jeppy

Hello bruce lee et sorry pour le retard... malheureusement j'ai suivi ta procedure (en oubliant de t'envoiller le raport) mais pour l'instant mon ordi ne pose plus de problemme et au pire je peux toujours revenir sur le forum et demander a dieu (du kung fu) un coup de main ..... encore mille fois merci pour ton aide et pour le forum ou on trouve de l'aide tres rapidement et en plus avec des sujet tres interessant Salutation jeppy

Re wouaww...kapersky est vraimment si fort ou se sont pas tous des fichiers infécté...? Parce-que Avast n'en avait plus trouvé depuis le derrnier scan Rapport Kapersky: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Saturday, December 15, 2007 3:51:20 AM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 14/12/2007 Kaspersky Anti-Virus database records: 482444 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ Scan Statistics: Total number of scanned objects: 201227 Number of viruses found: 19 Number of infected objects: 63 Number of suspicious objects: 0 Duration of the scan process: 03:58:49 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\Jeppy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-2fda2583-51b454f7.zip/BaaaaBaa.class Infected: Exploit.Java.Gimsh.a skipped C:\Documents and Settings\Jeppy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-2fda2583-51b454f7.zip ZIP: infected - 1 skipped C:\Documents and Settings\Jeppy\Bureau\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Jeppy\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Jeppy\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Jeppy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Jeppy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Jeppy\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Jeppy\Local Settings\Historique\History.IE5\MSHist012007121420071215\index.dat Object is locked skipped C:\Documents and Settings\Jeppy\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Jeppy\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Jeppy\Mes documents\AdvPassw\Advanced Rar Password Recovery v1.11\DISTINCT.RAR/setup.exe/WISE0039.BIN Infected: not-a-virus:PSWTool.Win32.OEPass.b skipped C:\Documents and Settings\Jeppy\Mes documents\AdvPassw\Advanced Rar Password Recovery v1.11\DISTINCT.RAR/setup.exe Infected: not-a-virus:PSWTool.Win32.OEPass.b skipped C:\Documents and Settings\Jeppy\Mes documents\AdvPassw\Advanced Rar Password Recovery v1.11\DISTINCT.RAR RAR: infected - 2 skipped C:\Documents and Settings\Jeppy\Mes documents\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Jeppy\Mes documents\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Jeppy\Mes documents\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Jeppy\Mes documents\SmitfraudFix.exe RarSFX: infected - 2 skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\Flux_Media_Centrafuse_XLE_1.10.zip/run.exe Infected: Trojan-Downloader.Win32.Zlob.gen skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\Flux_Media_Centrafuse_XLE_1.10.zip ZIP: infected - 1 skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UBCD4WinV304.exe/file3166 Infected: not-a-virus:NetTool.Win32.Portscan.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UBCD4WinV304.exe/file3322 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.e skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UBCD4WinV304.exe/file3327 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.e skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UBCD4WinV304.exe/file3366 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UBCD4WinV304.exe/file3369 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UBCD4WinV304.exe/file3370 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UBCD4WinV304.exe/file3567/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UBCD4WinV304.exe/file3567/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UBCD4WinV304.exe/file3567 Infected: not-a-virus:PSWTool.Win32.RAS.a skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UBCD4WinV304.exe Inno: infected - 9 skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UltraVNC-102-Setup-Fr.exe/file004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UltraVNC-102-Setup-Fr.exe/file005 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UltraVNC-102-Setup-Fr.exe/file034 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UltraVNC-102-Setup-Fr.exe/file051 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\UltraVNC-102-Setup-Fr.exe Inno: infected - 4 skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\VNC_3.3.7\VNC_3.3.7\Setup_x86_w32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\VNC_3.3.7\VNC_3.3.7\Setup_x86_w32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\VNC_3.3.7\VNC_3.3.7\Setup_x86_w32.exe/data0004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\VNC_3.3.7\VNC_3.3.7\Setup_x86_w32.exe Inno: infected - 3 skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\VNC_3.3.7.zip/VNC_3.3.7/Setup_x86_w32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\VNC_3.3.7.zip/VNC_3.3.7/Setup_x86_w32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\VNC_3.3.7.zip/VNC_3.3.7/Setup_x86_w32.exe/data0004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\VNC_3.3.7.zip/VNC_3.3.7/Setup_x86_w32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\VNC_3.3.7.zip/VNC_3.3.7/patch_fr/winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Jeppy\Mes documents\Telechargement\VNC_3.3.7.zip ZIP: infected - 5 skipped C:\Documents and Settings\Jeppy\ntuser.dat Object is locked skipped C:\Documents and Settings\Jeppy\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped C:\Program Files\UltraVNC\vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\Program Files\UltraVNC\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped C:\Program Files\UltraVNC\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{28B53F34-0319-4AA8-BDE5-06592004AEA6}\RP2\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\security Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\Logfiles\WUDF\WUDFTrace.etl Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_474.dat Object is locked skipped C:\WINDOWS\TempFile Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\E-Mule Incoming\Complet\BuzzXplore 1.15.168.zip/BuzzXplore 1.15.168.exe Infected: Trojan-Downloader.Win32.Bagle.bp skipped D:\E-Mule Incoming\Complet\BuzzXplore 1.15.168.zip ZIP: infected - 1 skipped D:\E-Mule Incoming\Complet\Real.VNC.Enterprise.Edition.v4.2.6.Incl-Keygen.rar/vnc-E4_2_6-x86_win32.exe/file3 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped D:\E-Mule Incoming\Complet\Real.VNC.Enterprise.Edition.v4.2.6.Incl-Keygen.rar/vnc-E4_2_6-x86_win32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped D:\E-Mule Incoming\Complet\Real.VNC.Enterprise.Edition.v4.2.6.Incl-Keygen.rar RAR: infected - 2 skipped D:\programme comprimé\CDFastOpen98.ZIP/CDFastOpen98.exe Infected: not-virus:BadJoke.Win32.Delf.j skipped D:\programme comprimé\CDFastOpen98.ZIP ZIP: infected - 1 skipped D:\programme comprimé\gozilla39.exe/WISE0018.BIN Infected: not-a-virus:AdWare.Win32.Aureate skipped D:\programme comprimé\gozilla39.exe/WISE0019.BIN Infected: not-a-virus:AdWare.Win32.Aureate skipped D:\programme comprimé\gozilla39.exe/WISE0020.BIN Infected: not-a-virus:AdWare.Win32.Aureate.a skipped D:\programme comprimé\gozilla39.exe/WISE0021.BIN Infected: not-a-virus:AdWare.Win32.Aureate.a skipped D:\programme comprimé\gozilla39.exe/WISE0022.BIN Infected: not-a-virus:AdWare.Win32.Aureate.a skipped D:\programme comprimé\gozilla39.exe WiseSFX: infected - 5 skipped D:\programme comprimé\Nuker\NukeNabber29.exe/Report.exe Infected: not-a-virus:NetTool.Win32.NukeNabber.21 skipped D:\programme comprimé\Nuker\NukeNabber29.exe/nukenabber.exe Infected: not-a-virus:NetTool.Win32.NukeNabber.21 skipped D:\programme comprimé\Nuker\NukeNabber29.exe SetupSpecialist: infected - 2 skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped D:\System Volume Information\_restore{28B53F34-0319-4AA8-BDE5-06592004AEA6}\RP1\A0000210.dll Infected: not-a-virus:PSWTool.Win32.PWDump.2 skipped D:\System Volume Information\_restore{28B53F34-0319-4AA8-BDE5-06592004AEA6}\RP1\A0000211.exe Infected: not-a-virus:PSWTool.Win32.PWDump.3 skipped D:\System Volume Information\_restore{28B53F34-0319-4AA8-BDE5-06592004AEA6}\RP1\A0000212.exe Infected: not-a-virus:PSWTool.Win32.PWDump.3 skipped D:\System Volume Information\_restore{28B53F34-0319-4AA8-BDE5-06592004AEA6}\RP2\change.log Object is locked skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{28B53F34-0319-4AA8-BDE5-06592004AEA6}\RP2\change.log Object is locked skipped F:\Travail\Outlook.pst/Dossiers personnels/Boîte de réception/14 Apr 1999 19:14 from Ch Bigler/Hello.exe Infected: not-virus:BadJoke.Win32.Baton.a skipped F:\Travail\Outlook.pst/Dossiers personnels/Boîte de réception/02 Dec 1998 21:01 to spot; jeppy; bubu:D:/Download/FastOpen/CDFa/CDFastOpen98.ZIP/CDFastOpen98.exe Infected: not-virus:BadJoke.Win32.Delf.j skipped F:\Travail\Outlook.pst/Dossiers personnels/Boîte de réception/02 Dec 1998 21:01 to spot; jeppy; bubu:D:/Download/FastOpen/CDFa/CDFastOpen98.ZIP Infected: not-virus:BadJoke.Win32.Delf.j skipped F:\Travail\Outlook.pst Mail MS Mail: infected - 3 skipped Scan process completed. Merci encore pour ton temps que tu me consacre

hello ! REG.EXE VERSION 3.0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe windir REG_EXPAND_SZ %SystemRoot% OS REG_SZ Windows_NT PROCESSOR_ARCHITECTURE REG_SZ x86 PROCESSOR_LEVEL REG_SZ 15 PROCESSOR_IDENTIFIER REG_SZ x86 Family 15 Model 6 Stepping 2, GenuineIntel PROCESSOR_REVISION REG_SZ 0602 NUMBER_OF_PROCESSORS REG_SZ 2 PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH TEMP REG_EXPAND_SZ %SystemRoot%\TEMP TMP REG_EXPAND_SZ %SystemRoot%\TEMP FP_NO_HOST_CHECK REG_SZ NO OMP_NUM_THREADS REG_SZ 2 PATH REG_SZ C:\Program Files\Autodesk\DWG TrueView\ je ne sais pas à quoi sa va d'aider... si tu pouvais m'eclairer un peux sur le sujet que je comprene un peux....juste pour pas mourir idiot merci encore

sniff je peux malheureusement toujours pas démarrer en mode sans echec et toujours pas lancer smitfraudfix

Hello, merci pour ton aide j'ai suivi ta procedure le point 2 "démarrer en mode sans échec" n'as pas reussi (normal) le fichier hblogon.dll ne voulait pas seffacer mais j'ai reussi avec Unloker assistant (nikel ce petit prog) et pour finir voila les deux rapport demandé: --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 15:45:55 12.12.2007 + Résultat de l'analyse: D:\Temporaire\Partition NTFS récupérée1\f\programme comprimé\mp3-Fiend\MP3Fiend.CAB/advert.dll -> Adware.Aureate : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1844237615-1767777339-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F7D40011-29BB-43EB-9C97-875CE89E9E36} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine). D:\System Volume Information\_restore{28B53F34-0319-4AA8-BDE5-06592004AEA6}\RP1\A0000008.dll -> Adware.MediaBack : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Jeppy\Local Settings\Temporary Internet Files\Content.IE5\M3615ZT5\title1[1].htm -> Dropper.Small.j : Nettoyé et sauvegardé (mise en quarantaine). D:\Jeux\Patch de Jeux\morrowind\TRAINER.EXE -> Logger.Banker : Nettoyé et sauvegardé (mise en quarantaine). D:\E-Mule Incoming\Complet\Winaircrack.zip/WinAircrackPack/aircrack.exe -> Not-A-Virus.PSWTool.Win32.AirCrack.a : Nettoyé et sauvegardé (mise en quarantaine). D:\Temporaire\Partition NTFS récupérée1\C\Documents and Settings\Jeppy\Mes documents\passwort-krack\Data\pwdump2-orig\samdump.dll -> Not-A-Virus.PSWTool.Win32.PWDump.2 : Nettoyé et sauvegardé (mise en quarantaine). D:\Temporaire\Partition NTFS récupérée1\C\Documents and Settings\Jeppy\Mes documents\passwort-krack\Data\pwdump3\pwservice.exe -> Not-A-Virus.PSWTool.Win32.PWDump3 : Nettoyé et sauvegardé (mise en quarantaine). D:\Temporaire\Partition NTFS récupérée1\C\Documents and Settings\Jeppy\Mes documents\passwort-krack\Data\pwdump3e\pwservice.exe -> Not-A-Virus.PSWTool.Win32.PWDump3 : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Jeppy\Cookies\jeppy@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@pandasoftware.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@2.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@3.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@4.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@adbutler[1].txt -> TrackingCookie.Adbutler : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@www.belstat[1].txt -> TrackingCookie.Belstat : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@cz11.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@cz4.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@cz5.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@vip2.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@estat[1].txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@www.etracker[1].txt -> TrackingCookie.Etracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@komtrack[2].txt -> TrackingCookie.Komtrack : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@overture[1].txt -> TrackingCookie.Overture : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@ppms.popularix[1].txt -> TrackingCookie.Popularix : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@sexlist[2].txt -> TrackingCookie.Sexlist : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@counter1.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@counter10.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@counter14.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@counter15.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@counter3.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@counter4.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@counter5.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@counter6.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@counter9.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@php.sales.tfag[1].txt -> TrackingCookie.Tfag : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@sales.tfag[1].txt -> TrackingCookie.Tfag : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé. C:\Documents and Settings\Jeppy\Cookies\jeppy@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé. C:\Documents and Settings\Jeppy\Mes documents\Telechargement\XPKey.exe -> Trojan.Small.edz : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Jeppy\Mes documents\Telechargement\windows xp\XPKey_recuperateur de cle.exe -> Trojan.Small.edz : Nettoyé et sauvegardé (mise en quarantaine). D:\Temporaire\Partition NTFS récupérée1\C\Documents and Settings\Jeppy\Mes documents\windowsxpactivationandreactivation.zip/XPKey.exe -> Trojan.Small.edz : Nettoyé et sauvegardé (mise en quarantaine). Fin du rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:53:33, on 12.12.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\TYPSOF~1\ftpserv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\LVComsX.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [FTP Server] C:\TYPSOF~1\ftpserv.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-1844237615-1767777339-1801674531-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-1844237615-1767777339-1801674531-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: Phone Connection Monitor.lnk = ? O8 - Extra context menu item: Ajouter à &Windows Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe -- End of file - 8743 bytes voila pour l'instant je n'ai pas encore essaille de redemarrer en mode sans echec depuis mais je te tiens au courant au plus vite merci encore de ton aide bruce lee

Re ben voila en esperant que sa puise d'aider... lol c'est surtout moi qui ai besoin d'aide merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:31:51, on 11.12.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\TYPSOF~1\ftpserv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\LVComsX.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\Logitech\Video\FxSvr2.exe c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE C:\WINDOWS\ATKKBService.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [FTP Server] C:\TYPSOF~1\ftpserv.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-1844237615-1767777339-1801674531-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-1844237615-1767777339-1801674531-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: Phone Connection Monitor.lnk = ? O8 - Extra context menu item: Ajouter à &Windows Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: hblogon - C:\WINDOWS\SYSTEM32\hblogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe -- End of file - 8351 bytes

hello bruce il me semble que tu as une idee derriere la tete... parceque en mode sans echec je recois une page bleu avec l'erreur 0x0000007b ...qui d'apres quelques recherches, on me dit que je suis infecte au niveau du boot de win xp mais j'ai passe un antivirus au boot (antivir) et rien... aurais tu une idee sur le sujet ?? et j'ai essaille de lancer la comande smitfraudfix.cmd directement dans une fenetre dos depuis le repertoire smitfraudfix et je recois ce message : 'find' n'est pas une reconnu en tant que commande interne merci pour ton aide

Merci Bruce Lee j'ai bien télécharge le dernier prog (suivi ton lien) mais cela ne change rien Je dois lancer deux fois le fichier exe pour qu'il me crée le fichier Smitfraudfixe "c'est déja bizzare" et j'ai 16 programmes dans ce fichier dont se fameux smitfraudfixe.cmd voila alors toute aide me serait utile merci (je vais essailler de le lancer directement la commande sous une fenêtre dos pour voir ou il bloque) en att merci

Bonjour je suis tout nouveau sur le forum et j'ai un problème que je ne comprends pas avec Smitfraudfix. Quand je lance la commande smitfraudfix.cmd j'ai bien la fenêtre dos qui s'ouvre mais se referme instantanement. J'ai la version...il me semble que c'est la derrniere 2.26 merci