valouuu

voici le rapport demande moi aussi je croyais que les virus etaient partis mais pas tous apparement encore merci et j'attends les instructions AntiVir PersonalEdition Classic Report file date: samedi 1 septembre 2007 11:57 Scanning for 1040684 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: User Computer name: USER-PWJAIWOHNU Version information: BUILD.DAT : 247 14437 Bytes 10/05/2007 11:55:00 AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:16 AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:56 LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:06 LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:19:00 ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58 ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 11:52:00 ANTIVIR2.VDF : 6.39.1.43 1542656 Bytes 25/08/2007 09:20:48 ANTIVIR3.VDF : 6.39.1.70 91136 Bytes 31/08/2007 12:15:24 AVEWIN32.DLL : 7.4.1.66 2789888 Bytes 30/08/2007 09:21:18 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:28 AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:52 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24 AVPACK32.DLL : 7.3.0.15 360488 Bytes 24/08/2007 11:52:02 AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:10 AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:06 AVARKT.DLL : 1.0.0.17 278568 Bytes 02/05/2007 10:32:28 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:44 RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:20 RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:44 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: A:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: samedi 1 septembre 2007 11:57 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'Explorer.EXE' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'guard.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 12 processes with 12 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'A:\' [NOTE] In the drive 'A:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( '27' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! C:\System Volume Information\_restore{0A32F3C0-5819-4E1D-AD65-5EDB45AF4539}\RP91\A0036854.dll [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen [WARNING] The file was ignored! C:\System Volume Information\_restore{0A32F3C0-5819-4E1D-AD65-5EDB45AF4539}\RP91\A0036855.exe [DETECTION] Is the Trojan horse TR/Vundo.Gen [WARNING] The file was ignored! C:\System Volume Information\_restore{0A32F3C0-5819-4E1D-AD65-5EDB45AF4539}\RP93\A0036897.dll [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen [WARNING] The file was ignored! C:\System Volume Information\_restore{0A32F3C0-5819-4E1D-AD65-5EDB45AF4539}\RP93\A0036913.exe [DETECTION] Is the Trojan horse TR/Vundo.Gen [WARNING] The file was ignored! C:\VundoFix Backups\unlase.dll.bad [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen [iNFO] The file was moved to '47455609.qua'! C:\!KillBox\unlase.dll [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen [iNFO] The file was moved to '4745560d.qua'! C:\!KillBox\unlase.dll( 5) [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen [iNFO] The file was moved to '47455610.qua'! Begin scan in 'A:\' Search path A:\ could not be opened! Erreur de données (contrôle de redondance cyclique). End of the scan: samedi 1 septembre 2007 14:07 Used time: 2:10:16 min The scan has been done completely. 4625 Scanning directories 161208 Files were scanned 7 viruses and/or unwanted programs were found 0 classified as suspicious: 0 files were deleted 0 files were repaired 3 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 161201 Files not concerned 790 Archives were scanned 6 Warnings 0 Notes 0 Hidden objects were found lol

J'ATTENDS LE RESTE DE voos instructions pour continuer mais je vais devoir m'absenter jusqu'a dimanche apres midi donc je me reconnecte des que je rentre(je ne pars que dans la soiree) alors je peux encore continuer encore merci a vous deux!!!!!!

DiagHelp version v1.1.2 - http://www.malekal.com excute le 31/08/2007 à 16:51:24,82 Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\AvgAsCln.sys -->30/05/2007 14:10:42 C:\WINDOWS\System32/drivers\update.sys -->23/04/2007 12:32:54 C:\WINDOWS\System32/drivers\avipbb.sys -->20/03/2007 09:55:46 C:\WINDOWS\System32/drivers\ssmdrv.sys -->01/03/2007 10:34:38 C:\WINDOWS\System32/drivers\avgntdd.sys -->27/02/2007 15:18:32 C:\WINDOWS\System32/drivers\ntfs.sys -->09/02/2007 13:10:36 C:\WINDOWS\System32/drivers\avgntmgr.sys -->22/11/2006 14:30:32 C:\WINDOWS\System32\wpa.dbl -->31/08/2007 16:42:20 C:\WINDOWS\System32\dn60239597.dat -->31/08/2007 16:20:08 C:\WINDOWS\System32\unlase.dns -->31/08/2007 16:19:40 C:\WINDOWS\System32\FNTCACHE.DAT -->31/08/2007 16:03:38 C:\WINDOWS\System32\TZLog.log -->30/08/2007 18:08:58 C:\WINDOWS\System32\dn_crash.log -->29/08/2007 14:52:30 C:\WINDOWS\System32\CmdLineExt03.dll -->27/08/2007 12:34:22 C:\WINDOWS\System32\CONFIG.NT -->22/08/2007 13:35:30 C:\WINDOWS\System32\jupdate-1.6.0_02-b06.log -->07/08/2007 09:58:10 C:\WINDOWS\System32\MRT.exe -->03/08/2007 06:34:10 C:\WINDOWS\System32\wuaucpl.cpl.mui -->30/07/2007 19:20:06 C:\WINDOWS\System32\wuapi.dll.mui -->30/07/2007 19:19:52 C:\WINDOWS\System32\wuaueng.dll -->30/07/2007 19:19:42 C:\WINDOWS\System32\wuapi.dll -->30/07/2007 19:19:36 C:\WINDOWS\System32\wucltui.dll -->30/07/2007 19:19:32 C:\WINDOWS\System32\wuweb.dll -->30/07/2007 19:19:28 C:\WINDOWS\System32\wuaucpl.cpl -->30/07/2007 19:19:28 C:\WINDOWS\System32\cdm.dll -->30/07/2007 19:19:20 C:\WINDOWS\System32\wuauclt.exe -->30/07/2007 19:19:16 C:\WINDOWS\System32\wups2.dll -->30/07/2007 19:19:12 C:\WINDOWS\System32\mucltui.dll -->30/07/2007 19:19:10 C:\WINDOWS\System32\wucltui.dll.mui -->30/07/2007 19:19:04 C:\WINDOWS\System32\muweb.dll -->30/07/2007 19:19:04 C:\WINDOWS\System32\mucltui.dll.mui -->30/07/2007 19:18:58 C:\WINDOWS\System32\wuaueng.dll.mui -->30/07/2007 19:18:48 C:\WINDOWS\WindowsUpdate.log -->31/08/2007 16:44:10 C:\WINDOWS\wiadebug.log -->31/08/2007 16:38:58 C:\WINDOWS.log -->31/08/2007 16:38:28 C:\WINDOWS\bootstat.dat -->31/08/2007 16:38:24 C:\WINDOWS\SchedLgU.Txt -->31/08/2007 15:14:20 C:\WINDOWS\wiaservc.log -->31/08/2007 15:14:08 C:\WINDOWS\imsins.log -->30/08/2007 18:09:22 C:\WINDOWS\comsetup.log -->30/08/2007 18:09:22 C:\WINDOWS\KB933360.log -->30/08/2007 18:09:22 C:\WINDOWS\ocmsn.log -->30/08/2007 18:09:22 C:\WINDOWS\tsoc.log -->30/08/2007 18:09:22 C:\WINDOWS\ntdtcsetup.log -->30/08/2007 18:09:22 C:\WINDOWS\iis6.log -->30/08/2007 18:09:22 C:\WINDOWS\ocgen.log -->30/08/2007 18:09:18 C:\WINDOWS\msgsocm.log -->30/08/2007 18:09:18 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6023-9597 Répertoire de C:\WINDOWS\system 19/09/1996 10:15 7 840 APLKDAEM.EXE 22/11/1994 15:09 317 116 WBTR32.EXE 2 fichier(s) 324 956 octets 0 Rép(s) 10 557 620 224 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6023-9597 Répertoire de C:\WINDOWS\system32 19/08/2004 16:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 10 557 620 224 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6023-9597 Répertoire de C:\WINDOWS\Downloaded Program Files 06/01/2006 10:39 <REP> . 06/01/2006 10:39 <REP> .. 06/01/2006 10:39 65 desktop.ini 14/10/1997 18:52 697 DirectAnimation Java Classes.osd 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 20/12/2002 14:15 538 Yahoo! Pyramids.osd 12/08/2004 10:48 558 Yahoo! MahJong Solitaire.osd 14/07/2005 17:28 365 f3initialsetup1.0.0.15.inf 22/06/2006 11:41 5 032 swflash.inf 15/09/2004 10:20 740 jinstall-1_5_0.inf 17/12/2004 09:55 530 Yahoo! Poker.osd 01/06/2004 14:36 141 312 yinsthelper.dll 01/06/2004 14:41 853 yinst.inf 13/04/2007 15:27 367 LegitCheckControl.inf 09/07/2007 12:27 2 377 088 Rawflow.ocx 29/08/2006 14:17 161 976 zylomgamesplayer.dll 15/09/2006 10:53 244 ZylomGamesPlayer.inf 23/03/2007 12:17 1 292 erma.inf 18/07/2007 14:49 12 592 libcomm.dll 20/07/2007 13:19 107 824 ascstubie.dll 26/07/2007 09:51 395 ascstubie.inf 08/08/2006 11:45 576 kavwebscan.inf 20 fichier(s) 2 814 206 octets Total des fichiers listés : 20 fichier(s) 2 814 206 octets 2 Rép(s) 10 557 620 224 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Jeux classiques\\Bin\\CmCenterV2.exe"="C:\\Program Files\\Jeux classiques\\Bin\\CmCenterV2.exe:*:Enabled:CmCenter Module" "C:\\Program Files\\Hexacto\\Hard Rock Casino\\Casino.exe"="C:\\Program Files\\Hexacto\\Hard Rock Casino\\Casino.exe:*:Enabled:Macromedia Projector" "C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\HelpCtr.exe"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" "C:\\Program Files\\Ant War\\AntWar.exe"="C:\\Program Files\\Ant War\\AntWar.exe:*:Disabled:Antwar " "C:\\Program Files\\Hexacto Games\\Lemonade Tycoon\\Lemonade.exe"="C:\\Program Files\\Hexacto Games\\Lemonade Tycoon\\Lemonade.exe:*:Disabled:Lemonade" "C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client" "C:\\Program Files\\TribalWeb.net\\tribalweb.exe"="C:\\Program Files\\TribalWeb.net\\tribalweb.exe:*:Enabled:TribalWeb.net : Réseau privé sur Internet" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\DAP\\DAP.EXE"="C:\\Program Files\\DAP\\DAP.EXE:*:Enabled:Download Accelerator Plus (DAP)" "C:\\WINDOWS\\System32\\TNSClient.exe"="C:\\WINDOWS\\System32\\TNSClient.exe:*:Enabled:TNS Client" "C:\\Program Files\\WINSOS\\winsos.exe"="C:\\Program Files\\WINSOS\\winsos.exe:*:Enabled:Winsos" "C:\\Program Files\\WINSOS\\anti-spy.exe"="C:\\Program Files\\WINSOS\\anti-spy.exe:*:Enabled:anti-spy Winsos" "C:\\Program Files\\WINSOS\\help.exe"="C:\\Program Files\\WINSOS\\help.exe:*:Enabled:Winsos Help" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Disabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Disabled:IncrediMail" "C:\\Documents and Settings\\User\\Application Data\\tmp17F.tmp.exe"="C:\\Documents and Settings\\User\\Applicat" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-31 16:51:54 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden services ... SECOND RAPPORT ET LE RAPPORT HIJAC SUIT ENCORE MERCI Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:55:49, on 31/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\OpiStat\OpiStat\OpiStat.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\tp4mon.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\OLITEC\Common\RaUI.exe C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\WinRAR\WinRAR.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\User\LOCALS~1\Temp\Rar$EX00.108\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://localhost:6080;https=http://localhost:6080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O4 - HKLM\..\Run: [OpiStat] C:\Program Files\OpiStat\OpiStat\OpiStat.exe O4 - HKLM\..\Run: rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [bMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor O4 - HKLM\..\Run: [bMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe O4 - HKLM\..\Run: [bMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Moniteur reseau 802.11g OLITEC.lnk = C:\Program Files\OLITEC\Common\RaUI.exe O4 - Global Startup: TrayMin300.exe.lnk = ? O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=www.tele2internet.ch O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: Yahoo! Poker - http://download2.games.yahoo.com/games/clients/y/pt3_x.cab O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 8463 bytes

VundoFix V6.5.4 Checking Java version... Scan started at 10:35:58 24/08/2007 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.5.4 Checking Java version... Scan started at 12:47:41 24/08/2007 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.5.4 Checking Java version... Scan started at 17:38:43 24/08/2007 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.5.4 Checking Java version... Scan started at 10:34:45 28/08/2007 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.5.7 Checking Java version... Scan started at 20:05:58 28/08/2007 Listing files found while scanning.... No infected files were found. Beginning removal... Attempting to delete C:\WINDOWS\SYSTEM32\unlase.dll C:\WINDOWS\SYSTEM32\unlase.dll Has been deleted! Performing Repairs to the registry. Done! voici le rapport demande je continue! merci

OK MERCI Je crois que j'ai bien fait d'acheter ce modele si des utlilisateurs confirmes l'on aussi ca me rassure !!!!!

bon 'ai supprime tous les points verts quand au roge je sais pas quoi faire je sais pas ce que je dois supprimer ou non ca ne me parle pas ces trucs la!!!!

ACER ASPIRE 5100

j'ai lu le manuel et c'est pourquoi je pose la question puisqe rien n'est indique!!!

bonsoir voila je viens d'acheter un pc portable avec evidement windwos vista et il n'y a aucun cd de restauration dois je en creer un ?et si c'est le cas comment proceder merci d'avance

voila c'est fait mais j'en fait quoi de ca ????

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:24:55, on 29/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\OpiStat\OpiStat\OpiStat.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\tp4mon.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\OLITEC\Common\RaUI.exe C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe C:\Program Files\TribalWeb.net\tribalweb.exe C:\DOCUME~1\User\LOCALS~1\Temp\Rar$EX02.857\HijackThis.exe C:\DOCUME~1\User\LOCALS~1\Temp\Rar$EX04.127\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://localhost:6080;https=http://localhost:6080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O4 - HKLM\..\Run: [OpiStat] C:\Program Files\OpiStat\OpiStat\OpiStat.exe O4 - HKLM\..\Run: rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [bMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor O4 - HKLM\..\Run: [bMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe O4 - HKLM\..\Run: [bMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Startup: TA_Start.lnk = C:\Documents and Settings\User\Local Settings\Temp\TIP2D002.exe O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Moniteur reseau 802.11g OLITEC.lnk = C:\Program Files\OLITEC\Common\RaUI.exe O4 - Global Startup: TrayMin300.exe.lnk = ? O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=www.tele2internet.ch O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: Yahoo! Poker - http://download2.games.yahoo.com/games/clients/y/pt3_x.cab O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab O20 - Winlogon Notify: unlase - C:\WINDOWS\SYSTEM32\unlase.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 8726 bytes voici le rapport le 04 n'etait plus dans la liste par contre toujours pas de bureau a l'ouverture du pc et toujours le virus amicalement

DllUnregisterServer procedure not found in C:\WINDOWS\SYSTEM32\unlase.dll C:\WINDOWS\SYSTEM32\unlase.dll NOT unregistered. File move failed. C:\WINDOWS\SYSTEM32\unlase.dll scheduled to be moved on reboot. File/Folder C:\Documents and Settings\User\Application Data\tmp17F.tmp.exe not found. Created on 08/29/2007 11:12:15 petite question je fais des scan antivirus etc mais dois je supprimer les dossiers ou juste t'envoyer les rapports de scan? merci d'avance

voici le premier rapport que tu m'a demande encore merci Version - a-squared Anti-Malware 3.0 Dernière mise à jour: 29/08/2007 09:50:25 Réglages Scan: Objets: Mémoire, Traces, Cookies, C:\WINDOWS\, C:\Program Files Scan archives: Marche Heuristiques: Marche Scan ADS: Marche Début du scan: 29/08/2007 10:10:09 c:\casino Détecter: Trace.Directory.CarnivalCasino c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf Détecter: Trace.File.MyWebSearch Toolbar Key: HKEY_CLASSES_ROOT\clsid\{9afb8248-617f-460d-9366-d71cdeda3179} Détecter: Trace.Registry.FunWebProducts Key: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\software\kazaa Détecter: Trace.Registry.KaZaA Value: HKEY_LOCAL_MACHINE\software\kazaa\cloudload --> sharedir Détecter: Trace.Registry.KaZaA Key: HKEY_LOCAL_MACHINE\software\kazaa Détecter: Trace.Registry.KaZaA c:\windows\gvcasinos.ini Détecter: Trace.File.Grace Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\32 Vegas Casino --> options_dealervoices Détecter: Trace.Registry.32 Vegas Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\32 Vegas Casino --> options_dealervoiceset Détecter: Trace.Registry.32 Vegas Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\32 Vegas Casino --> options_music Détecter: Trace.Registry.32 Vegas Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\32 Vegas Casino --> options_sounds Détecter: Trace.Registry.32 Vegas Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\32 Vegas Casino --> options_xlslots Détecter: Trace.Registry.32 Vegas Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\32 Vegas Casino --> options-fullscreen Détecter: Trace.Registry.32 Vegas Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\32 Vegas Casino --> options-volume Détecter: Trace.Registry.32 Vegas Casino Value: HKEY_LOCAL_MACHINE\SOFTWARE\RealTime Gaming Software --> RTGCLSID Détecter: Trace.Registry.Diamond Deal Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\Kazaa\InstantMessaging --> IgnoreAll Détecter: Trace.Registry.Kazaa Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\Kazaa\LocalContent --> DisableListFiles Détecter: Trace.Registry.Kazaa Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\Kazaa\Settings --> AutoUpdateSkype Détecter: Trace.Registry.Kazaa Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\MicroGaming\Thumper\Detect --> BD Détecter: Trace.Registry.Phoenician Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\MicroGaming\Thumper\Detect --> DXVerN Détecter: Trace.Registry.Phoenician Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\MicroGaming\Thumper\Detect --> FlashVerN Détecter: Trace.Registry.Phoenician Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\MicroGaming\Thumper\Detect --> IEVerN Détecter: Trace.Registry.Phoenician Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\MicroGaming\Thumper\Detect --> ScreenX Détecter: Trace.Registry.Phoenician Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\MicroGaming\Thumper\Detect --> ScreenY Détecter: Trace.Registry.Phoenician Casino Value: HKEY_USERS\S-1-5-21-3009235858-3537164825-1924675159-1004\Software\SWEETIE\Cache --> http://www.sweetim.com/simiebar/toolbar30.xml Détecter: Trace.Registry.SweetIMBarForIE Value: HKEY_CLASSES_ROOT\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_CLASSES_ROOT\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_CLASSES_ROOT\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_CLASSES_ROOT\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_CLASSES_ROOT\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_CLASSES_ROOT\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_CLASSES_ROOT\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel Détecter: Trace.Registry.Shareaza Lite C:\Documents and Settings\User\Cookies\user@bluestreak[2].txt Détecter: Trace.TrackingCookie C:\Documents and Settings\User\Cookies\user@doubleclick[1].txt Détecter: Trace.TrackingCookie C:\Documents and Settings\User\Cookies\user@atdmt[2].txt Détecter: Trace.TrackingCookie C:\WINDOWS\system32\Process.exe Détecter: Riskware.RiskTool.Win32.Processor.20 Scanné

merci de votre aide mais vu le nombre de virus que j'ai et des gros apparemet je suis passe sur l'autre forum encore merci

--------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 21:06:59 28/08/2007 + Résultat de l'analyse: C:\Documents and Settings\User\Cookies\user@advertising[1].txt -> TrackingCookie.Advertising : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@advertising[3].txt -> TrackingCookie.Advertising : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@atdmt[1].txt -> TrackingCookie.Atdmt : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@cpvfeed[3].txt -> TrackingCookie.Cpvfeed : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@doubleclick[2].txt -> TrackingCookie.Doubleclick : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@estat[2].txt -> TrackingCookie.Estat : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@ehg-neuftelecom.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@ehg-neuftelecom.hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@hotlog[2].txt -> TrackingCookie.Hotlog : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@yadro[1].txt -> TrackingCookie.Yadro : Aucune action entreprise. C:\Documents and Settings\User\Cookies\user@zedo[2].txt -> TrackingCookie.Zedo : Aucune action entreprise. Fin du rapport merci de me donner la procedure a suivre

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:31:05, on 28/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TribalWeb.net\tribalweb.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\User\LOCALS~1\Temp\Rar$EX02.330\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://localhost:6080;https=http://localhost:6080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O4 - HKLM\..\Run: [OpiStat] C:\Program Files\OpiStat\OpiStat\OpiStat.exe O4 - HKLM\..\Run: rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [bMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor O4 - HKLM\..\Run: [bMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe O4 - HKLM\..\Run: [bMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Startup: TA_Start.lnk = C:\Documents and Settings\User\Local Settings\Temp\TIP2D002.exe O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Moniteur reseau 802.11g OLITEC.lnk = C:\Program Files\OLITEC\Common\RaUI.exe O4 - Global Startup: TrayMin300.exe.lnk = ? O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=www.tele2internet.ch O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: Yahoo! Poker - http://download2.games.yahoo.com/games/clients/y/pt3_x.cab O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab O20 - Winlogon Notify: unlase - C:\WINDOWS\SYSTEM32\unlase.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 8087 bytes

--voila le rapport----------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Tuesday, August 28, 2007 7:03:43 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 28/08/2007 Enregistrements dans la base antivirus Kaspersky : 393985 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: étendue Analyser les archives: vrai Analyser les bases de messagerie: vrai Cible de l'analyse - Zones critiques: C:\WINDOWS C:\DOCUME~1\User\LOCALS~1\Temp\ Statistiques de l'analyse: Total d'objets analysés: 17979 Nombre de virus trouvés: 1 Nombre d'objets infectés: 1 / 0 Nombre d'objets suspects: 0 Durée de l'analyse: 00:31:08 Nom de l'objet infecté / Nom du virus / Dernière action C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\sptddrv1.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\unlase.dll Infecté : Trojan-Downloader.Win32.ConHook.bg ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\tmp15.tmp.dll L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\pfirewall.log L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\DOCUME~1\User\LOCALS~1\Temp\~DFBD04.tmp L'objet est verrouillé ignoré C:\DOCUME~1\User\LOCALS~1\Temp\~DFBD13.tmp L'objet est verrouillé ignoré Analyse terminée. merci

je suis a 3% de scan sur kasper.....je crois que j'ai le temps

j'aiaussi fait du vide dans mon pc ('jeux et telchargeur ) mais certains sites apraissent toujours!!!

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:01:55, on 28/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\User\LOCALS~1\Temp\Rar$EX00.704\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://localhost:6080;https=http://localhost:6080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O4 - HKLM\..\Run: [OpiStat] C:\Program Files\OpiStat\OpiStat\OpiStat.exe O4 - HKLM\..\Run: rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [bMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor O4 - HKLM\..\Run: [bMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe O4 - HKLM\..\Run: [bMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [{39-95-59-97-ZN}] C:\Documents and Settings\User\Local Settings\Temp\TIP2D002.exe P2D002 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Startup: TA_Start.lnk = C:\Documents and Settings\User\Local Settings\Temp\TIP2D002.exe O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Moniteur reseau 802.11g OLITEC.lnk = C:\Program Files\OLITEC\Common\RaUI.exe O4 - Global Startup: TrayMin300.exe.lnk = ? O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=www.tele2internet.ch O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: Yahoo! Poker - http://download2.games.yahoo.com/games/clients/y/pt3_x.cab O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab O20 - Winlogon Notify: unlase - C:\WINDOWS\SYSTEM32\unlase.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: DomainService - Unknown owner - C:\Documents and Settings\User\Application Data\tmp17F.tmp.exe (file missing) O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 8348 bytes sinon mon pc va mal et rame rame rame j'ai du mal aussi a faire le scan kapersky 20 fenetres s'ouvrent et ca me plante le pc sinon jesuis toujours obligee de faire ctrl alt sup pour afficher explorer y a pas moyen que quelqu'un prenne la main sur mon pc via msn je ne sais si vous pratiquez de cette maniere mais comme j'y comprends rien je suis desesperee merci

voila le message que j'obtiensbref j'y comprend rien!! pending filerename operations registry data has been remove by external proces

ALORS J'AI SUPPRIME C:\Documents and Settings\User\Local Settings\Temp\ par contre impossible de supprmer C:\WINDOWS\SYSTEM32\unlase.dll le pc me dit que leprogramme ne peut etre supprime car il est utilise par autre chose sachant que j'etis en mode sans echec et que rien d'autre n'etait ouvert

l'erreur se produit toujours dans le scan de pskahk.dll et le virus trouve est TR/Agent.2020656 QUE DOIS JE FAIRE, MERCI

This action will cancel the download Are you sure you want to cancel the download? To load TotalScan, you have to agree to the installation of an ActiveX control. Click on the yellow bar and select the option Install ActiveX control If a security warning appears, click on Install to load TotalScan If a security warning appears, click on Install to load TotalScan Español | English Sign in | Sign up | My account | Sign out Home| What is TotalScan?| We love feedback!| FAQ Loading TotalScan: Loading Error Sorry, loading is incomplete due to an error. Please try again. Error -20. « Return to the start of TotalScan Loading (100%) Use of TotalScan is subject to acceptance of the Terms and conditions of use This is a Panda project

rapport vundo done searching for files no infected files were found!!!! ensuite je lance le nano scan mais impossible d'aller jusqu'au bout antivir me montre une fenetre avec tous mes virus et la le scan s'arrete et me marque erreur 20 j'ai recommence une dizaine de fois mais rien n'y fait!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!