gamebob

salut les pros, je n'en suis peut être pas un mais je ne suis pas non plus un lapin de 3 semaines ..... je suis un fervent partisant de tous les logiciels libres type Open office (que j'ai bien sur), Firefox etc.. mais si je vous dis que c'est après l'avoir untilisé que j'ai eu des pb de malwares, c'est vrai !! d'autre part je ne fais jamais de téléchargement illicites ou dangereux, alors pouet pouet ! le seul défaut que je reconnaisse c'est d'utiliser Norton. Merci à Zonk pour son éclairage

malheureusement je n'utilise pas Firefox. j'ai voulu essaier 3 fois (pour virer IE) mais les 3 fois je me suis choper plein d'espions et j'ai du faire appel à Zebulon pour m'en sortir. moi qui le croyait mieux sécurisé ....!! avec ie ton tuto fonctionne ?

Bonjour, ttes les semaines mon anti vir me détecte Tracking Coockie, le supprime. mais il reviens sans cesse !! et j'ai ça sur mes 2 ordis peut on le suppr définitevement ?

Merci et rassures toi je ne suis ni pirate (je n'aurais pas besoin d'aide) ni téléchargeur à donf, c'est trés ponctuel et ciblé. je vais d'ailleurs arrêter LM car il ramène 99% de m.... Et je vais lire les sujets proposés ! Salut

la 2° soluce est trés bien MERCI mais peut t'on trouver cette liste (fichier) qq part pour la corriger de façon + globale en 1 fois ?

Avira AntiVir Personal Report file date: mardi 19 août 2008 20:07 Scanning for 1562251 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: PARENTS Version information: BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.6.10 2587136 Bytes 14/08/2008 09:18:31 ANTIVIR3.VDF : 7.0.6.31 149504 Bytes 19/08/2008 07:53:00 Engineversion : 8.1.1.23 AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50 AESCRIPT.DLL : 8.1.0.68 315770 Bytes 19/08/2008 07:53:37 AESCN.DLL : 8.1.0.23 119156 Bytes 15/08/2008 09:18:48 AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/08/2008 09:18:47 AEOFFICE.DLL : 8.1.0.22 192890 Bytes 19/08/2008 07:53:36 AEHEUR.DLL : 8.1.0.50 1388918 Bytes 19/08/2008 07:53:34 AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50 AEGEN.DLL : 8.1.0.36 315764 Bytes 19/08/2008 07:53:03 AEEMU.DLL : 8.1.0.7 430452 Bytes 15/08/2008 09:18:36 AECORE.DLL : 8.1.1.8 172406 Bytes 15/08/2008 09:18:34 AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 15/08/2008 09:18:33 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: mardi 19 août 2008 20:07 Starting search for hidden objects. '64966' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned Scan process 'OUTLOOK.EXE' - '1' Module(s) have been scanned Scan process 'symlcsvc.exe' - '1' Module(s) have been scanned Scan process 'usnsvc.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'WZQKPICK.EXE' - '1' Module(s) have been scanned Scan process 'DrvMon.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'ccSvcHst.exe' - '1' Module(s) have been scanned Scan process 'CamService.exe' - '1' Module(s) have been scanned Scan process 'issch.exe' - '1' Module(s) have been scanned Scan process 'SAgent2.exe' - '1' Module(s) have been scanned Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'Directcd.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'ccProxy.exe' - '1' Module(s) have been scanned Scan process 'ccSvcHst.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 41 processes with 41 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Master boot sector HD2 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '66' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\eMule\MuleIncoming\Native\NATIVE.INSTRUMENTS.TRAKTOR.DJ.STUDIO.V3.2.CRACKED-JGT.rar [0] Archive type: RAR --> jgt-nt07.zip [1] Archive type: ZIP --> jgt-nit3.r05 [2] Archive type: RAR --> Crack\TraktorDJStudio3.exe [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Limewire Pro 4.12.6\LimeWire\Incoming\ConvertXtoDvd v2.1.8.193.zip [0] Archive type: ZIP --> convertxtodvd. generic.141206 -patch.exe [DETECTION] Is the TR/Virtl.6857 Trojan [NOTE] A backup was created as '4919128e.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b75c4cf.qua' ( QUARANTINE ) C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcrst.dll [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\atapi.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <données> End of the scan: mardi 19 août 2008 21:04 Used time: 56:43 Minute(s) The scan has been done completely. 6661 Scanning directories 442413 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 2 files were moved to quarantine 0 files were renamed 3 Files cannot be scanned 442409 Files not concerned 3391 Archives were scanned 4 Warnings 1 Notes 64966 Objects were scanned with rootkit scan 0 Hidden objects were found SI J'EFFACE LE FICHIER CA SUFFIT ???

ERREUR IL Y A ENCORE QQ CHOSE pendant que je te répondais j'ai fait unscan total par sécu il a trouvé : TR:virtl6857 j'attends la fin et je te poste le rapport (ça peut être long j'en suis à 30%)

bonjour, comment faire pour supprimer ou corriger la liste des adresses mails que Outlook propose lorsqu'on en tape le début ? j'ai fouillé ttes les options mais je j'ai pas trouvé y a t'il qq de plus malins que moi ? a+

salut bon, tout va bien, le guard ne détecte plus rien. je te remercie pour ton aide Gof si je me souviens bien tu m'à déjà dépanné par le passé, tu est vraiment efficace ! je te laisse Non j'ai une question sur Outlook, mais je vais peut être la poser sur le forum adequat. rdv là bas ! (comment faire pour supprimer ou corriger la liste des adresses mails que Outlook propose lorsqu'on en tape le début ?)

apperemment il ne détecte plus mais je préfère attendre demain soir pour donner un verdict en attendant pour remplacer NIS je veux bien mais qu y a t'il qui : soit sérieux et pérenne et suivi fasse antivirus fasse parefeu fasse antipub fasse anti phising fasse antispam analiseur de courriers ..... pas cher le moins d'install possible ???? a demain

je voudrais garder NIS et n'utiliser Antivir que pour des scans ponctuels mais je n'ai pas trouvé la façon de le désactiver (sinon de le désinstaller)..... 11/08/2008,20:29:33 --------------------------------------------------------- 11/08/2008,20:29:36 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 11/08/2008,20:29:36 AntiVir Guard version: 8.00.01.26,engine version 8.1.1.6,VDF version: 7.0.5.23 11/08/2008,20:29:37 AntiVir Guard was enabled. 11/08/2008,20:29:37 Avira AntiVir Personal - Free Antivirus has been started successfully! 11/08/2008,20:29:37 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 11/08/2008,20:37:44 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 11/08/2008,20:45:12 Avira AntiVir Personal - Free Antivirus service has been stopped! 11/08/2008,21:33:33 --------------------------------------------------------- 11/08/2008,21:33:46 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 11/08/2008,21:33:46 AntiVir Guard version: 8.00.01.26,engine version 8.1.1.6,VDF version: 7.0.5.23 11/08/2008,21:33:47 AntiVir Guard was enabled. 11/08/2008,21:33:47 Avira AntiVir Personal - Free Antivirus has been started successfully! 11/08/2008,21:33:47 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 11/08/2008,21:35:41 Avira AntiVir Personal - Free Antivirus service has been stopped! 11/08/2008,23:04:31 --------------------------------------------------------- 11/08/2008,23:04:42 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 11/08/2008,23:04:42 AntiVir Guard version: 8.00.01.26,engine version 8.1.1.6,VDF version: 7.0.5.23 11/08/2008,23:04:43 AntiVir Guard was enabled. 11/08/2008,23:04:43 Avira AntiVir Personal - Free Antivirus has been started successfully! 11/08/2008,23:04:43 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 12/08/2008,00:19:41 Avira AntiVir Personal - Free Antivirus service has been stopped! 14/08/2008,00:49:17 --------------------------------------------------------- 14/08/2008,00:49:26 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 14/08/2008,00:49:26 AntiVir Guard version: 8.00.01.26,engine version 8.1.1.6,VDF version: 7.0.5.23 14/08/2008,00:49:27 AntiVir Guard was enabled. 14/08/2008,00:49:27 Avira AntiVir Personal - Free Antivirus has been started successfully! 14/08/2008,00:49:27 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 14/08/2008,01:22:38 Avira AntiVir Personal - Free Antivirus service has been stopped! 15/08/2008,11:15:35 --------------------------------------------------------- 15/08/2008,11:15:47 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 15/08/2008,11:15:47 AntiVir Guard version: 8.00.01.26,engine version 8.1.1.6,VDF version: 7.0.5.23 15/08/2008,11:15:49 AntiVir Guard was enabled. 15/08/2008,11:15:49 Avira AntiVir Personal - Free Antivirus has been started successfully! 15/08/2008,11:15:49 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 15/08/2008,11:19:00 Avira AntiVir Personal - Free Antivirus service has been stopped! 15/08/2008,11:19:04 --------------------------------------------------------- 15/08/2008,11:19:06 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 15/08/2008,11:19:06 AntiVir Guard version: 8.00.01.27,engine version 8.1.1.19,VDF version: 7.0.6.19 15/08/2008,11:19:07 AntiVir Guard was enabled. 15/08/2008,11:19:07 Avira AntiVir Personal - Free Antivirus has been started successfully! 15/08/2008,11:19:07 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 15/08/2008,11:19:11 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 15/08/2008,12:31:21 [WARNING] Is the TR/Trash.Gen Trojan! C:\System Volume Information\_restore{F24584CF-85F2-40B5-8BDF-7D4787F61D9E}\RP500\A0045326.exe [iNFO] The file will be deleted. 15/08/2008,19:44:04 Avira AntiVir Personal - Free Antivirus service has been stopped! 15/08/2008,19:45:52 --------------------------------------------------------- 15/08/2008,19:46:11 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 15/08/2008,19:46:11 AntiVir Guard version: 8.00.01.27,engine version 8.1.1.19,VDF version: 7.0.6.19 15/08/2008,19:46:12 AntiVir Guard was enabled. 15/08/2008,19:46:12 Avira AntiVir Personal - Free Antivirus has been started successfully! 15/08/2008,19:46:12 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 15/08/2008,20:55:17 [WARNING] Is the TR/Trash.Gen Trojan! C:\System Volume Information\_restore{F24584CF-85F2-40B5-8BDF-7D4787F61D9E}\RP500\A0045327.exe [iNFO] No right to access the file. 15/08/2008,23:28:15 Avira AntiVir Personal - Free Antivirus service has been stopped! 16/08/2008,14:49:01 --------------------------------------------------------- 16/08/2008,14:49:16 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 16/08/2008,14:49:16 AntiVir Guard version: 8.00.01.27,engine version 8.1.1.19,VDF version: 7.0.6.19 16/08/2008,14:49:18 AntiVir Guard was enabled. 16/08/2008,14:49:18 Avira AntiVir Personal - Free Antivirus has been started successfully! 16/08/2008,14:49:18 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 16/08/2008,14:51:28 Update process started! 16/08/2008,14:51:30 Current Engine Version: 8.1.1.19 16/08/2008,14:51:30 Current Pattern File: 7.0.6.24 16/08/2008,14:51:30 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 16/08/2008,15:07:18 Avira AntiVir Personal - Free Antivirus service has been stopped! 16/08/2008,19:21:46 --------------------------------------------------------- 16/08/2008,19:21:58 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 16/08/2008,19:21:58 AntiVir Guard version: 8.00.01.27,engine version 8.1.1.19,VDF version: 7.0.6.24 16/08/2008,19:21:59 AntiVir Guard was enabled. 16/08/2008,19:22:00 Avira AntiVir Personal - Free Antivirus has been started successfully! 16/08/2008,19:22:00 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 16/08/2008,22:38:20 [WARNING] Is the TR/Trash.Gen Trojan! C:\System Volume Information\_restore{F24584CF-85F2-40B5-8BDF-7D4787F61D9E}\RP500\A0045327.exe [iNFO] The file will be deleted. 16/08/2008,23:35:18 Avira AntiVir Personal - Free Antivirus service has been stopped! 17/08/2008,10:47:37 --------------------------------------------------------- 17/08/2008,10:47:49 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 17/08/2008,10:47:49 AntiVir Guard version: 8.00.01.27,engine version 8.1.1.19,VDF version: 7.0.6.24 17/08/2008,10:47:50 AntiVir Guard was enabled. 17/08/2008,10:47:50 Avira AntiVir Personal - Free Antivirus has been started successfully! 17/08/2008,10:47:50 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 17/08/2008,11:44:32 Avira AntiVir Personal - Free Antivirus service has been stopped! 18/08/2008,09:51:00 --------------------------------------------------------- 18/08/2008,09:51:10 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 18/08/2008,09:51:10 AntiVir Guard version: 8.00.01.27,engine version 8.1.1.19,VDF version: 7.0.6.24 18/08/2008,09:51:11 AntiVir Guard was enabled. 18/08/2008,09:51:11 Avira AntiVir Personal - Free Antivirus has been started successfully! 18/08/2008,09:51:11 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 18/08/2008,09:53:20 Update process started! 18/08/2008,09:53:22 Current Engine Version: 8.1.1.19 18/08/2008,09:53:22 Current Pattern File: 7.0.6.25 18/08/2008,09:53:22 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 18/08/2008,10:53:14 Avira AntiVir Personal - Free Antivirus service has been stopped! 18/08/2008,11:51:16 --------------------------------------------------------- 18/08/2008,11:51:27 Keyfile contains a valid license. The Avira AntiVir Personal - Free Antivirus will run as a fully functional version! 18/08/2008,11:51:27 AntiVir Guard version: 8.00.01.27,engine version 8.1.1.19,VDF version: 7.0.6.25 18/08/2008,11:51:28 AntiVir Guard was enabled. 18/08/2008,11:51:28 Avira AntiVir Personal - Free Antivirus has been started successfully! 18/08/2008,11:51:28 [CONFIG] On-Access configuration used: - Files to scan: scan files from local drives - Device mode: scan files on open, scan files on close - Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP - Unpack runtime compressed files - Actions: ask the user - Heuristic: MACRO , WIN32 MEDIUM - Logfile report level 1 18/08/2008,12:54:58 [WARNING] Is the TR/Trash.Gen Trojan! C:\System Volume Information\_restore{F24584CF-85F2-40B5-8BDF-7D4787F61D9E}\RP500\A0045328.exe [iNFO] The file will be deleted. 18/08/2008,19:54:57 [WARNING] Is the TR/Killav.28714 Trojan! C:\System Volume Information\_restore{F24584CF-85F2-40B5-8BDF-7D4787F61D9E}\RP500\A0045329.dll [iNFO] No right to access the file.

depuis mon 1* message celui ci est apparu "TR/Killav.28714" c'est Antivir qui les attire ? nb c'est le modul permanent qui les détecte Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:58:56, on 18/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Hercules\DualPix Exchange\Camservice.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\DrvMon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [intelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" BOOT O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [CamserviceDP] C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1170000318640 O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1170008711046 O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 10263 bytes

bjr, depuis que j'ai installé Antivir il me detecte à chaque fois de TreshGen et qq options que je prenne ( effacer ou autre) il reviens tt le temps! il n'a pas l'air méchant mais j'aime pas ! y a t'il une soluce définitive ?

Bjr, je suis de retour pour effectuer la suite voici le rapport de nettoyage MBAM et Antivir sont tjrs là Est ce que MBAM peut s'utiliser de tps en tps? Est ce que Antivir peut rester en double avec NIS? -->- Recherche: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé ! C:\Documents and Settings\ERICetSYLVIE\Bureau\HijackThis.lnk: trouvé ! C:\Documents and Settings\ERICetSYLVIE\Bureau\OtMoveIt2.exe: trouvé ! C:\Documents and Settings\ERICetSYLVIE\Recent\HijackThis.lnk: trouvé ! C:\Program Files\Trend Micro\HijackThis: trouvé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé ! C:\Documents and Settings\ERICetSYLVIE\Bureau\HijackThis.lnk: supprimé ! C:\Documents and Settings\ERICetSYLVIE\Bureau\OtMoveIt2.exe: supprimé ! C:\Documents and Settings\ERICetSYLVIE\Recent\HijackThis.lnk: supprimé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé ! C:\Program Files\Trend Micro\HijackThis: supprimé !

ça y est, j'ai été pertyurbé mais j'ai pu finir... MBAM a trouver des chose et Antivir aussi; voici les rapports NB si il y a une suite je ne pense pas pouvoir l'entreprendre avant jeudi soir En attendant merci et à jeudi . Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1041 Windows 5.1.2600 Service Pack 2 20:04:52 11/08/2008 mbam-log-8-11-2008 (20-04-52).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 133241 Temps écoulé: 56 minute(s), 41 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 9 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\Interface\{48dc6ffb-64d7-42e8-949d-8ef2641eb73a} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{b4094603-dda9-4caf-9b13-0ad1034c9c53} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssite (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\SEC (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rightonadz (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f245154-2783-f582-8feb-1bb90f943070} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5f245154-2783-f582-8feb-1bb90f943070} (Adware.BHO) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winsys2 (Spyware.OnlineGames) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\adssite-remove.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\WinSys2.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rightonadz-uninst.exe (Adware.BHO) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nsd49.dll (Adware.BHO) -> Quarantined and deleted successfully. ****************************** Avira AntiVir Personal Report file date: lundi 11 août 2008 21:38 Scanning for 1369550 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Save mode Username: Administrateur Computer name: PARENTS Version information: BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 05:20:53 ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 30/06/2008 09:24:47 Engineversion : 8.1.1.6 AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50 AESCRIPT.DLL : 8.1.0.46 283002 Bytes 08/07/2008 06:33:29 AESCN.DLL : 8.1.0.22 119157 Bytes 09/07/2008 08:46:50 AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50 AEPACK.DLL : 8.1.1.6 364918 Bytes 09/07/2008 08:46:50 AEOFFICE.DLL : 8.1.0.20 192891 Bytes 09/07/2008 08:46:50 AEHEUR.DLL : 8.1.0.35 1298806 Bytes 08/07/2008 06:33:29 AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50 AEGEN.DLL : 8.1.0.29 307573 Bytes 09/07/2008 08:46:50 AEEMU.DLL : 8.1.0.6 430451 Bytes 09/07/2008 08:46:50 AECORE.DLL : 8.1.1.3 172404 Bytes 09/07/2008 08:46:50 AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 14:35:20 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: lundi 11 août 2008 21:38 Starting search for hidden objects. The driver could not be initialized. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 11 processes with 11 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '66' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\ERICetSYLVIE\Local Settings\Temp\s298.6.exe [DETECTION] Contains recognition pattern of the DR/Agent.ZM.3 dropper [NOTE] A backup was created as '48d9993f.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] The driver could not be initialized. [NOTE] The file was deleted! C:\Documents and Settings\ERICetSYLVIE\Local Settings\Temporary Internet Files\Content.IE5\91F5YJV8\menu2[1].js [DETECTION] Contains recognition pattern of the JS/Redirector.A Java script virus [NOTE] A backup was created as '490e9a39.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [WARNING] The file could not be copied to the quarantine directory. [WARNING] Error in ARK lib [NOTE] The file was deleted! C:\Documents and Settings\ERICetSYLVIE\Local Settings\Temporary Internet Files\Content.IE5\AEDUCBMC\stylesMenu[1].css [DETECTION] Contains recognition pattern of the JS/Redirector.A Java script virus [NOTE] A backup was created as '49199a60.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] The driver could not be initialized. [NOTE] The file was deleted! C:\Documents and Settings\ERICetSYLVIE\Local Settings\Temporary Internet Files\Content.IE5\UDS39IL1\styles3[1].css [DETECTION] Contains recognition pattern of the JS/Redirector.A Java script virus [NOTE] A backup was created as '49199b16.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [WARNING] The file could not be copied to the quarantine directory. [WARNING] Error in ARK lib [NOTE] The file was deleted! C:\eMule\MuleIncoming\Native\NATIVE.INSTRUMENTS.TRAKTOR.DJ.STUDIO.V3.2.CRACKED-JGT.rar [0] Archive type: RAR --> jgt-nt07.zip [1] Archive type: ZIP --> jgt-nit3.r05 [2] Archive type: RAR --> Crack\TraktorDJStudio3.exe [WARNING] No further files can be extracted from this archive. The archive will be closed C:\WINDOWS\system32\drivers\atapi.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <données> End of the scan: lundi 11 août 2008 22:52 Used time: 1:13:16 Hour(s) The scan has been done completely. 6485 Scanning directories 445752 Files were scanned 4 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 4 files were deleted 0 files were repaired 4 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 445746 Files not concerned 3196 Archives were scanned 5 Warnings 4 Notes

bjr, qq pourrais m'aider à m'en débarasser voici le rapport HighJackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:18:47, on 11/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Hercules\DualPix Exchange\Camservice.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\DrvMon.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: adssite - {5f245154-2783-f582-8feb-1bb90f943070} - C:\WINDOWS\system32\nsd49.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [intelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" BOOT O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [CamserviceDP] C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1170000318640 O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1170008711046 O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 9637 bytes

salut, depuis qq jours je vois apparraitre un écran de démarrage signalant un pb de dll introuvable pour gmzrotate gmzrotate est indiqué dans les lancements au démarrage. à quoi sert il ? est un virus ? comment m'en débarrasser ? a +

zonk tu es l'astuce à fonctionné pour dialer.ACT, mais aussi pour FatObfus sur un autre pc ! merci pour les logiciels de nettoyage je faisais bien en Sans Echec, mais je ne désactivais pas la restauration .... tchao

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:55:31, on 18/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\CTHELPER.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\utilitairesPC\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Internet Explorer\iexplore.exe C:\DOCUME~1\LESMECS\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [CTStartup] C:\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Jet Detection] C:\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?5fa01ee3078d4312bd294e70e2e2a94d O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?5fa01ee3078d4312bd294e70e2e2a94d O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1138302726375 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1138306618515 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\utilitairesPC\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe O24 - Desktop Component 0: (no name) - http://www.soulcalibur.com/souls/movelist....p;list=attacks# O24 - Desktop Component 2: (no name) - http://www.youtube.com/watch?v=EZibAvGhsjM -- End of file - 9775 bytes

au secours (c'est banal sur ces forums...) je suis infecté par le trojan Dialer.ACT Bit Defender le détecte mais ne l'éradique pas!!!! j'ai essayé tts les sol simple trouvé sur les forums à base de ADawre, CCcleaner, sans restauration, sans échec etc... mais rien à y faire il se trouve dans C\volume system qq'un peut il me "sauver" ? merci