mamkangourou

Merci beaucoup de votre aide et patience. J'ai installé et bien configué AVG AS et Antivir. J'ai également le pare feu Windows. BOn dimanche

Merci, j'ai bien configuré Antivir. Dois je installer d'autres logiciel pour protéger mon PC? Voici le rapport d'Antivir en mode sans échec: AntiVir PersonalEdition Classic Report file date: jeudi 31 janvier 2008 14:17 Scanning for 1086273 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows Vista Windows version: (plain) [6.0.6000] Username: Mamkangourou Computer name: PC-DE-MAMKANGOU Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 11:20:15 ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 25/01/2008 11:20:15 ANTIVIR3.VDF : 7.0.2.75 217088 Bytes 31/01/2008 11:19:19 AVEWIN32.DLL : 7.6.0.59 3232256 Bytes 31/01/2008 11:19:19 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 29/01/2008 11:20:15 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: D:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: jeudi 31 janvier 2008 14:17 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsm.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'wininit.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 16 processes with 16 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '18' files ). Starting the file scan: Begin scan in 'C:\' <VistaOS> C:\pagefile.sys [WARNING] The file could not be opened! C:\Windows\System32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <DATA> End of the scan: jeudi 31 janvier 2008 14:40 Used time: 22:41 min The scan has been done completely. 12541 Scanning directories 286773 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 286773 Files not concerned 1809 Archives were scanned 2 Warnings 0 Notes AVG AS n'a rien détecté. Le seul rapport que j'ai eu est "No threats found". Bonne soirée

.

"mais pensez à vous installer des protections convenables car Windows defender, c'est un peu court" Ok, mais quel logiciel me conseillez-vous en plus d'Antivir? merci encore pour tout ce boulot

Voici le rapport Kapersky KASPERSKY ONLINE SCANNER REPORT Thursday, January 31, 2008 7:46:10 AM Operating System: Microsoft Windows Vista Home Edition, (Build 6000) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 30/01/2008 Kaspersky Anti-Virus database records: 538739 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ F:\ G:\ H:\ Scan Statistics Total number of scanned objects 77528 Number of viruses found 1 Number of infected objects 3 Number of suspicious objects 0 Duration of the scan process 01:13:10 Infected Object Name Virus Name Last Action C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20080130-135654.log Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\chandir.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\chandir.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\chn.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\chn.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\D0000000.FCS Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\inuse.txt Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\L0000007.FCS Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\main.log Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\prs.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\prs.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\prs_die.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\prs_die.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\prs_dnd.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\prs_dnd.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\prs_ext.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\prs_ext.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\prs_rcv.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\prs_rcv.idx Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\storydb.dat Object is locked skipped C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mamkangourou\Data\storydb.idx Object is locked skipped C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\14bfebd6eba5e6d5f6d5fc216298248a_4d158e14-277d-4e55-bb5a-009bc0716b32 Object is locked skipped C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.209.Crwl Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.209.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010001.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010002.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010008.ci Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010008.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010008.wsb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01000A.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010010.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010013.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010014.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010015.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010016.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010017.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010018.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010019.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001A.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001B.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001C.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001D.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001F.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010020.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010021.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010023.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010024.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010025.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy222.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\NtfEE92.tmp Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\NtfEE93.tmp Object is locked skipped C:\ProgramData\OrbNetworks\Logs\CabDirectory.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\MiWebServer.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\Orb.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbClient.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbContacts.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbDMS.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbErrors.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbImageProcessing.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbMediaV2.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbPVR.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbRequestProxy.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbStreamer.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbTrayIcon.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\OrbTVXml.log Object is locked skipped C:\ProgramData\OrbNetworks\Logs\rtspServer.log Object is locked skipped C:\ProgramData\OrbNetworks\OrbContacts\OrbContacts.db Object is locked skipped C:\ProgramData\OrbNetworks\OrbMediaV2\OrbMedia.db Object is locked skipped C:\ProgramData\OrbNetworks\OrbPVR\OrbPVR.db Object is locked skipped C:\ProgramData\OrbNetworks\OrbThumbs\OrbThumbsV2.db Object is locked skipped C:\ProgramData\OrbNetworks\OrbThumbs\OrbThumbsV2.db-journal Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\pending.dat Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_921C_1A84_1C1A_638F\dfsr.db Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_921C_1A84_1C1A_638F\fsr.log Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_921C_1A84_1C1A_638F\fsrtmp.log Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_921C_1A84_1C1A_638F\tmp.edb Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008013120080201\index.dat Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\UsrClass.dat{5dc32457-1e76-11dc-bff5-001b77104b61}.TM.blf Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\UsrClass.dat{5dc32457-1e76-11dc-bff5-001b77104b61}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows\UsrClass.dat{5dc32457-1e76-11dc-bff5-001b77104b61}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows Live Contacts\[email protected]\real\members.stg Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Microsoft\Windows Live Contacts\[email protected]\shadow\members.stg Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Temp\~DF708F.tmp Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Temp\~DF7096.tmp Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Temp\~DFB989.tmp Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Temp\~DFB999.tmp Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Temp\~DFC809.tmp Object is locked skipped C:\Users\Mamkangourou\AppData\Local\Temp\~DFDFD9.tmp Object is locked skipped C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped C:\Users\Mamkangourou\Desktop\Erwan\Logiciel\Nouveau dossier\movavi-videosuite_movavi_videosuite_4.0_anglais_32710.exe/stream/data0013 Infected: not-a-virus:Monitor.Win32.KaGB.a skipped C:\Users\Mamkangourou\Desktop\Erwan\Logiciel\Nouveau dossier\movavi-videosuite_movavi_videosuite_4.0_anglais_32710.exe/stream Infected: not-a-virus:Monitor.Win32.KaGB.a skipped C:\Users\Mamkangourou\Desktop\Erwan\Logiciel\Nouveau dossier\movavi-videosuite_movavi_videosuite_4.0_anglais_32710.exe NSIS: infected - 2 skipped C:\Users\Mamkangourou\NTUSER.DAT Object is locked skipped C:\Users\Mamkangourou\ntuser.dat.LOG1 Object is locked skipped C:\Users\Mamkangourou\ntuser.dat.LOG2 Object is locked skipped C:\Users\Mamkangourou\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped C:\Users\Mamkangourou\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\Mamkangourou\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Users\XBOX\AppData\Local\Temp\~DF6353.tmp Object is locked skipped C:\Windows\bthservsdp.dat Object is locked skipped C:\Windows\Debug\PASSWD.LOG Object is locked skipped C:\Windows\Debug\sam.log Object is locked skipped C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WindowsUpdate.log Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Object is locked skipped C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 Object is locked skipped C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\catroot2\edb.log Object is locked skipped C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\config\COMPONENTS Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped C:\Windows\System32\config\DEFAULT Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped C:\Windows\System32\config\RegBack\COMPONENTS Object is locked skipped C:\Windows\System32\config\RegBack\DEFAULT Object is locked skipped C:\Windows\System32\config\RegBack\SAM Object is locked skipped C:\Windows\System32\config\RegBack\SECURITY Object is locked skipped C:\Windows\System32\config\RegBack\SOFTWARE Object is locked skipped C:\Windows\System32\config\RegBack\SYSTEM Object is locked skipped C:\Windows\System32\config\SAM Object is locked skipped C:\Windows\System32\config\SAM.LOG1 Object is locked skipped C:\Windows\System32\config\SAM.LOG2 Object is locked skipped C:\Windows\System32\config\SECURITY Object is locked skipped C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped C:\Windows\System32\config\SOFTWARE Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped C:\Windows\System32\config\SYSTEM Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101A}.TxR.3.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\System32\drivers\sptd.sys Object is locked skipped C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTm.blf Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000001 Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000002 Object is locked skipped C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped C:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped C:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped C:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped C:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.001 Object is locked skipped C:\Windows\System32\wfp\wfpdiag.etl Object is locked skipped C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed.

Voici le scan ESET. Il n'a rien de trouvé. # version=4 # OnlineScanner.ocx=1.0.0.56 # OnlineScannerDLLA.dll=1, 0, 0, 51 # OnlineScannerDLLW.dll=1, 0, 0, 51 # OnlineScannerUninstaller.exe=1, 0, 0, 49 # vers_standard_module=2836 (20080130) # vers_arch_module=1.063 (20080117) # vers_adv_heur_module=1.060 (20070601) # EOSSerial=86fb7bc32fe7444ab5a40146da0bde46 # end=finished # remove_checked=false # unwanted_checked=false # utc_time=2008-01-30 05:48:27 # local_time=2008-01-30 06:48:27 (+0100, Paris, Madrid) # country="France" # osver=6.0.6000 NT # scanned=293702 # found=0 # scan_time=4934

aie! le lien http://www.sendspace.com/file/qxrxfw ne fonctionne pas. Y a t-il un autre endroit où je peux télécharger le fichier CFScript?

Pear, j'ai suivi la marche à suivre et voici le rapport de Combofix: ComboFix 08-01-30.6 - Mamkangourou 2008-01-30 14:00:46.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1384 [GMT 1:00] Endroit: C:\Users\Mamkangourou\Desktop\ComboFix.exe * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Users\Mamkangourou\Desktop\Erwan\Babidi\Photos\Fonds d'ecran\Desktop_.ini . ((((((((((((((((((((((((((((( Fichiers créés 2007-12-28 to 2008-01-30 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier créé dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-30 12:56 45,056 ----a-w C:\Windows\System32\acovcnt.exe 2008-01-30 12:50 --------- d-----w C:\Users\Mamkangourou\AppData\Roaming\uTorrent 2008-01-29 11:18 --------- d-----w C:\Program Files\Avira 2008-01-28 17:10 --------- d-----w C:\ProgramData\Avira 2008-01-27 18:00 874,496 ----a-w C:\Users\Mamkangourou\AppData\Roaming\kernel33.dll 2008-01-26 20:00 --------- d-----w C:\Program Files\WinZix 2008-01-25 18:10 --------- d-----w C:\Users\Mamkangourou\AppData\Roaming\OpenOffice.org2 2008-01-25 17:51 --------- d-----w C:\Program Files\OpenOffice.org 2.3 2008-01-25 17:50 --------- d-----w C:\Program Files\Java 2008-01-25 17:48 --------- d-----w C:\Program Files\Common Files\Java 2008-01-18 02:02 --------- d-----w C:\Program Files\MSXML 4.0 2008-01-17 12:05 --------- d-----w C:\Users\Mamkangourou\AppData\Roaming\gtk-2.0 2008-01-17 11:55 --------- d-----w C:\Users\Mamkangourou\AppData\Roaming\Canon 2008-01-17 11:54 --------- d-----w C:\Program Files\Canon 2008-01-17 11:38 --------- d-----w C:\Users\Mamkangourou\AppData\Roaming\ScanSoft 2008-01-17 11:38 --------- d-----w C:\ProgramData\ScanSoft 2008-01-17 11:38 --------- d-----w C:\ProgramData\InstallShield 2008-01-17 11:38 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared 2008-01-17 11:38 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-01-17 11:37 --------- d-----w C:\Program Files\ScanSoft 2008-01-17 11:33 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-17 11:33 --------- d-----w C:\Program Files\ArcSoft 2008-01-17 11:28 --------- d--h--w C:\Program Files\CanonBJ 2008-01-14 19:39 --------- d-----w C:\Program Files\DAEMON Tools 2008-01-12 19:23 --------- d-----w C:\ProgramData\Skyline 2008-01-12 19:00 --------- d-----w C:\Program Files\OFFICE One 7.0 2008-01-12 18:50 --------- d-----w C:\Program Files\ASUS 2008-01-12 06:26 --------- d-----w C:\Users\Mamkangourou\AppData\Roaming\OFFICEOne7 2008-01-10 02:03 802,816 ----a-w C:\Windows\system32\drivers\tcpip.sys 2008-01-10 02:03 24,064 ----a-w C:\Windows\System32\netcfg.exe 2008-01-10 02:03 22,016 ----a-w C:\Windows\System32\netiougc.exe 2008-01-10 02:03 216,760 ----a-w C:\Windows\system32\drivers\netio.sys 2008-01-10 02:03 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll 2008-01-10 02:01 11,776 ----a-w C:\Windows\System32\sbunattend.exe 2008-01-10 02:01 --------- d-----w C:\Program Files\Windows Sidebar 2008-01-09 15:25 --------- d-----w C:\Program Files\Gabest 2008-01-09 14:37 --------- d-----w C:\Program Files\adslTV 2008-01-05 20:06 --------- d-----w C:\Program Files\GIMP-2.0 2008-01-02 06:47 --------- d-----w C:\Program Files\MSN Messenger 2008-01-02 06:47 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-01-01 16:07 --------- d-----w C:\Program Files\Atari 2007-12-25 08:16 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf 2007-12-25 08:15 --------- d-----w C:\Program Files\Common Files\Motorola Shared 2007-12-23 19:28 --------- d-----w C:\Program Files\uTorrent 2007-12-20 14:04 63,488 ----a-w C:\Users\Mamkangourou\xobglu16.dll 2007-12-20 14:04 23,552 ----a-w C:\Users\Mamkangourou\xobglu32.dll 2007-12-14 02:06 1,327,104 ----a-w C:\Windows\System32\quartz.dll 2007-12-14 02:05 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL 2007-12-14 02:05 223,232 ----a-w C:\Windows\System32\WMASF.DLL 2007-12-14 02:04 824,832 ----a-w C:\Windows\System32\wininet.dll 2007-12-14 02:04 56,320 ----a-w C:\Windows\System32\iesetup.dll 2007-12-14 02:04 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2007-12-14 02:04 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2007-12-14 02:03 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys 2007-12-14 02:03 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys 2007-12-14 02:03 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys 2007-12-14 02:03 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys 2007-12-14 02:02 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe 2007-12-14 02:02 3,470,520 ----a-w C:\Windows\System32\ntoskrnl.exe 2007-12-09 08:24 --------- d-----w C:\Program Files\TLC-Edusoft 2007-12-08 14:48 --------- d-----w C:\Program Files\Mindscape 2007-10-31 06:45 98 ----a-w C:\Users\Mamkangourou\AppData\Roaming\wklnhst.dat 2007-10-11 01:10 84,480 ----a-w C:\Windows\System32\INETRES.dll 2007-10-11 01:10 788,992 ----a-w C:\Windows\System32\rpcrt4.dll 2007-10-11 01:10 737,792 ----a-w C:\Windows\System32\inetcomm.dll 2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini 2005-09-29 08:51 976,020 ----a-w C:\Program Files\BDAXP.cab 2005-09-29 08:51 916,815 ----a-w C:\Program Files\Oct2005_MDX_x86.cab 2005-09-29 08:51 86,784 ----a-w C:\Program Files\Oct2005_xinput_x64.cab 2005-09-29 08:51 74,448 ----a-w C:\Program Files\DSETUP.dll 2005-09-29 08:51 74,430 ----a-w C:\Program Files\dxupdate.cab 2005-09-29 08:51 703,080 ----a-w C:\Program Files\BDA.cab 2005-09-29 08:51 488,656 ----a-w C:\Program Files\DXSETUP.exe 2005-09-29 08:51 46,085 ----a-w C:\Program Files\Oct2005_xinput_x86.cab 2005-09-29 08:51 41,888 ----a-w C:\Program Files\dxdllreg_x86.cab 2005-09-29 08:51 2,245,840 ----a-w C:\Program Files\dsetup32.dll 2005-09-29 08:51 15,493,481 ----a-w C:\Program Files\DirectX.cab 2005-09-29 08:51 13,265,040 ----a-w C:\Program Files\dxnt.cab 2005-09-29 08:51 1,351,430 ----a-w C:\Program Files\Aug2005_d3dx9_27_x64.cab 2005-09-29 08:51 1,156,363 ----a-w C:\Program Files\BDANT.cab 2005-09-29 08:51 1,078,532 ----a-w C:\Program Files\Aug2005_d3dx9_27_x86.cab 2007-09-07 19:26 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007090720070908\index.dat 2007-09-08 08:26 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007090820070909\index.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:55 5674352] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-08-29 07:41 171448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-02 13:34 1004136] "RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 06:36 4186112 C:\Windows\RtHDVCpl.exe] "ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 16:27 61440] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-22 06:27 815104] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 14:44 101136 C:\Windows\KHALMNPR.Exe] "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16 185896] "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45 75304] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-29 12:20 249896] "MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 10:45 222208] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 12:44:06 29696] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-08-12 20:30:58 67128] Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-08-12 20:26:53 688128] MultiFrame.lnk - C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe [2007-04-11 07:47:40 991600] R2 ASLDRService;ASLDR Service;C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-20 22:59] R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;C:\Windows\System32\StkCSrv.exe [2006-12-10 17:31] R3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-12-19 02:12] R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-12-21 03:49] R3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 02:35] R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;C:\Windows\system32\Drivers\StkCMini.sys [2006-12-21 19:36] R3 WCPU;WCPU;C:\Program Files\P4G\WCPU.sys [2007-01-02 23:37] S3 leafnets;Leaf Networks Adapter;C:\Windows\system32\DRIVERS\leafnets.sys [2007-05-03 00:48] S3 motmodem;Motorola USB CDC ACM Driver;C:\Windows\system32\DRIVERS\motmodem.sys [2007-06-20 14:57] S3 UMPass;Pilote Microsoft UMPass;C:\Windows\system32\DRIVERS\umpass.sys [2006-11-02 09:55] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a971873d-46a1-11dc-b62c-001bfc28d434}] \shell\AutoRun\command - F:\Autorun.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {1588FCDE-E779-AA74-BF76-64C8037C5C9F} /qb . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-30 14:02:53 Windows 6.0.6000 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-01-30 14:04:19 ComboFix-quarantined-files.txt 2008-01-30 13:04:15 . 2008-01-30 01:54:01 --- E O F ---

Bonjour, merci Pear et Zonk J'ai fait le scan avec Vundofix et celui ci a rien trouvé. Aucun fichier à supprimer. J'ai pas eu de rapport :P Je viens de refaire un scan avec HjackThis et voici le résultat: Logfile of HijackThis v1.99.1 Scan saved at 09:50:03, on 30/01/2008 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\livecall.exe C:\Program Files\WinRAR\WinRAR.exe C:\Users\MAMKAN~1\AppData\Local\Temp\Rar$EX00.981\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\MAMKAN~1\AppData\Local\Temp\wvutq.dll,#1 O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\MAMKAN~1\AppData\Local\Temp\oppml.dll,c O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: MultiFrame.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Comment puis je me débarasser d'une infection Vundo? Depuis que j'ai viré Avast et installé Avira je n'ai plus de messages qui apparait à tout bout de champ. Mais cela signifie -t-il que je n'ai plus de virus? Voici le rapport de mon dernier scan Antivir: AntiVir PersonalEdition Classic Report file date: mardi 29 janvier 2008 13:17 Scanning for 1083693 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows Vista Windows version: (plain) [6.0.6000] Username: SYSTEM Computer name: PC-DE-MAMKANGOU Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 11:20:15 ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 25/01/2008 11:20:15 ANTIVIR3.VDF : 7.0.2.64 181760 Bytes 29/01/2008 11:20:15 AVEWIN32.DLL : 7.6.0.57 3215872 Bytes 29/01/2008 11:20:15 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 29/01/2008 11:20:15 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: D:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: mardi 29 janvier 2008 13:17 Starting search for hidden objects. '72920' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avconfig.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'AcroRd32.exe' - '1' Module(s) have been scanned Scan process 'uTorrent.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'firefox.exe' - '1' Module(s) have been scanned Scan process 'livecall.exe' - '1' Module(s) have been scanned Scan process 'usnsvc.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'MultiFrame.exe' - '1' Module(s) have been scanned Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'OpWareSE4.exe' - '1' Module(s) have been scanned Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned Scan process 'DMedia.exe' - '1' Module(s) have been scanned Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned Scan process 'MSASCui.exe' - '1' Module(s) have been scanned Scan process 'ALU.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'dwm.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'StkCSrv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ACEngSvr.exe' - '1' Module(s) have been scanned Scan process 'ATKOSD.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'BatteryLife.exe' - '1' Module(s) have been scanned Scan process 'ACMON.exe' - '1' Module(s) have been scanned Scan process 'wcourier.exe' - '1' Module(s) have been scanned Scan process 'HControl.exe' - '1' Module(s) have been scanned Scan process 'ASLDRSrv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SLsvc.exe' - '1' Module(s) have been scanned Scan process 'audiodg.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'lsm.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'wininit.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 62 processes with 62 modules were scanned Starting master boot sector scan: Master boot sector HD0 [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0057 [NOTE] Please restart the search with Administrator rights Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '14' files ). Starting the file scan: Begin scan in 'C:\' <VistaOS> C:\pagefile.sys [WARNING] The file could not be opened! C:\Windows\System32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <DATA> End of the scan: mardi 29 janvier 2008 14:04 Used time: 47:23 min The scan has been done completely. 12394 Scanning directories 283771 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 283771 Files not concerned 1946 Archives were scanned 2 Warnings 0 Notes 72920 Objects were scanned with rootkit scan 0 Hidden objects were found

Et voici le nouveau rappot de HijackTHis: Logfile of HijackThis v1.99.1 Scan saved at 00:22:05, on 29/01/2008 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wuauclt.exe C:\Program Files\WinRAR\WinRAR.exe C:\Users\MAMKAN~1\AppData\Local\Temp\Rar$EX01.233\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\MAMKAN~1\AppData\Local\Temp\wvutq.dll,#1 O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\MAMKAN~1\AppData\Local\Temp\oppml.dll,c O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: MultiFrame.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) Merci à l'avance.

Désolée pour les ajouts. Je viens de faire ATF et EWIDO comme vous me l'avez conseillé. Voici le rapport EWIDO: __________________________________________________ ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.2o7 Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@2o7[2].txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt Risk: Medium Name: TrackingCookie.Adbrite Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@adbrite[2].txt Risk: Medium Name: TrackingCookie.Adbrite Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt Risk: Medium Name: TrackingCookie.Advertising Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@advertising[2].txt Risk: Medium Name: TrackingCookie.Adviva Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@adviva[2].txt Risk: Medium Name: TrackingCookie.Atdmt Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@atdmt[2].txt Risk: Medium Name: TrackingCookie.Bluestreak Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@bluestreak[2].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt Risk: Medium Name: TrackingCookie.Doubleclick Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@doubleclick[1].txt Risk: Medium Name: TrackingCookie.Estat Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@estat[1].txt Risk: Medium Name: TrackingCookie.Mediaplex Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@mediaplex[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@serving-sys[1].txt Risk: Medium Name: TrackingCookie.Smartadserver Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@smartadserver[2].txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@tradedoubler[2].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mamkangourou@weborama[1].txt Risk: Medium Name: TrackingCookie.Atdmt Path: C:\Users\Mamkangourou\AppData\Roaming\Microsoft\Windows\Cookies\mamkangourou@atdmt[1].txt Risk: Medium Name: Not-A-Virus.Adware.Virtumonde Path: C:\Users\Mamkangourou\AppData\Local\Temp\removalfile.bat Risk: Low Name: TrackingCookie.Estat Path: :mozilla.6:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.48:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.49:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.50:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.119:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.120:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.121:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.122:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.123:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Doubleclick Path: :mozilla.130:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Counted Path: :mozilla.135:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Bluestreak Path: :mozilla.150:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.151:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.152:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.153:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.154:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.155:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.157:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.158:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.159:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.160:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adtech Path: :mozilla.173:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adtech Path: :mozilla.174:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adviva Path: :mozilla.175:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.227:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.228:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.229:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Atdmt Path: :mozilla.247:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.261:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.262:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.263:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.264:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Imrworldwide Path: :mozilla.293:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Imrworldwide Path: :mozilla.294:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.295:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.296:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.297:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.298:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.299:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adbrite Path: :mozilla.300:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adbrite Path: :mozilla.304:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Zedo Path: :mozilla.306:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Zedo Path: :mozilla.307:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Zedo Path: :mozilla.308:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Zedo Path: :mozilla.309:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Questionmarket Path: :mozilla.317:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Questionmarket Path: :mozilla.318:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.322:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.323:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.324:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.325:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.326:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.327:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.328:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.329:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.330:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.331:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.332:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.333:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.334:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.335:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.336:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.337:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.338:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.339:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.340:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.341:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.343:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.344:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.345:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.346:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.347:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.348:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.349:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.350:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.351:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.352:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.353:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.354:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.355:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.356:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.357:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.358:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.361:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.362:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.363:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.364:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.365:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.366:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.367:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Findwhat Path: :mozilla.407:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.409:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.410:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.411:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.412:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.413:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.414:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.415:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.416:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.436:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.437:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.438:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.455:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.457:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.458:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.459:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.460:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.461:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.462:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.463:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Sitestat Path: :mozilla.470:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Sitestat Path: :mozilla.471:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.481:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.482:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.483:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.484:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.485:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.486:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.487:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Revsci Path: :mozilla.514:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Revsci Path: :mozilla.515:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Tacoda Path: :mozilla.518:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Tacoda Path: :mozilla.519:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Tacoda Path: :mozilla.520:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Tacoda Path: :mozilla.521:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Tacoda Path: :mozilla.522:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.525:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Googleadservices Path: :mozilla.533:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Mediaplex Path: :mozilla.545:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Mediaplex Path: :mozilla.546:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Webtrendslive Path: :mozilla.548:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Overture Path: :mozilla.594:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Overture Path: :mozilla.595:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Overture Path: :mozilla.596:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.597:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Planetactive Path: :mozilla.682:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.696:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Liveperson Path: :mozilla.702:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Liveperson Path: :mozilla.705:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.733:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Googleadservices Path: :mozilla.759:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.786:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.787:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.788:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.790:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.791:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.792:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Sitestat Path: :mozilla.882:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Sitestat Path: :mozilla.883:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Webtrends Path: :mozilla.895:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.927:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium Name: TrackingCookie.Clickhype Path: :mozilla.931:C:\Users\Mamkangourou\AppData\Roaming\Mozilla\Firefox\Profiles\7yrajdky.default\cookies.txt Risk: Medium

merci pour votre réponse. J'ai déjà fait toutes ces étapes. (suivi les étapes sur le topic "pré nettoyage dun pc infecté"). J'ai bien suivi les 4 phases à effectuer avant de faire le scan avec Hijackthis. J'ai fait un copie coller du raport sur mon premier post. Maintenant je ne sais plus quoi faire de ce rapport et comment supprimer définitivement ce virus.

Bonsoir, j'avais Avast comme antivirus ( je ne savais pas qu'il n'était pas efficace) et j'ai attrapé un trojan ou virus hier. C'est le fichu Win 32: TratBHO [Tri] .J'ai bien lu les tutos et voici le rapport de HijackThis. Merci à l'avance pour votre aide. Logfile of HijackThis v1.99.1 Scan saved at 20:23:48, on 28/01/2008 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe C:\Windows\system32\wuauclt.exe C:\Program Files\WinRAR\WinRAR.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Users\MAMKAN~1\AppData\Local\Temp\Rar$EX00.477\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\MAMKAN~1\AppData\Local\Temp\wvutq.dll,#1 O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\MAMKAN~1\AppData\Local\Temp\oppml.dll,c O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: MultiFrame.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)