc File: C:\Documents and Settings\Pouet187\Local Settings\Temporary Internet Files\Content.IE5\ZYFV3BBA\exi[2].htm//Crypt.DCScript deleted: virus P2P-Worm.Win32.Delf.bk File: C:\WINDOWS\amor.pif//UPX deleted: Trojan program Trojan-Spy.Win32.BZub.ee File: C:\WINDOWS\der.exe deleted: virus P2P-Worm.Win32.Delf.bk File: C:\WINDOWS\ER.exe//UPX deleted: Trojan program Trojan-Spy.Win32.BZub.ih File: C:\WINDOWS\ins.exe deleted: virus P2P-Worm.Win32.Delf.bk File: C:\WINDOWS\K.exe//UPX deleted: virus P2P-Worm.Win32.Delf.bk File: C:\WINDOWS\P2P.exe//UPX deleted: virus P2P-Worm.Win32.Delf.bk File: C:\WINDOWS\system32\Angen.exe//UPX deleted: Trojan program Trojan-Spy.Win32.BZub.ee File: C:\WINDOWS\system32\der.exe Events ------ Time Name Status Reason ---- ---- ------ ------ Statistics ---------- Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted ------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ --------- Settings -------- Parameter Value --------- ----- Security Level Recommended Action Prompt for action when the scan is complete Run mode Manually File types Scan all files Scan only new and changed files No Scan archives All Scan embedded OLE objects All Skip if object is larger than No Skip if scan takes longer than No Parse email formats No Scan password-protected archives No Enable iChecker technology Yes Enable iSwift technology Yes Show detected threats on "Detected" tab Yes Pour kapersky j'ai fait delete all. Merci à tout à l'heure

sinon mon pc à l'air de fonctionner sauf une dll qui ne reste pas pour ouvrir mozilla c'est jl3250.dll je dois souvent le réinstaller

bonjour régis merci de reprendre le travail sur mon pc. voilà j'ai supprimé gendel32 voilà le rapport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 19:32:29, on 10/04/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Lexmark 1200 Series\lxczbmon.exe C:\WINDOWS\System32\sistray.EXE C:\WINDOWS\System32\keyhook.exe C:\WINDOWS\System32\RunDll32.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Pouet187\Bureau\HijackThis.exe R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {36DBC179-A19F-48F2-B16A-6A3E19B42A87} - C:\WINDOWS\System32\ipv6monl.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [TSE_PLUtil] "C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [siS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EBAA6E0A-9363-4D7A-BD54-8A80312DC0A9}: NameServer = 85.255.116.103 85.255.112.214 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: winhun32 - winhun32.dll (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe par contre j'ai pas su me servir des scan en ligne trendsmicro désolé je vais réessayer. merci

regis si tu répond à mon dernier message, moi je ne saurai pas y répondre avant mardi we de Pâques oblige. merci

voila le rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 22:35:31, on 30/03/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\System32\sistray.EXE C:\Program Files\Lexmark 1200 Series\lxczbmon.exe C:\WINDOWS\System32\keyhook.exe C:\WINDOWS\System32\RunDll32.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\Pouet187\Bureau\HijackThis.exe R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [TSE_PLUtil] "C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [siS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EBAA6E0A-9363-4D7A-BD54-8A80312DC0A9}: NameServer = 85.255.116.103 85.255.112.214 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: winhun32 - winhun32.dll (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Bon ben alors à dans une semaine merci pour tout en attendant

bon j'ai fais le scan avec panda mais j'ai pas trouvé d'icône pour analyser tout l'ordinateur d'un coup alors j'ai cliqué sur bureau et disque local (c:) est-ce suffisant? voilà les 2 rapports: Incident Statut Analyse Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.xiti.com/] Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.metriweb.be/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.xiti.com/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.adtech.de/] Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/Toplist No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.toplist.cz/] Outil indésirable:Application/Pskill.K No Désinfecté C:\Documents and Settings\Pouet187\Bureau\clean\pskill.exe Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Pouet187\Bureau\SDFix\apps\Process.exe Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Pouet187\Bureau\SDFix.exe[sDFix\apps\Process.exe] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Pouet187\Bureau\SmitfraudFix\Process.exe Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Pouet187\Cookies\pouet187@metriweb[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Pouet187\Cookies\pouet187@xiti[1].txt Outil indésirable:Application/Pskill.K No Désinfecté C:\Downloads\clean\clean\pskill.exe Outil indésirable:Application/Pskill.K No Désinfecté C:\Downloads\clean.zip[clean/pskill.exe] Outil indésirable:Application/NirCmd.A No Désinfecté C:\fixwareout\FindT\nircmd.exe Security Risk:HackTool/Gendel.A No Désinfecté C:\gendel32.exe Outil indésirable:Application/Processor No Désinfecté C:\Program Files\Mozilla Firefox\SmitfraudFix\Process.exe Spyware:Cookie/Yadro No Désinfecté C:\RECYCLER\S-1-5-21-2052111302-764733703-682003330-1003\Dc1329.txt Outil indésirable:Application/Processor No Désinfecté C:\SDFix\apps\Process.exe Virus:Trj/Gepost.W Désinfecté C:\WINDOWS\system32\aspi204973.exe Outil indésirable:Application/Processor No Désinfecté C:\WINDOWS\system32\Process.exe Virus:Trj/Agent.ESE Désinfecté C:\WINDOWS\Temp\winB1.tmp.exe Incident Statut Analyse Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.xiti.com/] Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Cathy\Application Data\Mozilla\Firefox\Profiles\uv8gce3y.default\cookies.txt[.metriweb.be/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.xiti.com/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.adtech.de/] Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/Toplist No Désinfecté C:\Documents and Settings\Pouet187\Application Data\Mozilla\Firefox\Profiles\8t7wuomo.default\cookies.txt[.toplist.cz/] Outil indésirable:Application/Pskill.K No Désinfecté C:\Documents and Settings\Pouet187\Bureau\clean\pskill.exe Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Pouet187\Bureau\SDFix\apps\Process.exe Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Pouet187\Bureau\SDFix.exe[sDFix\apps\Process.exe] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Pouet187\Bureau\SmitfraudFix\Process.exe Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Pouet187\Cookies\pouet187@metriweb[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Pouet187\Cookies\pouet187@xiti[1].txt Outil indésirable:Application/Pskill.K No Désinfecté C:\Downloads\clean\clean\pskill.exe Outil indésirable:Application/Pskill.K No Désinfecté C:\Downloads\clean.zip[clean/pskill.exe] Outil indésirable:Application/NirCmd.A No Désinfecté C:\fixwareout\FindT\nircmd.exe Security Risk:HackTool/Gendel.A No Désinfecté C:\gendel32.exe Outil indésirable:Application/Processor No Désinfecté C:\Program Files\Mozilla Firefox\SmitfraudFix\Process.exe Spyware:Cookie/Yadro No Désinfecté C:\RECYCLER\S-1-5-21-2052111302-764733703-682003330-1003\Dc1329.txt Outil indésirable:Application/Processor No Désinfecté C:\SDFix\apps\Process.exe Outil indésirable:Application/Processor No Désinfecté C:\WINDOWS\system32\Process.exe