vcanta

ps je peux supprimer smitfraudfix ?

[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ] -->- Recherche: C:\Combofix.txt: trouvé ! C:\fixnavi.txt: trouvé ! C:\cleannavi.txt: trouvé ! C:\lopR.txt: trouvé ! C:\TB.txt: trouvé ! C:\FixWareOut: trouvé ! C:\Lop SD: trouvé ! C:\Toolbar SD: trouvé ! C:\Documents and Settings\Admin\Bureau\LopSD.exe: trouvé ! C:\Documents and Settings\Admin\Bureau\FixWareout.exe: trouvé ! C:\Documents and Settings\Admin\Bureau\Navilog1.exe: trouvé ! C:\Documents and Settings\Admin\Bureau\HijackThis.exe: trouvé ! C:\Documents and Settings\Admin\Bureau\SmitFraudFix.exe: trouvé ! C:\Documents and Settings\Admin\Bureau\ToolBarSD.exe: trouvé ! C:\Documents and Settings\Admin\Bureau\hijackthis.log: trouvé ! C:\Documents and Settings\Admin\Bureau\SmitFraudfix: trouvé ! C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé ! C:\Program Files\Navilog1: trouvé ! C:\Program Files\Navilog1\Navilog1.bat: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\Admin\Bureau\LopSD.exe: supprimé ! C:\Documents and Settings\Admin\Bureau\FixWareout.exe: supprimé ! C:\Documents and Settings\Admin\Bureau\Navilog1.exe: supprimé ! C:\Documents and Settings\Admin\Bureau\HijackThis.exe: supprimé ! C:\Documents and Settings\Admin\Bureau\SmitFraudFix.exe: supprimé ! C:\Documents and Settings\Admin\Bureau\ToolBarSD.exe: supprimé ! C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: supprimé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé ! C:\Program Files\Navilog1\Navilog1.bat: supprimé ! C:\Combofix.txt: supprimé ! C:\fixnavi.txt: supprimé ! C:\cleannavi.txt: supprimé ! C:\lopR.txt: supprimé ! C:\TB.txt: supprimé ! C:\Documents and Settings\Admin\Bureau\hijackthis.log: supprimé ! C:\FixWareOut: supprimé ! C:\Lop SD: supprimé ! C:\Toolbar SD: supprimé ! C:\Documents and Settings\Admin\Bureau\SmitFraudfix: supprimé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé ! C:\Program Files\Navilog1: supprimé ! Voilà pour le rapport tcleaner, je passe a l'étape suivante .... merci @ +

Je n'ai plus l'air d'avoir de problemes donc un grand MERCI par contre cela ne marche pas pour : Désinstalle ComboFix de cette manière en copiant/collant la ligne ci-dessous dans exécuter et valide: Code pouf /u il dit que window ne trouve pas pouf pourtant il est bien sur mon bureau ??

JavaRaJavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Fri Jan 23 12:35:29 2009 Found and removed: C:\Program Files\Java\jre1.6.0_01 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\JavaPlugin.160_01 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010} Found and removed: Software\Classes\JavaPlugin.160_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01 Found and removed: Software\JavaSoft\Java2D\1.6.0_01 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\ ------------------------------------ Finished reporting. voici le rapport de java

--------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 2500+ ) BIOS : Version 1.00 USER : Admin ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Anti-Virus 8.0.0.506 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:24 Go (Free:12 Go) D:\ (Local Disk) - NTFS - Total:4 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:42 Go (Free:6 Go) F:\ (Local Disk) - NTFS - Total:42 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [4] ( 23/01/2009|10:04 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script C:\Program Files\Defenza C:\DOCUME~1\Admin\Application Data\Microsoft\Office\Récent\Patch No Cd Call Of Duty 2 Cle Key Code Crack.rtf.lnk \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\Admin\Application Data\Microsoft\Office\Récent\Patch No Cd Call Of Duty 2 Cle Key Code Crack.rtf.lnk Supprime! - C:\Program Files\Defenza Supprime! - C:\Program Files\3wPlayer Supprime! - C:\DOCUME~1\Admin\APPLIC~1\GPLDAR~1 Supprime! - C:\Program Files\GPLDAR~1 \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [08/01/2008|21:54] C:\DOCUME~1\Admin\APPLIC~1\Adobe [17/06/2008|06:05] C:\DOCUME~1\Admin\APPLIC~1\AdobeUM [10/09/2006|09:06] C:\DOCUME~1\Admin\APPLIC~1\Ahead [16/12/2006|15:51] C:\DOCUME~1\Admin\APPLIC~1\Apple Computer [27/10/2006|17:38] C:\DOCUME~1\Admin\APPLIC~1\BitTorrent [04/04/2007|19:23] C:\DOCUME~1\Admin\APPLIC~1\DivX [12/08/2007|12:05] C:\DOCUME~1\Admin\APPLIC~1\EoRezo [23/01/2009|10:06] C:\DOCUME~1\Admin\APPLIC~1\Free Download Manager [12/11/2007|22:26] C:\DOCUME~1\Admin\APPLIC~1\Généatique2007 [10/03/2007|08:55] C:\DOCUME~1\Admin\APPLIC~1\Google [22/10/2006|16:11] C:\DOCUME~1\Admin\APPLIC~1\Help [13/08/2007|17:01] C:\DOCUME~1\Admin\APPLIC~1\Identities [31/03/2007|10:06] C:\DOCUME~1\Admin\APPLIC~1\ItsLabel [15/11/2007|18:54] C:\DOCUME~1\Admin\APPLIC~1\LimeWire [27/10/2006|15:49] C:\DOCUME~1\Admin\APPLIC~1\Macromedia [07/12/2007|21:48] C:\DOCUME~1\Admin\APPLIC~1\Media Player Classic [15/01/2009|21:56] C:\DOCUME~1\Admin\APPLIC~1\Microsoft [08/01/2008|21:48] C:\DOCUME~1\Admin\APPLIC~1\Mozilla [03/06/2007|18:52] C:\DOCUME~1\Admin\APPLIC~1\Skype [02/03/2008|13:34] C:\DOCUME~1\Admin\APPLIC~1\SoundSpectrum [26/04/2007|18:14] C:\DOCUME~1\Admin\APPLIC~1\Sun [21/12/2007|20:45] C:\DOCUME~1\Admin\APPLIC~1\vlc [18/12/2007|19:08] C:\DOCUME~1\Admin\APPLIC~1\WinRAR [01/10/2006|19:25] C:\DOCUME~1\Admin\APPLIC~1\Xerox [28/02/2008|20:43] C:\DOCUME~1\Admin\APPLIC~1\Yahoo! [13/08/2007|17:01] C:\DOCUME~1\Admin\APPLIC~1\Zylom [12/08/2007|13:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [12/03/2007|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [05/09/2008|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [05/09/2008|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [18/10/2008|22:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth [16/01/2009|08:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters [20/11/2007|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure [20/11/2007|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg [15/01/2009|22:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [23/01/2009|08:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab [02/12/2007|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [26/01/2007|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [08/04/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [14/01/2009|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [19/08/2007|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [24/12/2007|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [26/05/2007|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pokeremotebeepsecond [16/12/2006|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [21/06/2007|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC [16/01/2009|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [23/09/2006|18:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition) [08/09/2006|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [15/03/2008|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno [12/08/2007|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [08/09/2006|20:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [08/09/2006|20:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [08/04/2007|21:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [27/12/2008 09:00][--a--c---] C:\WINDOWS\tasks\rpc.job [19/01/2009 18:36][--a--c---] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [23/01/2009 08:14][--ah-c---] C:\WINDOWS\tasks\SA.DAT [02/10/2001 17:16][-r-h-c---] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [10/09/2006|12:49] C:\Program Files\Adobe [09/09/2006|00:11] C:\Program Files\Ahead [16/10/2006|13:45] C:\Program Files\All Systems [09/01/2009|21:02] C:\Program Files\Alwil Software [16/10/2006|19:41] C:\Program Files\Anuman Interactive [05/09/2008|22:35] C:\Program Files\Apple Software Update [06/12/2006|16:20] C:\Program Files\AviSynth 2.5 [12/08/2007|13:09] C:\Program Files\Azureus [28/12/2008|15:54] C:\Program Files\Bejeweled 2 Deluxe [08/09/2006|23:09] C:\Program Files\BeWAN ADSL V1.9.0.10 [08/09/2006|21:05] C:\Program Files\BeWAN ADSL V1.9.0.3 [23/09/2006|12:54] C:\Program Files\BitSpirit [25/09/2006|18:41] C:\Program Files\Boonty [25/09/2006|18:41] C:\Program Files\BoontyGames [15/01/2009|21:18] C:\Program Files\CCleaner [07/12/2007|21:41] C:\Program Files\Combined Community Codec Pack [08/09/2006|20:51] C:\Program Files\ComPlus Applications [12/08/2007|12:02] C:\Program Files\Creative [03/11/2006|16:56] C:\Program Files\CSO-DAX COMPILATOR [05/01/2007|02:55] C:\Program Files\DAEMON Tools [27/09/2006|17:23] C:\Program Files\DesignSoft [16/10/2006|19:44] C:\Program Files\directx [27/11/2008|20:47] C:\Program Files\DivX [05/10/2007|22:07] C:\Program Files\DVD Audio Extractor [29/12/2006|15:32] C:\Program Files\EA GAMES [13/01/2009|00:23] C:\Program Files\eMule [12/08/2007|12:33] C:\Program Files\eoRezo [18/12/2006|20:06] C:\Program Files\EphPod [12/09/2006|20:29] C:\Program Files\EPSON [22/01/2009|21:09] C:\Program Files\Fichiers communs [16/01/2009|08:03] C:\Program Files\Fighters [09/01/2009|20:59] C:\Program Files\Free Download Manager [15/03/2008|11:34] C:\Program Files\Free Offers from Freeze.com [22/11/2008|14:54] C:\Program Files\Generalia Multimedia [16/01/2009|07:28] C:\Program Files\Google [20/01/2009|20:50] C:\Program Files\InstallShield Installation Information [17/01/2009|11:37] C:\Program Files\Internet Explorer [18/10/2008|22:42] C:\Program Files\IVT Corporation [26/04/2007|18:14] C:\Program Files\Java [18/12/2007|19:03] C:\Program Files\Jewel Match [16/01/2009|20:28] C:\Program Files\Kaspersky Lab [15/03/2008|11:40] C:\Program Files\LimeWire [18/10/2006|10:50] C:\Program Files\MaxSoftware [18/10/2006|10:50] C:\Program Files\MaxTV Online [05/10/2008|19:01] C:\Program Files\Messenger [05/01/2007|02:47] C:\Program Files\Micro Application [22/12/2008|20:56] C:\Program Files\Microsoft ActiveSync [15/03/2008|14:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [08/09/2006|20:54] C:\Program Files\microsoft frontpage [28/12/2006|15:53] C:\Program Files\Microsoft Games [26/01/2007|22:49] C:\Program Files\Microsoft Office [08/09/2006|23:25] C:\Program Files\Microsoft Visual Studio [26/01/2007|22:43] C:\Program Files\Microsoft Visual Studio 8 [26/01/2007|22:50] C:\Program Files\Microsoft Works [26/01/2007|22:48] C:\Program Files\Microsoft.NET [19/10/2006|17:52] C:\Program Files\MIKSOFT [05/01/2007|02:55] C:\Program Files\MioNet [04/10/2008|21:55] C:\Program Files\movie maker [23/01/2009|08:26] C:\Program Files\Mozilla Firefox [16/09/2006|12:08] C:\Program Files\mp3DirectCut [26/01/2007|22:50] C:\Program Files\MSBuild [04/10/2008|21:55] C:\Program Files\msn [08/09/2006|20:54] C:\Program Files\msn gaming zone [16/11/2006|12:09] C:\Program Files\MSXML 4.0 [22/01/2009|20:18] C:\Program Files\Navilog1 [09/09/2006|00:12] C:\Program Files\Nero [04/10/2008|21:51] C:\Program Files\NetMeeting [08/03/2007|18:54] C:\Program Files\Neuf [10/09/2006|11:20] C:\Program Files\OfficeUpdate11 [23/04/2007|18:38] C:\Program Files\Online_TV [04/10/2008|21:51] C:\Program Files\Outlook Express [05/09/2008|22:38] C:\Program Files\QuickTime [15/03/2008|11:40] C:\Program Files\Real [14/08/2007|17:54] C:\Program Files\ReflexiveArcade [27/12/2008|19:01] C:\Program Files\Resco [12/08/2007|13:09] C:\Program Files\SAMSUNG [08/09/2006|20:52] C:\Program Files\Services en ligne [28/07/2007|21:45] C:\Program Files\SHARE 1.0 EX2 [12/11/2006|12:26] C:\Program Files\sisagp [12/08/2007|12:33] C:\Program Files\Skype [26/11/2007|21:29] C:\Program Files\Smart Projects [10/01/2009|10:30] C:\Program Files\SoundSpectrum [15/03/2008|17:29] C:\Program Files\Stardock [28/11/2007|20:05] C:\Program Files\Tele2 [12/11/2007|22:25] C:\Program Files\Tracker Software [12/09/2006|08:09] C:\Program Files\Uninstall Information [05/01/2007|02:55] C:\Program Files\USBToolbox [15/03/2008|12:01] C:\Program Files\Veoh Networks [06/10/2007|18:07] C:\Program Files\VideoLAN [25/03/2007|17:29] C:\Program Files\Web Media Player [12/09/2006|10:31] C:\Program Files\WinAVI MP4 Converter [06/12/2006|16:11] C:\Program Files\WinAVI Video Converter [26/01/2007|21:40] C:\Program Files\Windows Media Connect 2 [15/01/2009|21:56] C:\Program Files\Windows Media Player [08/09/2006|20:54] C:\Program Files\Windows NT [08/09/2006|20:52] C:\Program Files\WindowsUpdate [03/02/2008|21:57] C:\Program Files\WinRAR [09/01/2009|22:33] C:\Program Files\WinZip [08/09/2006|20:54] C:\Program Files\xerox [15/03/2008|11:41] C:\Program Files\Yahoo! [15/08/2007|18:39] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [12/03/2007|13:18] C:\Program Files\Fichiers communs\Adobe [22/11/2008|14:56] C:\Program Files\Fichiers communs\Ahead [26/01/2007|22:49] C:\Program Files\Fichiers communs\DESIGNER [10/09/2006|10:30] C:\Program Files\Fichiers communs\EPSON [30/09/2006|12:26] C:\Program Files\Fichiers communs\InstallShield [26/04/2007|18:13] C:\Program Files\Fichiers communs\Java [25/07/2008|06:59] C:\Program Files\Fichiers communs\Microsoft Shared [08/09/2006|20:52] C:\Program Files\Fichiers communs\MSSoap [08/09/2006|22:45] C:\Program Files\Fichiers communs\ODBC [10/01/2009|10:29] C:\Program Files\Fichiers communs\Real [08/09/2006|20:52] C:\Program Files\Fichiers communs\Services [08/09/2006|22:45] C:\Program Files\Fichiers communs\SpeechEngines [15/03/2008|17:29] C:\Program Files\Fichiers communs\Stardock [04/10/2008|21:51] C:\Program Files\Fichiers communs\System --------------------\\ Process ( 34 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-23 10:09:58 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 1 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:5][D:0]-> C:\DOCUME~1\Admin\LOCALS~1\Temp [F:3][D:0]-> C:\DOCUME~1\Admin\Cookies [F:51][D:4]-> C:\DOCUME~1\Admin\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 23/01/2009|10:11 - Option : [4] --------------------\\ Fin du rapport a 10:11:19 voila le 1er Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:13:42, on 23/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Veoh Networks\Veoh\VeohClient.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Fighters\configservice.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fighters\licenseservice.exe C:\Program Files\Fighters\updateservice.exe C:\Program Files\Fighters\ScannerService.exe c:\program files\fighters\spywarefighter\SPYWAREfighterTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Admin\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PTK License-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\licenseservice.exe O23 - Service: PTK Live Update-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\updateservice.exe O23 - Service: PTK Scanner-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\ScannerService.exe O23 - Service: PTK SharedAccess-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\configservice.exe O24 - Desktop Component 0: (no name) - http://img.hebus.com/2006/05/22/060522110009_14.jpg O24 - Desktop Component 1: (no name) - http://viphttp.yacast.net/b2l/www.emag.peu...8/FE_908RC3.jpg -- End of file - 7836 bytes le 2eme ....

le bloc note reste vide c'est bizare non ? j'ai mal lu, je recommence

option 2 de toolbar -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 2500+ ) BIOS : Version 1.00 USER : Admin ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Anti-Virus 8.0.0.506 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:24 Go (Free:12 Go) D:\ (Local Disk) - NTFS - Total:4 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:42 Go (Free:6 Go) F:\ (Local Disk) - NTFS - Total:42 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 23/01/2009| 8:22 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\AskTBar\bar Supprime! - C:\DOCUME~1\Admin\APPLIC~1\Dcads Advanced Toolbar\advertbuttons.xml Supprime! - C:\DOCUME~1\Admin\APPLIC~1\Dcads Advanced Toolbar\selected.xml Supprime! - C:\Program Files\Multi_Media_France\INSTALL.LOG Supprime! - C:\Program Files\AskTBar Supprime! - C:\DOCUME~1\Admin\APPLIC~1\Dcads Advanced Toolbar Supprime! - C:\Program Files\Multi_Media_France -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Admin) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar (Admin) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.neuf.fr/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Admin\Application Data\Microsoft\Office\Récent\Patch No Cd Call Of Duty 2 Cle Key Code Crack.rtf.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 22/01/2009|21:49 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 23/01/2009| 8:24 - Option : [2] log Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:26:04, on 23/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe C:\Program Files\Defenza\pcd-as.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Veoh Networks\Veoh\VeohClient.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Fighters\configservice.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fighters\licenseservice.exe C:\Program Files\Fighters\updateservice.exe C:\Program Files\Fighters\ScannerService.exe c:\program files\fighters\spywarefighter\SPYWAREfighterTray.exe C:\Documents and Settings\Admin\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: XBTB03021 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file) O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file) O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [PCDAS] C:\Program Files\Defenza\pcd-as.exe /10003 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PTK License-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\licenseservice.exe O23 - Service: PTK Live Update-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\updateservice.exe O23 - Service: PTK Scanner-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\ScannerService.exe O23 - Service: PTK SharedAccess-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\configservice.exe O24 - Desktop Component 0: (no name) - http://img.hebus.com/2006/05/22/060522110009_14.jpg O24 - Desktop Component 1: (no name) - http://viphttp.yacast.net/b2l/www.emag.peu...8/FE_908RC3.jpg -- End of file - 8162 bytes

je suis encore désolé de t'avoir vexer, mais je te remercie car je viens de réussir à me connecté à la version évaluation de kaspersky.

bah écoute je me suis trompée j'ai tellement de pgm sur le bureau

SmitFraudFix v2.391 Rapport fait à 22:03:49,60, 22/01/2009 Executé à partir de C:\Documents and Settings\Admin\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{587A1345-A37C-4B6D-A1D2-C815E4B4DA7C}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{587A1345-A37C-4B6D-A1D2-C815E4B4DA7C}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{587A1345-A37C-4B6D-A1D2-C815E4B4DA7C}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{587A1345-A37C-4B6D-A1D2-C815E4B4DA7C}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage du registre non souhaité. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin effectivement c'est un peu risqué Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:09:08, on 22/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fighters\configservice.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe C:\Program Files\Defenza\pcd-as.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Veoh Networks\Veoh\VeohClient.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Free Download Manager\fdm.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fighters\licenseservice.exe C:\Program Files\Fighters\updateservice.exe C:\Program Files\Fighters\ScannerService.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\devldr32.exe c:\program files\fighters\spywarefighter\SPYWAREfighterTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Admin\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: XBTB03021 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file) O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file) O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [PCDAS] C:\Program Files\Defenza\pcd-as.exe /10003 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PTK License-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\licenseservice.exe O23 - Service: PTK Live Update-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\updateservice.exe O23 - Service: PTK Scanner-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\ScannerService.exe O23 - Service: PTK SharedAccess-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\configservice.exe O24 - Desktop Component 0: (no name) - http://img.hebus.com/2006/05/22/060522110009_14.jpg O24 - Desktop Component 1: (no name) - http://viphttp.yacast.net/b2l/www.emag.peu...8/FE_908RC3.jpg -- End of file - 8124 bytes

SmitFraudFix v2.391 Rapport fait à 21:51:57,06, 22/01/2009 Executé à partir de C:\Documents and Settings\Admin\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fighters\configservice.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe C:\Program Files\Defenza\pcd-as.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Veoh Networks\Veoh\VeohClient.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Free Download Manager\fdm.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fighters\licenseservice.exe C:\Program Files\Fighters\updateservice.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Fighters\ScannerService.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\devldr32.exe c:\program files\fighters\spywarefighter\SPYWAREfighterTray.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Admin\Bureau\SmitfraudFix\Policies.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Admin »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Admin\LOCALS~1\Temp »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Admin\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Admin\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="http://img.hebus.com/2006/05/22/060522110009_14.jpg"'>http://img.hebus.com/2006/05/22/060522110009_14.jpg" "SubscribedURL"="http://img.hebus.com/2006/05/22/060522110009_14.jpg" "FriendlyName"="" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1] "Source"="http://viphttp.yacast.net/b2l/www.emag.peugeot.fr/goodies/908RC/1024-768/FE_908RC3.jpg"'>http://viphttp.yacast.net/b2l/www.emag.peugeot.fr/goodies/908RC/1024-768/FE_908RC3.jpg" "SubscribedURL"="http://viphttp.yacast.net/b2l/www.emag.peugeot.fr/goodies/908RC/1024-768/FE_908RC3.jpg" "FriendlyName"="" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\2] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{587A1345-A37C-4B6D-A1D2-C815E4B4DA7C}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{587A1345-A37C-4B6D-A1D2-C815E4B4DA7C}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{587A1345-A37C-4B6D-A1D2-C815E4B4DA7C}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{587A1345-A37C-4B6D-A1D2-C815E4B4DA7C}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin voila le 2eme merci

voici le rapport -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 2500+ ) BIOS : Version 1.00 USER : Admin ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Anti-Virus 8.0.0.506 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:24 Go (Free:13 Go) D:\ (Local Disk) - NTFS - Total:4 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:42 Go (Free:6 Go) F:\ (Local Disk) - NTFS - Total:42 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 22/01/2009|21:48 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskTBar C:\Program Files\AskTBar\bar C:\DOCUME~1\Admin\APPLIC~1\Dcads Advanced Toolbar C:\DOCUME~1\Admin\APPLIC~1\Dcads Advanced Toolbar\advertbuttons.xml C:\DOCUME~1\Admin\APPLIC~1\Dcads Advanced Toolbar\selected.xml C:\Program Files\Multi_Media_France C:\Program Files\Multi_Media_France\INSTALL.LOG -----------\\ Extensions (Admin) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar (Admin) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.neuf.fr/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.01net.com/telecharger/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Admin\Application Data\Microsoft\Office\Récent\Patch No Cd Call Of Duty 2 Cle Key Code Crack.rtf.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 22/01/2009|21:49 - Option : [1] -----------\\ Fin du rapport a 21:49:49,60

ComboFix 09-01-21.04 - Admin 2009-01-22 21:07:23.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.511.215 [GMT 1:00] Lancé depuis: c:\documents and settings\Admin\Bureau\pouf.exe AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Dcads Advanced Toolbar c:\program files\Dcads Advanced Toolbar\buttons.xml c:\program files\Dcads Advanced Toolbar\search.xml c:\program files\Dcads Advanced Toolbar\toolbar.dll c:\program files\Dcads Advanced Toolbar\uninstall.exe c:\program files\OneStepSearch c:\windows\Downloaded Program Files\Quarantine c:\windows\system32\av.dat c:\windows\system32\dcads-remove.exe c:\windows\system32\drivers\TDSSmaxt.sys c:\windows\system32\superiorads-uninst.exe c:\windows\system32\TDSScfub.dll c:\windows\system32\TDSSfpmp.dll c:\windows\system32\TDSSmaxt.log c:\windows\system32\TDSSnmxh.log c:\windows\system32\TDSSnrsr.dll c:\windows\system32\TDSSoeqh.log c:\windows\system32\TDSSoexh.dll c:\windows\system32\TDSSosvd.dat c:\windows\system32\TDSSriqp.dll c:\windows\system32\TDSSsbhc.dll . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_TDSSserv.sys -------\Legacy_TDSSserv.sys ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-22 au 2009-01-22 )))))))))))))))))))))))))))))))))))) . 2009-01-22 19:05 . 2009-01-22 20:18 <REP> d-------- c:\program files\Navilog1 2009-01-21 21:41 . 2009-01-21 21:42 <REP> d-------- c:\windows\BDOSCAN8 2009-01-20 20:50 . 2009-01-20 20:50 <REP> d-------- c:\program files\Defenza 2009-01-20 20:50 . 1996-08-20 20:37 15,840 --a------ c:\windows\system32\Machnm1.exe 2009-01-20 20:50 . 2005-09-25 16:37 5,632 --a------ c:\windows\system32\Machnm64.sys 2009-01-20 20:50 . 2009-01-20 20:50 3,120 --a------ c:\windows\system32\118290.54 2009-01-20 20:50 . 2009-01-20 20:50 3,120 --a------ c:\windows\118294.78 2009-01-20 20:50 . 2003-08-13 00:27 2,304 --a------ c:\windows\system32\Machnm32.sys 2009-01-18 21:47 . 2009-01-18 21:47 <REP> d-------- c:\windows\system32\Kaspersky Lab 2009-01-16 08:02 . 2009-01-16 08:03 <REP> d-------- c:\program files\Fighters 2009-01-16 08:02 . 2009-01-16 08:02 <REP> d-------- c:\documents and settings\All Users\Application Data\Fighters 2009-01-15 21:02 . 2009-01-15 21:18 <REP> d-------- c:\program files\CCleaner 2009-01-15 20:09 . 2004-12-30 10:00 104,576 -ra--c--- c:\windows\system32\drivers\OLD83.tmp 2009-01-15 19:29 . 2009-01-16 20:23 <REP> d-a------ c:\documents and settings\All Users\Application Data\TEMP 2009-01-10 12:58 . 2009-01-10 13:05 <REP> d-------- C:\fixwareout 2009-01-09 21:02 . 2009-01-09 21:02 <REP> d-------- c:\program files\Alwil Software 2008-12-31 10:32 . 2009-01-15 07:03 <REP> d-------- c:\program files\AskTBar 2008-12-28 16:17 . 2009-01-11 17:26 16 --a------ c:\windows\popcinfo.dat 2008-12-28 15:51 . 2008-12-28 15:54 <REP> d-------- c:\program files\Bejeweled 2 Deluxe 2008-12-28 15:51 . 2008-12-28 15:51 720,896 --a------ c:\windows\iun6002ev.exe 2008-12-22 20:56 . 2008-12-27 19:01 <REP> d-------- c:\program files\Resco 2008-12-22 20:56 . 2008-12-22 20:56 <REP> d-------- c:\program files\Microsoft ActiveSync 2008-12-22 20:56 . 2007-10-10 19:38 90,112 --a------ c:\windows\RSetupCE.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-22 20:13 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-01-22 20:11 725,708 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-01-22 20:11 54,105,888 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-01-22 20:11 108,428 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-01-22 20:11 1,145,120 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-01-22 20:02 --------- d-----w c:\documents and settings\Admin\Application Data\Free Download Manager 2009-01-20 19:50 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-16 19:28 --------- d-----w c:\program files\Kaspersky Lab 2009-01-16 06:28 --------- d-----w c:\program files\Google 2009-01-14 19:03 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-01-12 23:23 --------- d-----w c:\program files\eMule 2009-01-10 09:30 --------- d-----w c:\program files\SoundSpectrum 2009-01-10 09:29 --------- d-----w c:\program files\Fichiers communs\Real 2009-01-09 19:59 --------- d-----w c:\program files\Free Download Manager 2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys 2008-11-27 19:47 --------- d-----w c:\program files\DivX 2008-11-22 13:56 --------- d-----w c:\program files\Fichiers communs\Ahead 2008-11-22 13:54 --------- d-----w c:\program files\Generalia Multimedia 2008-03-15 10:41 774,144 -c--a-w c:\program files\RngInterstitial.dll 2006-09-11 06:10 298 -c--a-w c:\program files\Fichiers communs\vfp8rerr.log 2005-05-13 16:12 217,073 -csha-r c:\windows\meta4.exe 2005-10-24 10:13 66,560 -csha-r c:\windows\MOTA113.exe 2006-10-16 18:44 8,192 -csha-w c:\windows\o2cLicStore.bin 2005-10-13 20:27 422,400 -csha-r c:\windows\x2.64.exe 2005-10-07 18:14 308,224 -csha-r c:\windows\system32\avisynth.dll 2005-07-14 11:31 27,648 -csha-r c:\windows\system32\AVSredirect.dll 2008-04-14 02:33 617,472 --sha-w c:\windows\system32\comctl32.dll 2005-06-26 14:32 616,448 -csha-r c:\windows\system32\cygwin1.dll 2005-06-21 21:37 45,568 -csha-r c:\windows\system32\cygz.dll 2004-01-24 23:00 70,656 -csha-r c:\windows\system32\i420vfw.dll 2008-04-14 02:33 1,028,096 --sha-w c:\windows\system32\mfc42.dll 2008-04-14 02:33 413,696 --sha-w c:\windows\system32\msvcp60.dll 2008-04-14 02:33 343,040 --sha-w c:\windows\system32\msvcrt.dll 2001-10-02 16:16 253,952 -csha-w c:\windows\system32\msvcrt20.dll 2006-04-27 09:24 2,945,024 -csha-r c:\windows\system32\Smab.dll 2008-04-14 02:33 30,749 -csha-w c:\windows\system32\vbajet32.dll 1998-05-18 01:06 368,912 -csha-w c:\windows\system32\vbar332.dll 2005-02-28 12:16 240,128 -csha-r c:\windows\system32\x.264.exe 2004-01-24 23:00 70,656 -csha-r c:\windows\system32\yv12vfw.dll 2008-10-04 21:29 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008100420081005\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-08-28 3660848] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] "Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2008-11-12 2474031] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-12-19 1434864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696] "spywarefighterguard"="c:\program files\Fighters\spywarefighter\SpywarefighterUser.exe" [2008-11-18 180872] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-11-11 206088] "PCDAS"="c:\program files\Defenza\pcd-as.exe" [2006-12-15 1359872] "nwiz"="nwiz.exe" [2006-10-22 c:\windows\system32\nwiz.exe] "NvMediaCenter"="NvMCTray.dll" [2006-10-22 c:\windows\system32\nvmctray.dll] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nlsf"="move" [X] "Config"="c:\windows\system32\run.cmd" [2005-08-23 341] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-19 44544] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-05-17 661776] EPSON Status Monitor 3 Environment Check(2).lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [2006-09-10 135680] EPSON Status Monitor 3 Environment Check.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV03.EXE [1999-10-22 217600] Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2006-09-08 122880] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"= ctwdm32.dll "vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Neuf\\Kit\\9diags.exe"= "c:\\Program Files\\Neuf\\Kit\\9conf.exe"= "c:\\Program Files\\SHARE 1.0 EX2\\Share.exe"= "c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4662:TCP"= 4662:TCP:emule tcp "4672:UDP"= 4672:UDP:emule udp R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2007-04-04 24592] R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [2006-09-08 60191] R3 Vfscan;Vfscan;c:\windows\system32\drivers\vffilter.sys [2008-11-18 15496] R4 PTK License-FIGHTERS-297811811;PTK License-FIGHTERS-297811811;c:\program files\Fighters\LicenseService.exe [2008-11-18 283272] R4 PTK Live Update-FIGHTERS-297811811;PTK Live Update-FIGHTERS-297811811;c:\program files\Fighters\UpdateService.exe [2008-11-18 307848] R4 PTK Scanner-FIGHTERS-297811811;PTK Scanner-FIGHTERS-297811811;c:\program files\Fighters\ScannerService.exe [2008-11-18 311944] R4 PTK SharedAccess-FIGHTERS-297811811;PTK SharedAccess-FIGHTERS-297811811;c:\program files\Fighters\ConfigService.exe [2008-11-18 139912] S3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\drivers\torususb.sys [2006-09-08 543555] . Contenu du dossier 'Tâches planifiées' 2009-01-19 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57] 2008-12-27 c:\windows\Tasks\rpc.job - c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe [] . - - - - ORPHELINS SUPPRIMES - - - - URLSearchHooks-{F528E5F8-4EE3-4740-9D99-9483FCD70F27} - (no file) Toolbar-{41C29B07-6F91-4966-91BE-2E2841643C83} - c:\program files\Dcads Advanced Toolbar\toolbar.dll HKLM-Run-EoEngine - (no file) . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.neuf.fr/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.01net.com/telecharger/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Télécharger avec &BitSpirit - c:\program files\BitSpirit\bsurl.htm IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\och4rrzw.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.startup.homepage - hxxp://home.neuf.fr/ FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-22 21:14:25 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3656) c:\windows\system32\nview.dll c:\windows\system32\NVWRSFR.DLL . ------------------------ Autres processus actifs ------------------------ . c:\program files\Fichiers communs\EPSON\EBAPI\SAgent2.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\windows\system32\rundll32.exe c:\windows\system32\rundll32.exe c:\windows\system32\devldr32.exe c:\program files\Fighters\Spywarefighter\SpywarefighterTray.exe . ************************************************************************** . Heure de fin: 2009-01-22 21:19:16 - La machine a redémarré ComboFix-quarantined-files.txt 2009-01-22 20:19:09 Avant-CF: 14,078,251,008 octets libres Après-CF: 14,013,546,496 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect 247 --- E O F --- 2009-01-14 19:03:13 voilà

j'ai le fichier ...

Clean Navipromo version 3.7.1 commencé le 22/01/2009 à 20:15:18,62 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 2500+ ) BIOS : Version 1.00 USER : Admin ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Anti-Virus 8.0.0.506 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:24 Go (Free:13 Go) D:\ (Local Disk) - NTFS - Total:4 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:42 Go (Free:6 Go) F:\ (Local Disk) - NTFS - Total:42 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (CD or DVD) Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\Admin\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Admin\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Admin\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Admin\menudm~1\progra~1" *** *** Suppression fichiers *** *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Admin\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\Admin\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltdt absent ! *** Recherche autres dossiers et fichiers connus *** *** Nettoyage terminé le 22/01/2009 à 20:18:55,10 *** pour Malwarebytes' Anti-Malware je ne peux pas y acceder

pour smitfraudfix.exe ca ne marche pas, il me dit erreur application l'exception point d'arret Un point d'arret a été atteint (0x800000003) s'est produite dans l'application à l'emplacement 0x00401000 Je ne comprend pas trop ce message... Merci encore Vanessa ps : j'avais desactivé l'antivirus avant de lancer l'application

Search Navipromo version 3.7.1 commencé le 22/01/2009 à 19:08:55,96 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 2500+ ) BIOS : Version 1.00 USER : Admin ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Anti-Virus 8.0.0.506 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:24 Go (Free:13 Go) D:\ (Local Disk) - NTFS - Total:4 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:42 Go (Free:6 Go) F:\ (Local Disk) - NTFS - Total:42 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (CD or DVD) Recherche executé en mode normal *** Recherche Programmes installés *** Favorit *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** ...\WebMediaPlayer trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Admin\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Admin\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Admin\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Admin\locals~1\applic~1" * *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !! HKEY_CURRENT_USER\Software\Lanconfig [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uosyeqi"="\"c:\\windows\\system32\\uosyeqi.exe\" uosyeqi" *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : riyniu.dat trouvé ! riyniu_nav.dat trouvé ! riyniu_navps.dat trouvé ! uosyeqi.exe trouvé ! uosyeqi.dat trouvé ! uosyeqi_nav.dat trouvé ! uosyeqi_navps.dat trouvé ! xbawvkoztu_navtmp.dat trouvé ! * Dans "C:\Documents and Settings\Admin\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche autres dossiers et fichiers connus : *** Analyse terminée le 22/01/2009 à 19:21:06,01 *** voici le rapport Navilog Ne passe aucune autre option avant qu'on ne te le dise. 2) Télécharge SmitfraudFix sur ton bureau. Double-clique sur smitfraudfix.exe Sous Vista --> clic droit Exécuter en temps qu'administrateur. Sélectionne 1 pour créer un rapport des fichiers responsables de l'infection. Poste le rapport sur le forum dans ta prochaine réponse. Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. @++

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:31:00, on 21/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RunDLL32.exe C:\windows\system32\qikic.exe C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe C:\Program Files\Defenza\pcd-as.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Veoh Networks\Veoh\VeohClient.exe C:\Program Files\Free Download Manager\fdm.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fighters\configservice.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fighters\licenseservice.exe C:\Program Files\Fighters\updateservice.exe C:\Program Files\Fighters\ScannerService.exe c:\program files\fighters\spywarefighter\SPYWAREfighterTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Admin\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {F528E5F8-4EE3-4740-9D99-9483FCD70F27} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: XBTB03021 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file) O3 - Toolbar: Dcads Toolbar - {41C29B07-6F91-4966-91BE-2E2841643C83} - C:\Program Files\Dcads Advanced Toolbar\toolbar.dll O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file) O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [qikic] "c:\windows\system32\qikic.exe" qikic O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [PCDAS] C:\Program Files\Defenza\pcd-as.exe /10003 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab O20 - AppInit_DLLs: pushow94.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PTK License-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\licenseservice.exe O23 - Service: PTK Live Update-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\updateservice.exe O23 - Service: PTK Scanner-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\ScannerService.exe O23 - Service: PTK SharedAccess-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\configservice.exe O24 - Desktop Component 0: (no name) - http://img.hebus.com/2006/05/22/060522110009_14.jpg O24 - Desktop Component 1: (no name) - http://viphttp.yacast.net/b2l/www.emag.peu...8/FE_908RC3.jpg -- End of file - 8977 bytes voici le rapport, effectivement le 1er lien ne fonctionnait pas. bon courage et merci d'avance

Bonjour mon antivirus est kaspersky, j'avais la version 2008, depuis mon pb j'ai écouter un ami qui m'a dit de telecharger la version antivirus 2009 et d'essayer de nettoyer mon pc avec la version evaluation, sauf que pour activer cette version il faut se connecté a internet, mais mon virus me bloque l'accès. donc je n'ai plus vraiment de protection Je fait ce que tu m'a demandé ce soir car je suis au boulot

Bonjour a tous, J'ai un gros pb depuis plus de 15 jours, j'ai attrapé un virus qui me bloque les mises à jour de mon antivirus et qui me bloque également tous les sites d'antivirus en ligne. J'ai également un soucis avec google quand je clique sur les liens il me redirige vers de sites de pub. J'ai recherché sur le net et j'ai bcp entendu parlé de HijackThis mais comme je n'y connait pas grand chose cela ne m'a aidé. Est ce que quelqu'un pourrait m'aider ???? Merci d'avance