nono13

ok ca roule je m'y mets de suite merci @ +

j'aller te dire c'est partit !!!!! mais en faite ca fait 1h que j'essai de les trouvés dans C:\WINDOWS\system32 Grrr je suis vraiment un boulet !! edit: presque une 1h encore après je les trouve pas lol (je suis sur que c'est un truc a la con en plus) Je viens de trouver un chemin d'acces pour l'un d'eux mais j'arrive dans un dossier vide donc peut pas envoyer a Virus total C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18 edit 15h04: Toujours rien franchement j'ai regardé 1 par 1 les fichiers du systeme 32 et fais RECHERCHER sur le pc et dans le systeme 32 plein de fois mais y veulent pas se montrer

Wé tu parles y se sont mis le coup de grace (rugby) lool Negatif pas deNLite.. Par contre mon pare feu xp je l'ai désactivé depuis longtemps je me sers que de celui de bitdefender... RAPPORT DE KASPERSKY KASPERSKY ONLINE SCANNER REPORT Saturday, October 20, 2007 8:40:14 AM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 20/10/2007 Kaspersky Anti-Virus database records: 441375 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer A:\ C:\ D:\ Scan Statistics Total number of scanned objects 57523 Number of viruses found 2 Number of infected objects 6 Number of suspicious objects 0 Duration of the scan process 01:01:13 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\ONI\Application Data\Bitdefender\Desktop\Profiles\asdict.dat Object is locked skipped C:\Documents and Settings\ONI\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\cert8.db Object is locked skipped C:\Documents and Settings\ONI\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\formhistory.dat Object is locked skipped C:\Documents and Settings\ONI\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\history.dat Object is locked skipped C:\Documents and Settings\ONI\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\key3.db Object is locked skipped C:\Documents and Settings\ONI\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\parent.lock Object is locked skipped C:\Documents and Settings\ONI\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\search.sqlite Object is locked skipped C:\Documents and Settings\ONI\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\ONI\Bureau\Nettoyage PC\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\ONI\Bureau\Nettoyage PC\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\ONI\Bureau\Nettoyage PC\SmitfraudFix.exe RarSFX: infected - 2 skipped C:\Documents and Settings\ONI\Bureau\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\ONI\Cookies\index.dat Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_219.wmdb Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Application Data\Mozilla\Firefox\Profiles\t8smaabw.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Historique\History.IE5\MSHist012007102020071021\index.dat Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Temp\fla92.tmp Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Temp\~DF22D2.tmp Object is locked skipped C:\Documents and Settings\ONI\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\ONI\NTUSER.DAT Object is locked skipped C:\Documents and Settings\ONI\ntuser.dat.LOG Object is locked skipped C:\Program Files\BitComet\Downloads\Supernatural.S03E03.HDTV.XviD-XOR\Winzix.exe Object is locked skipped C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdfirewall.txt Object is locked skipped C:\Program Files\Softwin\BitDefender10\aspdict.dat Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{DB8A6DA4-FEDE-4494-BFA7-94B9D39FFAE1}\RP0\A0000013.exe Infected: not-a-virus:RiskTool.Win32.HideWindows skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\bdss.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\cmdow.exe Infected: not-a-virus:RiskTool.Win32.HideWindows skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\tmp00000546\tmp00000000 Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. Je vais installer spyterminator par contre j'avais deja testé zonealarm mais il était de longue en conflit avec bitdefender edit : A yé j'ai tout karchérisé avec Terminator c'est excellent !! voici le rapport Logfile of Spyware Terminator v2.0.1.224 (db:1.0.979.739) Scan Time: 20/10/2007 10:13:44 length: 2003 s Platform: Windows XP Service Pack 2 (WINNT 5.1.2600) User: Limited Boot Mode: Safe Scan type: Full_Spyware_Scan Scanned Objects: 84126 (Critical:0) Filter: No System items, No Safe items Running Processes WINWORD.EXE [Microsoft Corporation] : C:\Program Files\Microsoft Office\Office10\WINWORD.EXE Internet Settings R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.google.fr/ie R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.google.fr/ie R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = *.local R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain = R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName = BHO 02 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - [Pando] : C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL 02 - BHO: - {7E853D72-626A-48EC-A868-BA8D5E23E045} - File not found 02 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - [Pando] : C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL 02 - BHO: - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - File not found Toolbars 03 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - [Pando] : C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL StartUps 04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SuperCopier2.exe : [sFX TEAM] : C:\Program Files\SuperCopier2\SuperCopier2.exe 04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pando : [Pando Networks] : C:\Program Files\PANDO NETWORKS\PANDO\PANDO.EXE 04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, eMuleAutoStart : [http://www.emule-project.net]'>http://www.emule-project.net] : C:\Documents and Settings\ONI\MES DOCUMENTS\SAM\LOGICIEL\EMULE0.48A\EMULE0.48A\EMULE.EXE 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BDMCon : [sOFTWIN S.R.L.] : C:\Program Files\SOFTWIN\BITDEFENDER10\BDMCON.EXE 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BDAgent : [sOFTWIN S.R.L.] : C:\Program Files\SOFTWIN\BITDEFENDER10\BDAGENT.EXE 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PCSuiteTrayApplication : [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe 04 - Startup: %START_PROGRAMS%\Démarrage\UberIcon.lnk : C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe 04 - Startup: %START_PROGRAMSALL%\Démarrage\hp psc 1000 series.lnk [Hewlett-Packard Co.] : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe Shell Extensions Extension Affichage Panorama du Panneau de configuration - {42071714-76d4-11d1-8b24-00a0c9068ff3} - : deskpan.dll - {764BF0E1-F219-11ce-972D-00AA00A14F56} - File not found - {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - File not found Extension icône HyperTerminal - {88895560-9AA2-1069-930E-00AA0030EBC8} - : hticons.dll Barre des tâches et menu Démarrer - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - File not found Comptes d'utilisateurs - {7A9D77BD-5403-11d2-8785-2E0420524153} - File not found Explorateur de Bureau - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll - {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll IntelliType Pro Zooming Property Page - {97FA8AA2-EE77-4FF2-9449-424D8924EF21} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLZM.DLL IntelliType Pro Scrolling Property Page - {111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLWHL.DLL IntelliType Pro Key Settings Property Page - {ED6E87C6-8A83-43aa-8208-8DBC8247F4D2} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLKEY.DLL IntelliType Pro Wireless Control Panel Property Page - {A2569D1F-4E06-43EC-9825-0088B471BE47} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLWIR.DLL Page de propriétés sans fil - {20082881-FC36-4E47-9A7A-644C95FF749F} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLWIR.DLL Page des propriétés de la roulette - {AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLWHL.DLL Page des propriétés des activités - {653DCCC2-13DB-45B2-A389-427885776CFE} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLACT.DLL Page des propriétés des boutons - {124597D8-850A-41AE-849C-017A4FA99CA2} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLBTN.DLL CMenuExtender - {ABC70703-32AF-11d4-90C4-D483A70F4825} - [Revenger inc.] : C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} - [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll 7-Zip Shell Extension - {23170F69-40C1-278A-1000-000100020000} - [igor Pavlov] : C:\Program Files\7-Zip\7-zip.dll dBpShell Class - {FED7043D-346A-414D-ACD7-550D052499A7} - : C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll dMCIShell Class - {2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5} - : C:\Program Files\Illustrate\dBpowerAMP\dMCShell.dll Winsock 2 [Apple Computer, Inc.] : C:\Program Files\Bonjour\mdnsNSP.dll Services 23 - [GRISOFT, s.r.o.] : C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys 23 - [Padus, Inc.] : C:\WINDOWS\system32\drivers\pfc.sys IE URL Search Hooks - {{06663B56-0D73-4f9f-BCC5-4AA941470AFD}} - [Pando] : C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL Advanced Files Report %PROGRAMFILES%\Bonjour\mdnsNSP.dll [Apple Computer, Inc.] [bonjour] MD5=1F5A570AD942DFCFE4500326ABDD72B2 SIZE=94208 %PROGRAMFILES%\Microsoft Office\Office10\WINWORD.EXE [Microsoft Corporation] [Microsoft Office XP] MD5=CF5FAAE47BD45081EBD2B4732A866B64 SIZE=10577312 %COMMONFILES%\Microsoft Shared\Proof\MSSP3FR.DLL [sYNAPSE Développement, Toulouse (France)] [sYNAPSE Développement Ortho] MD5=FCA9C5A0D79096FD4E4C49397D77B8DC SIZE=294912 %PROGRAMFILES%\Microsoft Office\Office10\intldate.dll [] [iNTLDATE Dynamic Link Library] MD5=1721467BC4CCB62C398493525BFA2E08 SIZE=126976 %WINDIR%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [] MD5=1755A2B4813F0585C5587AAF72F9B829 SIZE=180224 %PROGRAMFILES%\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=03163BAF3A5DBF8742804093931D7D32 SIZE=147456 deskpan.dll [] hticons.dll [] %SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 44.03] MD5=08063F7DF5DC0146534725745010CE91 SIZE=467016 %PROGRAMFILES%\WinRAR\rarext.dll [] MD5=CE1FF0C418276F34728CC0CA525FD959 SIZE=125440 %PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLZM.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=DDD2E528CBC510E74AAEA6634721D97D SIZE=217088 %PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLWHL.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=0E6403B95274E5F76367765BD10683D3 SIZE=241664 %PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLKEY.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=0A6C43755FB7E78B4E468F061AD4676F SIZE=368640 %PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLWIR.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=346CDEBC57EFAF5E754B3D3FCA797C69 SIZE=208896 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLWIR.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=E98489592493ECC3024D7475E2009BA4 SIZE=348160 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLWHL.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=B96854EDA874AD5816265F69D3CC0147 SIZE=245760 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLACT.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=FCECA10414B14B57C90CD3A67430F599 SIZE=184320 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLBTN.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=68D60E239FE966764C1718B62ED21FD7 SIZE=380928 %WINDIR%\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll [Revenger inc.] MD5=66CD17BEC14AD29C957FC77B797723E8 SIZE=46592 %PROGRAMFILES%\Nokia\Nokia PC Suite 6\PhoneBrowser.dll [Nokia] [Phone Browser] MD5=EE72989BDAC20CC914ADEF6A7BCEEDB9 SIZE=544768 %PROGRAMFILES%\7-Zip\7-zip.dll [igor Pavlov] [7-Zip] MD5=2EF36F8D4E55BAAC4D3B94AE291C9734 SIZE=152576 %PROGRAMFILES%\Illustrate\dBpowerAMP\dBShell.dll [] [dBShell Module] MD5=D6AA02CE1F8A522543CE9AA2572685E6 SIZE=86016 %PROGRAMFILES%\Illustrate\dBpowerAMP\dMCShell.dll [] [dMCShell Module] MD5=BD433F12577C40839588F0BDB790173E SIZE=110592 %SYSDIR%\DRIVERS\AvgAsCln.sys [GRISOFT, s.r.o.] [AVG7 Clean Driver] MD5=6D4A1DA6E6D522B3EBBCBFF4A3589EC5 SIZE=3968 %SYSDIR%\drivers\pfc.sys [Padus, Inc.] [Padus® ASPI Shell] MD5=957B82EC80AD7EAD64E5E47DF6B0DC40 SIZE=10368 %SYSDIR%\systray.exe [] End of Report Logfile of Spyware Terminator v2.0.1.224 (db:1.0.979.739) Scan Time: 20/10/2007 10:13:44 length: 2003 s Platform: Windows XP Service Pack 2 (WINNT 5.1.2600) User: Limited Boot Mode: Safe Scan type: Full_Spyware_Scan Scanned Objects: 84126 (Critical:0) Filter: No System items, No Safe items Running Processes WINWORD.EXE [Microsoft Corporation] : C:\Program Files\Microsoft Office\Office10\WINWORD.EXE Internet Settings R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.google.fr/ie R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.google.fr/ie R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = *.local R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain = R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName = BHO 02 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - [Pando] : C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL 02 - BHO: - {7E853D72-626A-48EC-A868-BA8D5E23E045} - File not found 02 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - [Pando] : C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL 02 - BHO: - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - File not found Toolbars 03 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - [Pando] : C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL StartUps 04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SuperCopier2.exe : [sFX TEAM] : C:\Program Files\SuperCopier2\SuperCopier2.exe 04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pando : [Pando Networks] : C:\Program Files\PANDO NETWORKS\PANDO\PANDO.EXE 04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, eMuleAutoStart : [http://www.emule-project.net] : C:\Documents and Settings\ONI\MES DOCUMENTS\SAM\LOGICIEL\EMULE0.48A\EMULE0.48A\EMULE.EXE 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BDMCon : [sOFTWIN S.R.L.] : C:\Program Files\SOFTWIN\BITDEFENDER10\BDMCON.EXE 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BDAgent : [sOFTWIN S.R.L.] : C:\Program Files\SOFTWIN\BITDEFENDER10\BDAGENT.EXE 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PCSuiteTrayApplication : [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe 04 - Startup: %START_PROGRAMS%\Démarrage\UberIcon.lnk : C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe 04 - Startup: %START_PROGRAMSALL%\Démarrage\hp psc 1000 series.lnk [Hewlett-Packard Co.] : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe Shell Extensions Extension Affichage Panorama du Panneau de configuration - {42071714-76d4-11d1-8b24-00a0c9068ff3} - : deskpan.dll - {764BF0E1-F219-11ce-972D-00AA00A14F56} - File not found - {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - File not found Extension icône HyperTerminal - {88895560-9AA2-1069-930E-00AA0030EBC8} - : hticons.dll Barre des tâches et menu Démarrer - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - File not found Comptes d'utilisateurs - {7A9D77BD-5403-11d2-8785-2E0420524153} - File not found Explorateur de Bureau - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll - {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll IntelliType Pro Zooming Property Page - {97FA8AA2-EE77-4FF2-9449-424D8924EF21} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLZM.DLL IntelliType Pro Scrolling Property Page - {111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLWHL.DLL IntelliType Pro Key Settings Property Page - {ED6E87C6-8A83-43aa-8208-8DBC8247F4D2} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLKEY.DLL IntelliType Pro Wireless Control Panel Property Page - {A2569D1F-4E06-43EC-9825-0088B471BE47} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLWIR.DLL Page de propriétés sans fil - {20082881-FC36-4E47-9A7A-644C95FF749F} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLWIR.DLL Page des propriétés de la roulette - {AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLWHL.DLL Page des propriétés des activités - {653DCCC2-13DB-45B2-A389-427885776CFE} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLACT.DLL Page des propriétés des boutons - {124597D8-850A-41AE-849C-017A4FA99CA2} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLBTN.DLL CMenuExtender - {ABC70703-32AF-11d4-90C4-D483A70F4825} - [Revenger inc.] : C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} - [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll 7-Zip Shell Extension - {23170F69-40C1-278A-1000-000100020000} - [igor Pavlov] : C:\Program Files\7-Zip\7-zip.dll dBpShell Class - {FED7043D-346A-414D-ACD7-550D052499A7} - : C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll dMCIShell Class - {2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5} - : C:\Program Files\Illustrate\dBpowerAMP\dMCShell.dll Winsock 2 [Apple Computer, Inc.] : C:\Program Files\Bonjour\mdnsNSP.dll Services 23 - [GRISOFT, s.r.o.] : C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys 23 - [Padus, Inc.] : C:\WINDOWS\system32\drivers\pfc.sys IE URL Search Hooks - {{06663B56-0D73-4f9f-BCC5-4AA941470AFD}} - [Pando] : C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL Advanced Files Report %PROGRAMFILES%\Bonjour\mdnsNSP.dll [Apple Computer, Inc.] [bonjour] MD5=1F5A570AD942DFCFE4500326ABDD72B2 SIZE=94208 %PROGRAMFILES%\Microsoft Office\Office10\WINWORD.EXE [Microsoft Corporation] [Microsoft Office XP] MD5=CF5FAAE47BD45081EBD2B4732A866B64 SIZE=10577312 %COMMONFILES%\Microsoft Shared\Proof\MSSP3FR.DLL [sYNAPSE Développement, Toulouse (France)] [sYNAPSE Développement Ortho] MD5=FCA9C5A0D79096FD4E4C49397D77B8DC SIZE=294912 %PROGRAMFILES%\Microsoft Office\Office10\intldate.dll [] [iNTLDATE Dynamic Link Library] MD5=1721467BC4CCB62C398493525BFA2E08 SIZE=126976 %WINDIR%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [] MD5=1755A2B4813F0585C5587AAF72F9B829 SIZE=180224 %PROGRAMFILES%\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=03163BAF3A5DBF8742804093931D7D32 SIZE=147456 deskpan.dll [] hticons.dll [] %SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 44.03] MD5=08063F7DF5DC0146534725745010CE91 SIZE=467016 %PROGRAMFILES%\WinRAR\rarext.dll [] MD5=CE1FF0C418276F34728CC0CA525FD959 SIZE=125440 %PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLZM.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=DDD2E528CBC510E74AAEA6634721D97D SIZE=217088 %PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLWHL.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=0E6403B95274E5F76367765BD10683D3 SIZE=241664 %PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLKEY.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=0A6C43755FB7E78B4E468F061AD4676F SIZE=368640 %PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLWIR.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=346CDEBC57EFAF5E754B3D3FCA797C69 SIZE=208896 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLWIR.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=E98489592493ECC3024D7475E2009BA4 SIZE=348160 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLWHL.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=B96854EDA874AD5816265F69D3CC0147 SIZE=245760 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLACT.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=FCECA10414B14B57C90CD3A67430F599 SIZE=184320 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLBTN.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=68D60E239FE966764C1718B62ED21FD7 SIZE=380928 %WINDIR%\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll [Revenger inc.] MD5=66CD17BEC14AD29C957FC77B797723E8 SIZE=46592 %PROGRAMFILES%\Nokia\Nokia PC Suite 6\PhoneBrowser.dll [Nokia] [Phone Browser] MD5=EE72989BDAC20CC914ADEF6A7BCEEDB9 SIZE=544768 %PROGRAMFILES%\7-Zip\7-zip.dll [igor Pavlov] [7-Zip] MD5=2EF36F8D4E55BAAC4D3B94AE291C9734 SIZE=152576 %PROGRAMFILES%\Illustrate\dBpowerAMP\dBShell.dll [] [dBShell Module] MD5=D6AA02CE1F8A522543CE9AA2572685E6 SIZE=86016 %PROGRAMFILES%\Illustrate\dBpowerAMP\dMCShell.dll [] [dMCShell Module] MD5=BD433F12577C40839588F0BDB790173E SIZE=110592 %SYSDIR%\DRIVERS\AvgAsCln.sys [GRISOFT, s.r.o.] [AVG7 Clean Driver] MD5=6D4A1DA6E6D522B3EBBCBFF4A3589EC5 SIZE=3968 %SYSDIR%\drivers\pfc.sys [Padus, Inc.] [Padus® ASPI Shell] MD5=957B82EC80AD7EAD64E5E47DF6B0DC40 SIZE=10368 %SYSDIR%\systray.exe [] End of Report Suppression: Préparation... Fonction de suppression de fichier solide désactivé Supprimer Affiliate tracking cookie Analyse(s) terminée(s)

Désolé de répondre si tard... Alors le rapport AVG Anti-Spyware + un nouveau log Hijackthis fait en mode normal --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 22:09:30 19/10/2007 + Résultat de l'analyse: Rien à signaler. Fin du rapport ------------------------------------------------------------------------------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:23:58, on 19/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\sstray.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized O4 - HKCU\..\Run: [eMuleAutoStart] C:\Documents and Settings\ONI\Mes documents\SAM\Logiciel\eMule0.48a\eMule0.48a\emule.exe -AutoStart O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe -- End of file - 8288 bytes J'attends la suite quand tu auras 5 minutes en tout MERCI pour deja tout ce que tu m'as passé Ca ma permis de faire pas mal de ménage A la base ce que j'utilise pour "l'entretient" du mon pc c'est: CCLEANER SPYBOT ET !!! c'est tout LOL :P Et mon bitdefender v10 je pense que c'est un bon anti virus (en tout cas le meilleur que j'ai eu jusqu'a maintenant) j'ai commence par norton y 4 ans puis par AVAST et pour finir Bitdefender Qu'est ce que tu penses de ca .. ?

merci pour la reponse je fais ca d'ici ce soir pour HijackThisV2 a tout a l'heure SmitFraudFix v2.240 Rapport fait à 16:18:00,57, 19/10/2007 Executé à partir de C:\Documents and Settings\ONI\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\sstray.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\BitComet\BitComet.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\System32\alg.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Documents and Settings\ONI\Mes documents\y's\YzDock.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Documents and Settings\ONI\Mes documents\=Utils=\LaunchSub 1.1.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\wbem\wmiprvse.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ONI »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ONI\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ONI\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="sockspy.dll" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: NVIDIA nForce MCP Networking Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 212.27.54.252 DNS Server Search Order: 212.27.53.252 HKLM\SYSTEM\CCS\Services\Tcpip\..\{7E38A10C-35A1-4032-90DB-4554542A1ED4}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\..\{7E38A10C-35A1-4032-90DB-4554542A1ED4}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS2\Services\Tcpip\..\{7E38A10C-35A1-4032-90DB-4554542A1ED4}: DhcpNameServer=212.27.53.252 212.27.54.252 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Bonjour, Ce matin en après avoir dézipper un .rar (après coup bêtement...c'était le matin lol ) qui m'a donné un satané "Winzix.exe" je me retrouve attaqué par un Trojan.FatObfus.2.Gen et d'autre saleté dans le genre... Mon Bitdefender V10 les a apparemment bloqués mais je n'arrive pas a m'en débarrasser... Quelqu'un pourrait m'aider svp... ? Merci d'avance...