chtipoutibouille

voici l analyse hijack this Clean Navipromo version 2.0.2 commencé le 05/06/2007 à 20:13:41,79 Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 17.05.2007 a 23h00 by IL-MAFIOSO Mode suppression automatique avec prise en charge résultats Blacklight *** Creation backups fichiers trouvés par Blacklight *** Copie vers "C:\Program Files\navilog1\Backupnavi" *** Suppression des fichiers trouvés avec Blacklight *** ** 2ème passage ** C:\WINDOWS\system32\zdcfpskmy_navup.dat absent ! C:\WINDOWS\system32\zdcfpskmy_navtmp.dat absent ! C:\WINDOWS\system32\zdcfpskmy_m2s.xml absent ! C:\WINDOWS\system32\zdcfpskmy.dat trouvé ! Copie C:\WINDOWS\system32\zdcfpskmy.dat réalise avec succes ! C:\WINDOWS\system32\zdcfpskmy.dat supprimé ! C:\WINDOWS\system32\zdcfpskmy_nav.dat trouvé ! Copie C:\WINDOWS\system32\zdcfpskmy_nav.dat réalise avec succes ! C:\WINDOWS\system32\zdcfpskmy_nav.dat supprimé ! C:\WINDOWS\system32\zdcfpskmy_navps.dat trouvé ! Copie C:\WINDOWS\system32\zdcfpskmy_navps.dat réalise avec succes ! C:\WINDOWS\system32\zdcfpskmy_navps.dat supprimé ! C:\WINDOWS\prefetch\zdcfpskmy*.pf trouvé ! Copie C:\WINDOWS\prefetch\zdcfpskmy*.pf réalise avec succes ! C:\WINDOWS\prefetch\zdcfpskmy*.pf supprimé ! C:\WINDOWS\system32\zdcfpskmy.exe trouvé ! Copie C:\WINDOWS\system32\zdcfpskmy.exe réalise avec succes ! C:\WINDOWS\system32\zdcfpskmy.exe supprimé ! *** Suppression dossiers dans C:\WINDOWS *** *** Suppression dossiers dans C:\Program Files *** C:\Program Files\MessengerSkinner ...suppression... C:\Program Files\MessengerSkinner supprimé ! *** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Suppression dossiers dans C:\Documents and Settings\b\Application Data *** ...\Application Data\MessengerSkinner ...suppression... ...\Application Data\MessengerSkinner supprimé ! *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\b\Local Settings\Temp effectué ! *** Sauvegarde du registre vers dossier Backupnavi*** sauvegarde du registre réalise avec succes ! *** Nettoyage registre *** Nettoyage registre Ok *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche et Suppression Heuristique : * ** *** **** ***** ****** ******* ******** C:\WINDOWS\System32\uuonzq.exe trouvé ! Copie C:\WINDOWS\system32\uuonzq.exe réalise avec succes ! C:\WINDOWS\system32\uuonzq.exe supprimé ! 3)Contrôle présence clés Rootkit dans le registre : Aucune autre clés présente dans le registre ! *** Nettoyage termine le 05/06/2007 à 20:16:32,64 *** pour information g pas pu lancer avg en mode sans echec du cou je l ai lancé là voici le rapport AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 21:11:02 05/06/2007 + Résultat de l'analyse: HKU\S-1-5-21-1482476501-2025429265-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Adware.RogueSuspect : Nettoyé et sauvegardé (mise en quarantaine). :mozilla.26:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. C:\Documents and Settings\b\Cookies\b@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.103:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.104:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.115:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.116:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.20:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.27:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.47:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\b\Cookies\b@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\b\Cookies\b@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\b\Cookies\b@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\b\Cookies\b@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\b\Cookies\b@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\b\Cookies\b@mistergooddeal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\b\Cookies\b@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\b\Cookies\b@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\b\Cookies\b@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\b\Cookies\b@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\b\Cookies\b@adjuggler[2].txt -> TrackingCookie.Adjuggler : Nettoyé. :mozilla.29:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.30:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. C:\Documents and Settings\b\Cookies\b@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.216:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé. :mozilla.193:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.194:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.195:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.48:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.49:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Comclick : Nettoyé. C:\Documents and Settings\b\Cookies\b@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.14:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.15:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.23:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Estat : Nettoyé. :mozilla.62:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\b\Cookies\b@estat[1].txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\b\Cookies\b@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé. C:\Documents and Settings\b\Cookies\b@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé. C:\Documents and Settings\b\Cookies\b@fortunecity[1].txt -> TrackingCookie.Fortunecity : Nettoyé. :mozilla.219:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.26:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé. :mozilla.27:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé. :mozilla.76:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé. :mozilla.77:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé. C:\Documents and Settings\b\Cookies\b@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyé. :mozilla.202:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Live : Nettoyé. :mozilla.203:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Live : Nettoyé. :mozilla.204:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Live : Nettoyé. :mozilla.205:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Live : Nettoyé. C:\Documents and Settings\b\Cookies\b@search.live[1].txt -> TrackingCookie.Live : Nettoyé. :mozilla.13:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé. :mozilla.21:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé. :mozilla.121:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. C:\Documents and Settings\b\Cookies\b@data2.perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé. C:\Documents and Settings\b\Cookies\b@overture[2].txt -> TrackingCookie.Overture : Nettoyé. C:\Documents and Settings\b\Cookies\b@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé. :mozilla.221:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé. C:\Documents and Settings\b\Cookies\b@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé. C:\Documents and Settings\b\Cookies\b@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.31:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Realmedia : Nettoyé. :mozilla.32:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Realmedia : Nettoyé. C:\Documents and Settings\b\Cookies\b@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé. :mozilla.162:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.163:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.164:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.165:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.166:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.37:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\b\Cookies\b@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\b\Cookies\b@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.223:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.224:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.225:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\b\Cookies\b@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\b\Cookies\b@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé. C:\Documents and Settings\b\Cookies\b@h.starware[1].txt -> TrackingCookie.Starware : Nettoyé. C:\Documents and Settings\b\Cookies\b@starware[2].txt -> TrackingCookie.Starware : Nettoyé. C:\Documents and Settings\b\Cookies\b@try.starware[1].txt -> TrackingCookie.Starware : Nettoyé. C:\Documents and Settings\b\Cookies\b@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé. :mozilla.172:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé. :mozilla.176:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.35:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.36:E:\Mes documents\Nora\doc internet\NORA\qkn1kpa7.slt\cookies.txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\b\Cookies\b@bnpparibas.weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\b\Cookies\b@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.198:C:\Documents and Settings\b\Application Data\Mozilla\Firefox\Profiles\nru6h5cr.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé. C:\Documents and Settings\b\Cookies\b@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé. voici hijack apres tous ca Logfile of HijackThis v1.99.1 Scan saved at 21:12:20, on 05/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\explorer.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Inventel\Gateway\WLANCFG.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\eMule\emule.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\b\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.fr.msn.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [swPrnMon] "C:\Program Files\Fichiers communs\Sowedoo Shared\Sowedoo PDF Printer V4\SwPrnMon.exe" O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://eshare.hpphoto.com/Download/HPeServicesLocalPrint.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/hardwaredetection.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe voila voila bon courage

re au fait pour spy bot il me trouve que des cookie traceurs zedo, par contre j ai toujours ces fenetres qui s ouvrent seules olivier

Me revoila, merci bruce lee pour ta réponse voici la recherche de navilog Search Navipromo version 2.0.2 commencé le 05/06/2007 à 14:23:00,48 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 17.05.2007 a 23h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** C:\Program Files\MessengerSkinner trouvé ! *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\b\Application Data *** ...\Application Data\MessengerSkinner trouvé ! *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html Fichier(s) caché(s) dans C:\WINDOWS\system32 : Processus caché(s) dans C:\WINDOWS\system32 : C:\windows\system32\zdcfpskmy.exe *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche cles registre *** Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] Recherche Clé Magic Control HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : * C:\WINDOWS\system32\zdcfpskmy.dat trouvé ! ** C:\WINDOWS\system32\zdcfpskmy.dat trouvé ! *** **** C:\WINDOWS\system32\zdcfpskmy_navps.dat trouvé ! ***** ****** ******* ******** C:\WINDOWS\system32\uuonzq.exe trouvé ! C:\WINDOWS\system32\zdcfpskmy.exe trouvé ! *** Analyse Terminé le 05/06/2007 à 14:24:24,51 *** pour info le scan en ligne de kaspersky n a rien donné merci encore Olivier

Encore une victime de ses satanées fenetres de pub qui s ouvrent seulent et ralentissent le pc d une copine. Voici déja un rapport hijack this, le scan en ligne sui avec une analyse spybot, d avance merci pour votre réponse. olivier Logfile of HijackThis v1.99.1 Scan saved at 23:14:10, on 04/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\RAM Idle LE\RAM_XP.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\vsnpstd3.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\b\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.fr.msn.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [swPrnMon] "C:\Program Files\Fichiers communs\Sowedoo Shared\Sowedoo PDF Printer V4\SwPrnMon.exe" O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://eshare.hpphoto.com/Download/HPeServicesLocalPrint.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/hardwaredetection.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

merci encore regis olivier

voila c'est fini, g relancé spybot et plus rien milles merci regis et quand tu veux pour allez boire un coup olivier

me revoila c bizzar ca kaspersky a rien trouvé voici le compte rendu Total d'objets analysés 104157 Nombre de virus trouvés 0 Nombre d'objets infectés 0 / 0 Nombre d'objets suspects 0 Durée de l'analyse 02:20:35 Nom de l'objet infecté Nom du virus Dernière action H:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré H:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré H:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré H:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré H:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré H:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré H:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré H:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré H:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré H:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré H:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré H:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\cert8.db L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\formhistory.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\history.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\key3.db L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\parent.lock L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\search.sqlite L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\urlclassifier2.sqlite L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\call256.dbb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\callmember256.dbb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\chat512.dbb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\chatmember256.dbb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\chatmsg256.dbb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\contactgroup256.dbb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\dyncontent\bundle.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\index2.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\profile256.dbb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\user1024.dbb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\user16384.dbb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Application Data\Skype\chtipoutibouille\voicemail256.dbb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Cookies\index.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Messenger\chti.pou@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Messenger\chti.pou@hotmail.fr\SharingMetadata\pending.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Messenger\chti.pou@hotmail.fr\SharingMetadata\Working\database_6A88_A8B8_88A8_83E3\dfsr.db L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Messenger\chti.pou@hotmail.fr\SharingMetadata\Working\database_6A88_A8B8_88A8_83E3\fsr.log L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Messenger\chti.pou@hotmail.fr\SharingMetadata\Working\database_6A88_A8B8_88A8_83E3\tmp.edb L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Windows Live Contacts\chti.pou@hotmail.fr\real\members.stg L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Windows Live Contacts\chti.pou@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Mozilla\Firefox\Profiles\w7h60f7l.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Historique\History.IE5\MSHist012007053120070601\index.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temp\hsperfdata_PROPRIETAIRE\2144 L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temp\~DFC046.tmp L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temp\~DFC060.tmp L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temp\~DFD307.tmp L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temp\~DFD321.tmp L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\NTUSER.DAT L'objet est verrouillé ignoré H:\Documents and Settings\PROPRIETAIRE\ntuser.dat.LOG L'objet est verrouillé ignoré H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-05-31.19-39-12.log L'objet est verrouillé ignoré H:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré H:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré H:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré H:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré H:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré H:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log L'objet est verrouillé ignoré H:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx L'objet est verrouillé ignoré H:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP1\change.log L'objet est verrouillé ignoré H:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré H:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{1A0F380A-6AFC-4F9C-9998-417872507673}.crmlog L'objet est verrouillé ignoré H:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré H:\WINDOWS\SoftwareDistribution\EventCache\{E9CCD41A-5F34-401B-AD68-1D323BAB8080}.bin L'objet est verrouillé ignoré H:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré H:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré H:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré H:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré H:\WINDOWS\system32\config\default L'objet est verrouillé ignoré H:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré H:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré H:\WINDOWS\system32\config\Media Ce.evt L'objet est verrouillé ignoré H:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré H:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré H:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré H:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré H:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré H:\WINDOWS\system32\config\software L'objet est verrouillé ignoré H:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré H:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré H:\WINDOWS\system32\config\system L'objet est verrouillé ignoré H:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré H:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré H:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré H:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré H:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré H:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré H:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré H:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré H:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré H:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré H:\WINDOWS\Temp\Perflib_Perfdata_6b0.dat L'objet est verrouillé ignoré H:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré H:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré H:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré H:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré I:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré Analyse terminée.

au secour regis, j ai vider spybot, puis je me suis dit allez relance le search and destroy, cette cochonnerie es toujours là! argggghhhhhhh allez je lance quand meme kaspersky merci olivier

merci regis il marche super bien le pc, zut j'ai virer la quarantaine de spysweeper, allez je vire celle de spybot et te renvoi un scan, Encore une fois merci pour le temps que tu y a passé olivier

me revoila, voici le deuxieme rapport de scan en ligne KASPERSKY ONLINE SCANNER REPORT Thursday, May 31, 2007 7:56:58 AM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 31/05/2007 Kaspersky Anti-Virus database records: 313703 Scan Settings Scan using the following antivirus database standard Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ K:\ L:\ Scan Statistics Total number of scanned objects 104611 Number of viruses found 1 Number of infected objects 0 / 0 Number of suspicious objects 6 Duration of the scan process 01:49:30 Infected Object Name Virus Name Last Action H:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt.zip/retadpu1000272.exe Suspicious: Password-protected-EXE skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt.zip ZIP: suspicious - 1 skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt2.zip/retadpu1000272.exe Suspicious: Password-protected-EXE skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt2.zip ZIP: suspicious - 1 skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt5.zip/retadpu1000272.exe Suspicious: Password-protected-EXE skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt5.zip ZIP: suspicious - 1 skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS01D4D752-AC01-4941-A61C-EABA765322A2.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS03F7038A-1CAC-47CD-B45B-C44586C09A77.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0424126F-70A1-4369-92A8-5BA3DADF3E7E.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS09E46473-30E4-4E05-9CA4-91752851FB8F.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0D3AC1D3-C2C7-43C6-A187-9AF24F2793F6.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0DCCC8F6-E1CB-4C30-97AD-5336FC8EC8C4.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0F604868-A898-4165-A46D-AFD04BF88BC5.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS125DC902-6C74-48AA-983B-12C4221925D4.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS1381D42D-0636-4A52-AE3F-D0D92F78EBE8.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS19A91271-9B08-4C65-A2CB-8220EA73F0D0.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS1E700EEF-2753-484A-9D20-1EA114023AB2.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2AB6F5F5-4B87-4890-9CD1-9E99F938CA8D.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2D2637DA-4078-4D43-A82F-AF4138A9D1E2.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3092C6DF-AA58-4645-BD68-848973E235FC.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS323A7643-C1CE-4019-9368-73345C0FC887.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3B50B31E-1BA8-43C3-B6B8-53D7107BB8B3.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS408B783E-1F95-4F9F-8251-DDBC90598204.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4123AAFE-F613-48EE-BC08-067181DBFFE7.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4879EF18-DC10-4CCA-B193-B97AB02817C1.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS504FB203-9AB7-48B2-8B74-D748B6D48E57.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS584119ED-3CDB-4934-B7FA-839C4F071920.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS59433B07-A65D-422D-B320-34AA4F4BE5B6.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS615DCF78-22A8-4A01-9891-2F1156392684.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6656B2A7-05EF-495D-B411-F37A88F7AEAD.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS67C06AB9-7197-4205-AE1B-C2F403DE330C.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6B02728B-F273-4BA7-82F8-82D40C443375.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6CA07027-6722-4EBA-8ED5-F727B7D66E45.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS71FEAF16-303D-4959-8EA4-5F4BC8E55D91.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS74688718-9C90-4160-A232-41960CBDFCFD.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS779F5DFE-F3FC-413B-B0CA-4DCE68D7FD93.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS78B07302-63BF-416F-BEAB-D2BA4540E44B.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS87B79C83-764D-49CA-87CC-D40834A16E79.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS88ABBEA4-FA67-4B55-9D10-98B1715906E3.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8A6E7922-A5E2-4DAE-840B-8E8B097DEEB1.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS934EE6AA-4E0D-4440-95B1-D6C6DD028E26.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9514A268-21AA-4411-BCF3-7C44F101CCF3.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS957A2FA1-347B-4F53-BCDE-D62769DDC55A.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS95DEAC55-D76B-4E95-93F4-7E4BECA6882A.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9A06A991-1F85-4BE6-9DBD-B1B50A5BE2FF.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9C03C606-ED30-4D82-81FD-6E78EB22F863.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9C33297A-C3F1-4F93-BE21-36543AF65D29.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA0B6FFE1-7E00-4C29-8B81-A14A4627CDF7.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA31DCA6C-B3C4-43DB-B440-46AC2205D265.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAC75BC53-605E-4205-9206-E9EBDC205E8A.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAC8FE850-E2D2-4F6F-854D-00C752475A9D.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAF1B8E7B-265E-4F7E-A8DF-D5987288738E.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBDC151F4-3754-48A3-872D-438AA2EAE4FA.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBF8774A7-E44B-4D35-BC39-72434031BBDD.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC046B5D9-0FFB-473D-BDA0-F98C7296743C.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC23C90F7-011D-4F8E-AC2C-C13BB224E436.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC39EC968-4686-4DC6-8C51-0CDFAAC38803.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC3EAEA7E-D90A-4B4E-8F2C-AE34831633EC.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC77B7F37-D59C-425C-A549-489CF39BB80C.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSCAC23C30-18F9-4CDF-90D7-CCAECCF7E4A3.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSCFA3D604-6B16-4732-8A78-3D59E763CBB0.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDA31FC5F-2F4A-446D-8056-148C60B1C508.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDDBAF377-00AD-49C9-9639-B032CCDF74B6.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDEEEC690-B84F-4C65-8A18-57D8BCBE839F.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDF86C719-F66A-4153-A958-012FD3634178.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE6390E02-36C9-4F59-9A7D-A584BE4C37DF.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE6A24365-A8C1-49B4-99F9-A1368D219856.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE873A986-7FE0-4B62-A9EE-24A652872498.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE8939A12-8491-48F0-A775-8D490D89784D.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE95A885E-8994-4D23-BE5E-3613532058F4.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSEAEBB567-1BBC-42F2-9D91-4EE4F2527629.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSED86F19B-12B9-4B16-8FC0-E334963F7DFD.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF05D0DF1-133A-40F4-8BD5-577EAC88030B.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF907D315-648A-4206-AD2F-CC814CF54490.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSFBFBCD93-65EF-4025-BD92-6CF1B157B793.tmp Object is locked skipped H:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped H:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped H:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped H:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat Object is locked skipped H:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped H:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped H:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped H:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped H:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped H:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped H:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Cookies\index.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Historique\History.IE5\index.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Historique\History.IE5\MSHist012007053120070601\index.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temp\Perflib_Perfdata_844.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temp\~ROMFN_00000844 Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\NTUSER.DAT Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\ntuser.dat.LOG Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\UserData\index.dat Object is locked skipped H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-05-31.00-13-31.log Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx Object is locked skipped H:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped H:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped H:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped H:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP1\change.log Object is locked skipped H:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped H:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{8F7A8A77-9C07-4C98-8AED-05E5C01AF316}.crmlog Object is locked skipped H:\WINDOWS\SchedLgU.Txt Object is locked skipped H:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped H:\WINDOWS\Sti_Trace.log Object is locked skipped H:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped H:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped H:\WINDOWS\system32\config\default Object is locked skipped H:\WINDOWS\system32\config\default.LOG Object is locked skipped H:\WINDOWS\system32\config\Internet.evt Object is locked skipped H:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped H:\WINDOWS\system32\config\SAM Object is locked skipped H:\WINDOWS\system32\config\SAM.LOG Object is locked skipped H:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped H:\WINDOWS\system32\config\SECURITY Object is locked skipped H:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped H:\WINDOWS\system32\config\software Object is locked skipped H:\WINDOWS\system32\config\software.LOG Object is locked skipped H:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped H:\WINDOWS\system32\config\system Object is locked skipped H:\WINDOWS\system32\config\system.LOG Object is locked skipped H:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped H:\WINDOWS\system32\h323log.txt Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped H:\WINDOWS\Temp\Perflib_Perfdata_6b8.dat Object is locked skipped H:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped H:\WINDOWS\wiadebug.log Object is locked skipped H:\WINDOWS\wiaservc.log Object is locked skipped H:\WINDOWS\WindowsUpdate.log Object is locked skipped I:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed.

Bonjour, apres quelques plantage de kaspersky, voici enfin le rapport Wednesday, May 30, 2007 5:56:28 PM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 30/05/2007 Kaspersky Anti-Virus database records: 313231 Scan Settings Scan using the following antivirus database standard Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ K:\ L:\ Scan Statistics Total number of scanned objects 114578 Number of viruses found 4 Number of infected objects 9 / 0 Number of suspicious objects 6 Duration of the scan process 01:38:45 Infected Object Name Virus Name Last Action H:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt.zip/retadpu1000272.exe Suspicious: Password-protected-EXE skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt.zip ZIP: suspicious - 1 skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt2.zip/retadpu1000272.exe Suspicious: Password-protected-EXE skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt2.zip ZIP: suspicious - 1 skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt5.zip/retadpu1000272.exe Suspicious: Password-protected-EXE skipped H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentqt5.zip ZIP: suspicious - 1 skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0D32EAF0-4F13-43BE-AC7B-A4595D63C181.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0F14ECE9-E794-4D07-B5C8-1F20D284DD66.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0F31DCC6-DC74-4736-9D47-556C041E1B74.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS11B528E7-3185-46D4-BB0E-58201690278F.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS16565C4E-5F00-4A61-9ACB-98A28C30AE1B.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS1BC66D15-6429-465A-A801-CB4E64D47F78.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS1D4873C8-4FF8-4416-9D41-E32DFBDD9607.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS28A28BDD-C606-4364-AB1F-D73EBCA4A517.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS29E44392-7E4B-439A-BE57-435E0DCEEE52.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2A6774DF-4CE6-4867-9DF6-3A1D8D4A14F0.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2A87C3FA-527C-4A18-800E-BEE0AA20C668.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2F13DBC0-3B6C-428D-AA20-62CB8625E2E6.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS316FF1AB-C748-41A8-A1C6-7C83D7CDC21B.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS31AD08C6-F09C-4373-97F2-5A29A5AB5DC3.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS35B32EFB-FF96-4422-A39F-3D1A64645128.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3F445D55-D072-490F-8384-5BB32EFFAF33.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS40E574A7-DA2C-4C08-B9E0-E001C7DFD7BD.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4393B0B0-F9DE-4616-B69A-7D5E8E939905.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS440B6A58-2F72-433E-B0BB-2C8A1D724AF3.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4846E498-F3A6-4B30-9FDB-3EA4449B0848.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS48FAC90C-442E-4BC3-81AE-7CD4E6F540D9.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4B0C9149-BE68-4B95-B613-01397314B7D2.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4C9BE3F9-FE77-490B-A942-7F7BCE67A63C.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4EBEBE91-732A-4C3D-9AB2-04CAE6B9E006.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS5277CC10-34BE-4BFD-A082-C93FD5869061.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS58FE66C7-B712-4C5F-A9CE-2D4CF053C03C.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS59804105-0FA7-46CF-A70E-DA120BA73D18.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS5A7C7FC9-371F-44BC-912B-C0EC70B7E2E9.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS5C97E6D7-87C6-4BA1-9A1B-B380B1B84F1A.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS658410DE-F382-4083-BEFA-0DA2F8B0657D.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS673E58D2-A4BF-451C-A7C5-C8E436D8A816.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6A15584D-1A90-4F28-A677-D507D3BE0EB1.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS752AE600-AE90-42A3-8EF6-AFB119B63C5C.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS7774AACA-F8A3-4062-B39B-FB66970129B0.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS7A0DDCAC-F1D8-45C9-9F40-5FC0D37D49B6.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS7D3049E6-C4A7-4A5D-A76A-6572516D3BCD.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS7EE9C191-0DC2-4E08-BC98-FEA2BCB3F57F.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS82D084E7-D52F-42AC-8FB7-AE7BD902C72D.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS82E96758-EAF3-49A5-9EC2-112FA7790AAE.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8BE1D62D-2425-44DD-B4E7-F7BCA0FDDDDF.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8F8E8ECD-0DDF-4B06-A665-EDFAF4E3B316.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS91189F54-6486-439C-9056-42473E877E7B.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS945B15B4-69A3-4789-8EE2-FB0C64893DD4.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9774729C-54B1-4211-9849-CD93130923F2.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9A2BF970-3F48-458D-A25C-3125110CB879.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9A47832D-5954-4C5A-8005-A30AC26F7D0F.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA3932839-22EF-4514-BBE3-87E91384D8F3.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAB16B9CA-117A-42DF-9228-FC5DEA9D137A.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAC7DFECA-BBC8-4B3A-A5B7-C820474FBF76.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSADFF821E-B76A-4878-884E-C974ED0DB18B.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSB5596358-E10D-44CB-9081-72F644A4173D.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSB7C47014-2F28-4BAB-A1BD-876F9DB235A4.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBC3D7EF3-1301-41EE-AF04-B5FBEC97B247.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBE2E6F9B-D01D-4C30-BB5D-ED8595A3FE31.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC7610B5A-68A2-4DBF-8070-32FFEB6A5E4D.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD263F5E6-C1C6-4A8B-BE18-4F177F7DC9DF.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD4B17C46-F1D3-4031-900E-270D3989C6A6.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD78C7B06-1C0A-41AB-AE48-CB6730241EE7.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE38A2E35-A4BE-4A99-B9AF-D7DDE061FC04.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE78C3AA4-1B14-4DA7-8CD6-9F6F1B2D2A19.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSEBADA337-B838-4096-A212-5F2B745D97FE.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSECA8DD97-91EF-4563-8FF1-BDCBA33AA9B1.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSEDED8FB9-8175-4646-928C-8E9D79F7DC89.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSEE49215F-0918-488F-9F00-7EC6730E7371.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF0C9F27B-F8FE-411F-B63A-034DC7D21635.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF39CAC5B-479C-4339-8308-204C297C5B33.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF3B86A00-D3D9-4B87-A375-F63897CB0728.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF9429906-20B5-4BF7-9223-11D9DC857B2B.tmp Object is locked skipped H:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSFA5FA6A5-98C4-4292-8251-8D15DA3367B2.tmp Object is locked skipped H:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped H:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped H:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped H:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped H:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped H:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped H:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped H:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped H:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped H:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped H:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Cookies\index.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Historique\History.IE5\index.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Historique\History.IE5\MSHist012007053020070531\index.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\NTUSER.DAT Object is locked skipped H:\Documents and Settings\PROPRIETAIRE\ntuser.dat.LOG Object is locked skipped H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-05-30.07-32-04.log Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped H:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log Object is locked skipped H:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx Object is locked skipped H:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped H:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped H:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped H:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP127\A0017753.exe Infected: Trojan.Win32.Dialer.qn skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP127\A0017754.exe Infected: Trojan-Downloader.Win32.LoadAdv.gen skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP127\A0017758.exe/data.rar/keygen.exe Infected: Trojan-Downloader.Win32.LoadAdv.gen skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP127\A0017758.exe/data.rar/serial.exe Infected: Trojan.Win32.Dialer.qn skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP127\A0017758.exe/data.rar Infected: Trojan.Win32.Dialer.qn skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP127\A0017758.exe RarSFX: infected - 3 skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP128\A0019864.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP128\A0019918.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP129\A0022227.dll Infected: Trojan.Win32.Dialer.qn skipped H:\System Volume Information\_restore{E794E933-603A-4D46-BC6F-D6778D502E48}\RP129\change.log Object is locked skipped H:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped H:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{D0352AE7-91A5-4ED7-8DAE-917A6CCF0D3A}.crmlog Object is locked skipped H:\WINDOWS\SchedLgU.Txt Object is locked skipped H:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped H:\WINDOWS\Sti_Trace.log Object is locked skipped H:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped H:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped H:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped H:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped H:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped H:\WINDOWS\system32\config\default Object is locked skipped H:\WINDOWS\system32\config\default.LOG Object is locked skipped H:\WINDOWS\system32\config\Internet.evt Object is locked skipped H:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped H:\WINDOWS\system32\config\SAM Object is locked skipped H:\WINDOWS\system32\config\SAM.LOG Object is locked skipped H:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped H:\WINDOWS\system32\config\SECURITY Object is locked skipped H:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped H:\WINDOWS\system32\config\software Object is locked skipped H:\WINDOWS\system32\config\software.LOG Object is locked skipped H:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped H:\WINDOWS\system32\config\system Object is locked skipped H:\WINDOWS\system32\config\system.LOG Object is locked skipped H:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped H:\WINDOWS\system32\h323log.txt Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped H:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped H:\WINDOWS\Temp\Perflib_Perfdata_6b4.dat Object is locked skipped H:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped H:\WINDOWS\wiadebug.log Object is locked skipped H:\WINDOWS\wiaservc.log Object is locked skipped H:\WINDOWS\WindowsUpdate.log Object is locked skipped I:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed.

milles merci sans toi m en serai jamais tiré

merci beaucoup cher monsieur pour ton humour décapant, pour info le problème est résolu merci bertrandB pout ton aide, le problème venait du bios que j avais laissé en auto, voila. Et oui effectivement je n y connait pas grand chose mais bon je fais ce que je peux Encore merci

me revoila encore mille merci pour tout ce que tu as déja fait, voici ce que tu m as demandé : Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 21:02:50, on 29/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: H:\WINDOWS\System32\smss.exe H:\WINDOWS\system32\winlogon.exe H:\WINDOWS\system32\services.exe H:\WINDOWS\system32\lsass.exe H:\WINDOWS\system32\svchost.exe H:\WINDOWS\System32\svchost.exe H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe H:\Program Files\Alwil Software\Avast4\ashServ.exe H:\WINDOWS\system32\spoolsv.exe H:\WINDOWS\eHome\ehRecvr.exe H:\WINDOWS\eHome\ehSched.exe H:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe H:\WINDOWS\system32\nvsvc32.exe H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe H:\WINDOWS\Explorer.EXE H:\WINDOWS\system32\svchost.exe H:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe H:\WINDOWS\ehome\ehtray.exe H:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe H:\WINDOWS\eHome\ehmsas.exe H:\Program Files\Alwil Software\Avast4\ashWebSv.exe H:\WINDOWS\system32\dllhost.exe H:\Program Files\Java\jre1.6.0_01\bin\jusched.exe H:\WINDOWS\system32\LVCOMSX.EXE H:\Program Files\Logitech\Video\LogiTray.exe H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE H:\WINDOWS\system32\rundll32.exe H:\WINDOWS\RTHDCPL.EXE H:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe H:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe H:\WINDOWS\system32\ctfmon.exe H:\Program Files\MSN Messenger\MsnMsgr.Exe H:\Program Files\Logitech\Video\FxSvr2.exe H:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe H:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe H:\WINDOWS\system32\wuauclt.exe H:\Documents and Settings\PROPRIETAIRE\Bureau\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {018F8182-CDC3-43FD-87DB-E61F955CA6EC} - (no file) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: metaspinner media GmbH - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - H:\PROGRA~1\YETISP~1\IEBUTT~1.DLL O2 - BHO: (no name) - {4B646AFB-9341-4330-8FD1-C32485AEE619} - H:\WINDOWS\system32\eyjecsfd.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {59882460-DA99-43EB-B219-4A2BF239681A} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {8071E65A-3F56-4426-8372-8667CD213057} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {FE47E88E-F470-4439-97D8-94C10F6BCB57} - (no file) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ehTray] H:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Vade Retro Outlook Express] "H:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Name of App] "H:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe" O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" H:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Picasa Media Detector] "H:\Program Files\Picasa2\PicasaMediaDetector.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [LVCOMSX] H:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] "H:\Program Files\Logitech\Video\ISStart.exe" O4 - HKLM\..\Run: [LogitechVideoTray] "H:\Program Files\Logitech\Video\LogiTray.exe" O4 - HKLM\..\Run: [\\Olive-is5zaz93r\EPSON Stylus D68 Series] "H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE" /P41 "\\Olive-is5zaz93r\EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68" O4 - HKLM\..\Run: [EPSON Stylus D68 Series] "H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE" /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68" O4 - HKLM\..\Run: [Auto EPSON Stylus D68 Series sur ENBAS] "H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE" /P38 "Auto EPSON Stylus D68 Series sur ENBAS" /O18 "\\ENBAS\Imprimante" /M "Stylus D68" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [spySweeper] "H:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "H:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [skype] "H:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [eMuleAutoStart] "H:\Program Files\eMule\emule.exe" -AutoStart O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Synchronizer.lnk = H:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = H:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - H:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: wingdm32 - wingdm32.dll (file missing) O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - H:\WINDOWS\System32\dmadmin.exe O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - H:\WINDOWS\eHome\ehSched.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - H:\WINDOWS\system32\services.exe O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - H:\WINDOWS\system32\imapi.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - H:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - H:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - H:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - H:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - H:\WINDOWS\System32\SCardSvr.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - H:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - H:\WINDOWS\System32\vssvc.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - H:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - H:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 11203 bytes et voila pour spysweeper 20:53: Removal process completed. Elapsed time 00:00:49 20:53: Quarantining All Traces: trojan-koos 20:53: Quarantining All Traces: purityscan 20:53: Quarantining All Traces: virtumonde 20:53: wingdm32.dll is in use. It will be removed on reboot. 20:53: wingdm32.dll is in use. It will be removed on reboot. 20:53: trojan agent winlogonhook is in use. It will be removed on reboot. 20:53: Quarantining All Traces: trojan agent winlogonhook 20:53: Quarantining All Traces: whenu savenow 20:52: Removal process initiated 20:52: Traces Found: 12 20:52: Custom Sweep has completed. Elapsed time 00:28:05 20:52: wingdm32.dll (ID = 360877) 20:52: Detected running threat: wingdm32.dll (ID = 360877) 20:52: File Sweep Complete, Elapsed Time: 00:27:14 Espace insuffisant pour traiter cette commande 20:51: Warning: Unable to sweep compressed file: System Error. Code: 8. Accès refusé 20:51: Warning: Unable to sweep compressed file: System Error. Code: 5. Accès refusé 20:51: Warning: Unable to sweep compressed file: System Error. Code: 5. Espace insuffisant pour traiter cette commande 20:51: Warning: Unable to sweep compressed file: System Error. Code: 8. Espace insuffisant pour traiter cette commande 20:51: Warning: Unable to sweep compressed file: System Error. Code: 8. Espace insuffisant pour traiter cette commande 20:51: Warning: Unable to sweep compressed file: System Error. Code: 8. Accès refusé 20:51: Warning: Unable to sweep compressed file: System Error. Code: 5. Accès refusé 20:51: Warning: Unable to sweep compressed file: System Error. Code: 5. Espace insuffisant pour traiter cette commande 20:38: Warning: Unable to sweep compressed file: System Error. Code: 8. Espace insuffisant pour traiter cette commande 20:38: Warning: Unable to sweep compressed file: System Error. Code: 8. 20:38: Warning: SweepDirectories: Cannot find directory "l:". This directory was not added to the list of paths to be scanned. 20:38: Warning: SweepDirectories: Cannot find directory "k:". This directory was not added to the list of paths to be scanned. 20:38: Warning: SweepDirectories: Cannot find directory "j:". This directory was not added to the list of paths to be scanned. 20:25: yazzle1162oinuninstaller.exe (ID = 516993) 20:25: Warning: SweepDirectories: Cannot find directory "g:". This directory was not added to the list of paths to be scanned. 20:25: Warning: SweepDirectories: Cannot find directory "f:". This directory was not added to the list of paths to be scanned. 20:25: Warning: SweepDirectories: Cannot find directory "e:". This directory was not added to the list of paths to be scanned. 20:25: Starting File Sweep 20:25: Warning: SweepDirectories: Cannot find directory "c:". This directory was not added to the list of paths to be scanned. 20:25: Cookie Sweep Complete, Elapsed Time: 00:00:00 20:25: Starting Cookie Sweep 20:25: Registry Sweep Complete, Elapsed Time:00:00:08 20:25: HKLM\system\currentcontrolset\services\poof\ (ID = 2136492) 20:25: HKLM\system\controlset002\services\poof\ (ID = 2109010) 20:25: HKLM\system\controlset001\services\poof\ (ID = 2108973) 20:25: Found Trojan Horse: trojan-koos 20:25: HKLM\software\microsoft\windows\currentversion\uninstall\outerinfo\ (ID = 2063030) 20:25: Found Adware: purityscan 20:25: HKLM\software\microsoft\uniqdata\ (ID = 1997747) 20:25: Found Adware: virtumonde 20:25: HKLM\software\microsoft\mssmgr\ (ID = 1776755) 20:25: Found Trojan Horse: trojan agent winlogonhook 20:25: HKLM\software\classes\wusn.1\ (ID = 635554) 20:25: HKCR\wusn.1\ (ID = 635412) 20:25: HKCR\wusn.1\ (ID = 140463) 20:25: Found Adware: whenu savenow 20:25: Starting Registry Sweep 20:25: Memory Sweep Complete, Elapsed Time: 00:00:42 20:24: Starting Memory Sweep 20:24: Sweep initiated using definitions version 919 20:24: Spy Sweeper 5.3.2.2361 started 20:24: | Start of Session, mardi 29 mai 2007 | *************** 20:23: Program Version 5.3.2.2361 Using Spyware Definitions 919 20:23: Spy Sweeper 5.3.2.2361 started 20:23: | Start of Session, mardi 29 mai 2007 | *************** 20:21: ApplicationMinimized - EXIT 20:21: ApplicationMinimized - ENTER 20:18: Your spyware definitions have been updated. Keylogger: Off BHO Shield: On IE Security Shield: On Alternate Data Stream (ADS) Execution Shield: On Startup Shield: On Common Ad Sites: Off Hosts File Shield: On Internet Communication Shield: On ActiveX Shield: On Windows Messenger Service Shield: On IE Favorites Shield: On Spy Installation Shield: On Memory Shield: Off IE Hijack Shield: On IE Tracking Cookies Shield: Off 20:17: Shield States 20:17: Spyware Definitions: 866 20:17: Spy Sweeper 5.3.2.2361 started 20:17: Spy Sweeper 5.3.2.2361 started 20:17: | Start of Session, mardi 29 mai 2007 | merci encore Olivier

je reviens plus tard je doit ramener mes filles chez leur mère encore merci au fait je doit couper mon pc ou pas? je suis encore là jusqu a 17 h encore milles merci si je te revois pas d ici là olivier