squirrel69

bonjour, cette fois ci avec IE, j'arrive a telecharger une partie de la base de donnée de kaspersky, puis me vient une fenetre avec ce message: Program has failed to start.Program has failed to start.Close the Kaspersky Online Scanner7.0 window and open it again to install the program. [ERROR:java.security.PrivilegedActionException: java.io.IOException: Transfer failed: [java.net.SocketException: Connection Reset ]. ] je vais y arriver, c sur!

bonjour, j'ai remis à jour Java car je n'avais pas la bonne version , mais je n'arrive pas a lancer kaspersky online, voici le message d'erreur qu'il m'indique lorsqu'il essaie de recuper la base de donnée des virus : " Starting Java applet has failed! Please go online to use this program." nb : j'utilise firefox. que dois je faire pour que cela fonctionne afin d'avoir le rapport kaspersky? merci

alors voici le LopR.txt : --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Core2 CPU T5500 @ 1.66GHz ) BIOS : Phoenix ROM BIOS PLUS Version 1.10 A08 USER : r386725 ( Not Administrator ! ) BOOT : Normal boot Antivirus : Symantec AntiVirus Corporate Edition 10.1.6.6010 (Activated) C:\ (Local Disk) - NTFS - Total:37 Go (Free:3 Go) D:\ (CD or DVD) H:\ (Network Disk) - *NT5CSC - Total:37 Go (Free:3 Go) T:\ (Network Disk) X:\ (Network Disk) Y:\ (Network Disk) Z:\ (Network Disk) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( 23/01/2009|19:38 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [23/11/2007|09:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [15/01/2008|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Applications [28/04/2008|09:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iPass [30/10/2007|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [15/01/2009|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [05/12/2007|08:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [05/11/2007|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [26/10/2007|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [11/02/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ThermaCAM Researcher Basic 2.8 SR-1 [21/06/2007|09:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [21/06/2007|10:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun [21/06/2007|09:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\TiFiC [21/06/2007|08:04] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [07/10/2008|08:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\TiFiC [21/06/2007|08:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [10/10/2006|13:52] C:\DOCUME~1\r075092\APPLIC~1\3M [10/10/2006|13:52] C:\DOCUME~1\r075092\APPLIC~1\Adobe [25/12/2006|18:25] C:\DOCUME~1\r075092\APPLIC~1\Apple Computer [19/02/2006|21:28] C:\DOCUME~1\r075092\APPLIC~1\CyberLink [18/10/2006|12:35] C:\DOCUME~1\r075092\APPLIC~1\DataLayer [03/07/2006|06:38] C:\DOCUME~1\r075092\APPLIC~1\FileMaker [19/07/2007|08:46] C:\DOCUME~1\r075092\APPLIC~1\Google [02/04/2007|14:27] C:\DOCUME~1\r075092\APPLIC~1\Hummingbird [10/10/2006|13:52] C:\DOCUME~1\r075092\APPLIC~1\Identities [11/09/2007|08:14] C:\DOCUME~1\r075092\APPLIC~1\InstallShield [21/12/2006|14:10] C:\DOCUME~1\r075092\APPLIC~1\Jasc [12/10/2006|10:30] C:\DOCUME~1\r075092\APPLIC~1\Jasc Software Inc [12/10/2006|10:06] C:\DOCUME~1\r075092\APPLIC~1\Macromedia [27/11/2006|14:19] C:\DOCUME~1\r075092\APPLIC~1\Matrice [19/07/2007|08:45] C:\DOCUME~1\r075092\APPLIC~1\Microsoft [18/12/2006|15:18] C:\DOCUME~1\r075092\APPLIC~1\Mozilla [10/10/2006|14:05] C:\DOCUME~1\r075092\APPLIC~1\NetManage [10/10/2006|13:54] C:\DOCUME~1\r075092\APPLIC~1\NW [05/01/2007|07:27] C:\DOCUME~1\r075092\APPLIC~1\PC Suite [09/02/2006|14:09] C:\DOCUME~1\r075092\APPLIC~1\Sun [27/04/2007|14:02] C:\DOCUME~1\r075092\APPLIC~1\TiFiC [30/11/2006|12:53] C:\DOCUME~1\r075092\APPLIC~1\vlc [20/06/2006|11:45] C:\DOCUME~1\r075092\APPLIC~1\XnView [23/01/2009|18:36] C:\DOCUME~1\r386725\APPLIC~1\Adobe [06/11/2006|16:35] C:\DOCUME~1\r386725\APPLIC~1\DassaultSystemes [04/01/2008|22:18] C:\DOCUME~1\r386725\APPLIC~1\Google [07/02/2007|16:29] C:\DOCUME~1\r386725\APPLIC~1\Hummingbird [17/05/2006|07:43] C:\DOCUME~1\r386725\APPLIC~1\IAIC [16/05/2006|08:47] C:\DOCUME~1\r386725\APPLIC~1\Identities [03/02/2007|17:54] C:\DOCUME~1\r386725\APPLIC~1\InterVideo [23/05/2006|10:07] C:\DOCUME~1\r386725\APPLIC~1\Jasc Software Inc [14/06/2006|15:40] C:\DOCUME~1\r386725\APPLIC~1\Macromedia [15/01/2009|23:49] C:\DOCUME~1\r386725\APPLIC~1\Malwarebytes [28/02/2007|15:41] C:\DOCUME~1\r386725\APPLIC~1\MathWorks [15/02/2008|08:53] C:\DOCUME~1\r386725\APPLIC~1\Microsoft [15/01/2009|19:41] C:\DOCUME~1\r386725\APPLIC~1\Mozilla [16/05/2006|09:14] C:\DOCUME~1\r386725\APPLIC~1\NW [16/05/2006|10:29] C:\DOCUME~1\r386725\APPLIC~1\SAP [23/05/2007|20:43] C:\DOCUME~1\r386725\APPLIC~1\Sony Corporation [29/05/2006|15:15] C:\DOCUME~1\r386725\APPLIC~1\Sun [08/10/2008|10:39] C:\DOCUME~1\r386725\APPLIC~1\TiFiC [16/05/2006|13:00] C:\DOCUME~1\r386725\APPLIC~1\TTF [27/11/2007|11:07] C:\DOCUME~1\r386725\APPLIC~1\WinRAR [30/10/2006|08:17] C:\DOCUME~1\r387142\APPLIC~1\Adobe [02/11/2006|08:55] C:\DOCUME~1\r387142\APPLIC~1\Ahead [16/02/2007|09:24] C:\DOCUME~1\r387142\APPLIC~1\CyberLink [17/10/2006|13:20] C:\DOCUME~1\r387142\APPLIC~1\DassaultSystemes [11/04/2007|15:33] C:\DOCUME~1\r387142\APPLIC~1\Hummingbird [11/04/2007|15:34] C:\DOCUME~1\r387142\APPLIC~1\IAIC [17/10/2006|08:29] C:\DOCUME~1\r387142\APPLIC~1\Identities [20/11/2006|13:49] C:\DOCUME~1\r387142\APPLIC~1\InterVideo [02/11/2006|15:27] C:\DOCUME~1\r387142\APPLIC~1\Jasc Software Inc [17/10/2006|08:30] C:\DOCUME~1\r387142\APPLIC~1\Macromedia [31/10/2006|10:03] C:\DOCUME~1\r387142\APPLIC~1\MathWorks [02/11/2006|16:05] C:\DOCUME~1\r387142\APPLIC~1\Microsoft [27/10/2006|12:23] C:\DOCUME~1\r387142\APPLIC~1\NetManage [12/04/2007|11:28] C:\DOCUME~1\r387142\APPLIC~1\Nokia Multimedia Player [17/10/2006|10:15] C:\DOCUME~1\r387142\APPLIC~1\NW [12/04/2007|11:23] C:\DOCUME~1\r387142\APPLIC~1\PC Suite [22/05/2006|09:28] C:\DOCUME~1\r387142\APPLIC~1\Sun [12/06/2007|16:51] C:\DOCUME~1\r387142\APPLIC~1\TiFiC [02/11/2006|13:28] C:\DOCUME~1\r387142\APPLIC~1\TTF [23/12/2006|18:36] C:\DOCUME~1\r387142\APPLIC~1\vlc [22/06/2007|13:30] C:\DOCUME~1\r387142\APPLIC~1\WinRAR [05/02/2007|16:41] C:\DOCUME~1\R389785\APPLIC~1\Adobe [05/02/2007|09:21] C:\DOCUME~1\R389785\APPLIC~1\Identities [06/02/2007|07:14] C:\DOCUME~1\R389785\APPLIC~1\Imagine SA [05/02/2007|12:15] C:\DOCUME~1\R389785\APPLIC~1\Jasc Software Inc [06/06/2007|06:26] C:\DOCUME~1\R389785\APPLIC~1\Lavasoft [09/02/2007|07:24] C:\DOCUME~1\R389785\APPLIC~1\Macromedia [02/04/2007|08:22] C:\DOCUME~1\R389785\APPLIC~1\MathWorks [14/03/2007|10:38] C:\DOCUME~1\R389785\APPLIC~1\Microsoft [05/02/2007|09:21] C:\DOCUME~1\R389785\APPLIC~1\Sun [17/04/2007|11:25] C:\DOCUME~1\R389785\APPLIC~1\TiFiC [21/06/2007|09:47] C:\DOCUME~1\re7v47om\APPLIC~1\Identities [21/06/2007|09:48] C:\DOCUME~1\re7v47om\APPLIC~1\Microsoft [21/06/2007|09:33] C:\DOCUME~1\re7v47om\APPLIC~1\TiFiC --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [23/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [23/01/2009 15:05][--ah-----] C:\WINDOWS\tasks\SA.DAT --------------------\\ Listing des dossiers dans C:\Program Files [27/05/2008|09:41] C:\Program Files\Adobe [25/10/2007|11:53] C:\Program Files\APCISystemdatatool [21/06/2007|09:57] C:\Program Files\Apoint [21/06/2007|09:47] C:\Program Files\Archive Services [28/04/2008|09:23] C:\Program Files\Cisco Systems [03/11/2008|12:54] C:\Program Files\Common Files [20/01/2009|10:35] C:\Program Files\ComPlus Applications [21/06/2007|08:13] C:\Program Files\CONEXANT [21/06/2007|08:14] C:\Program Files\CyberLink [27/05/2008|09:41] C:\Program Files\CyberSafe [21/06/2007|08:15] C:\Program Files\Dell [15/01/2008|17:04] C:\Program Files\DIFX [17/04/2008|10:29] C:\Program Files\Google [11/02/2008|13:20] C:\Program Files\InstallShield Installation Information [21/06/2007|08:11] C:\Program Files\Intel [18/12/2008|09:48] C:\Program Files\Internet Explorer [03/11/2008|12:55] C:\Program Files\Java [26/10/2007|09:33] C:\Program Files\Knorr-Bremse [15/01/2009|23:49] C:\Program Files\Malwarebytes' Anti-Malware [14/02/2008|08:40] C:\Program Files\Messenger [21/06/2007|09:52] C:\Program Files\Microsoft ActiveSync [28/11/2007|12:46] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [21/06/2007|08:16] C:\Program Files\microsoft frontpage [09/12/2008|08:40] C:\Program Files\Microsoft Office [02/12/2008|08:56] C:\Program Files\Microsoft Office Communicator [05/12/2007|08:53] C:\Program Files\Microsoft Visual Studio [05/11/2007|08:45] C:\Program Files\Microsoft Visual Studio .NET 2003 [05/12/2007|08:53] C:\Program Files\Microsoft Works [21/06/2007|09:51] C:\Program Files\Microsoft.NET [21/06/2007|08:02] C:\Program Files\Movie Maker [23/01/2009|19:37] C:\Program Files\Mozilla Firefox [21/06/2007|08:16] C:\Program Files\msn gaming zone [25/06/2008|08:25] C:\Program Files\MSXML 4.0 [28/04/2008|09:30] C:\Program Files\MyAccess [14/11/2008|14:06] C:\Program Files\NetMeeting [21/06/2007|08:02] C:\Program Files\Online Services [05/11/2007|08:46] C:\Program Files\Oracle [28/11/2007|12:34] C:\Program Files\Outlook Express [21/06/2007|09:49] C:\Program Files\PalmOne [25/10/2007|12:43] C:\Program Files\Pana Max Tool 2 [27/05/2008|09:41] C:\Program Files\SAP [21/06/2007|08:13] C:\Program Files\SigmaTel [21/06/2007|09:49] C:\Program Files\Sony Ericsson [26/10/2007|12:58] C:\Program Files\Symantec [23/01/2009|15:06] C:\Program Files\Symantec AntiVirus [11/02/2008|13:20] C:\Program Files\ThermaCAM Researcher Basic 2.8 SR-1 [21/06/2007|09:33] C:\Program Files\TiFiC [21/06/2007|09:47] C:\Program Files\Uninstall Information [23/01/2009|15:07] C:\Program Files\Volvo [27/05/2008|09:41] C:\Program Files\Volvo Information Technology [04/01/2008|08:42] C:\Program Files\Wfwin [21/06/2007|08:04] C:\Program Files\Windows Media Player [21/06/2007|08:16] C:\Program Files\Windows NT [21/06/2007|08:02] C:\Program Files\WindowsUpdate [27/11/2007|11:07] C:\Program Files\WinRAR [21/06/2007|08:16] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Common Files [26/11/2007|08:16] C:\Program Files\Common Files\Adobe [21/06/2007|09:52] C:\Program Files\Common Files\DESIGNER [28/04/2008|09:23] C:\Program Files\Common Files\Deterministic Networks [27/05/2008|09:37] C:\Program Files\Common Files\ESRI [21/06/2007|08:14] C:\Program Files\Common Files\InstallShield [03/11/2008|12:54] C:\Program Files\Common Files\Java [05/12/2007|08:53] C:\Program Files\Common Files\L&H [04/09/2008|13:00] C:\Program Files\Common Files\Microsoft Shared [21/06/2007|08:02] C:\Program Files\Common Files\MSSoap [21/06/2007|09:53] C:\Program Files\Common Files\ODBC [27/05/2008|09:36] C:\Program Files\Common Files\SAP Shared [21/06/2007|08:02] C:\Program Files\Common Files\Services [21/06/2007|09:52] C:\Program Files\Common Files\SpeechEngines [26/10/2007|12:57] C:\Program Files\Common Files\Symantec Shared [28/11/2007|12:34] C:\Program Files\Common Files\System [21/06/2007|09:33] C:\Program Files\Common Files\TiFiC [04/01/2008|08:42] C:\Program Files\Common Files\WordFinder Software --------------------\\ Process ( 42 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-23 19:40:15 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... C:\WINDOWS\System32\uphclean.exe:D7390.2 241725 bytes executable C:\WINDOWS\System32\uphclean.exe:D7390.3 241725 bytes executable scan completed successfully hidden processes: 0 hidden files: 2 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:514][D:27]-> C:\TEMP [F:12][D:0]-> C:\DOCUME~1\r386725\Cookies [F:1195][D:10]-> C:\DOCUME~1\r386725\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 23/01/2009|19:10 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 23/01/2009|19:43 - Option : [2] --------------------\\ Fin du rapport a 19:43:10 et voici le fichier Hijack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:46:16, on 23/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\MyAccess\MyAccess\iPassPeriodicUpdateService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Symantec AntiVirus\SavRoam.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\Common Files\TiFiC\TiFiC Client G1\TiFiC System Service.exe C:\WINDOWS\system32\UPHClean.exe C:\WINDOWS\system32\CCM\CcmExec.exe C:\Program Files\MyAccess\MyAccess\iPassPeriodicUpdateApp.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\stsystra.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Adobe\Distillr\Acrotray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft Office Communicator\communicator.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\TiFiC\TiFiC Client G1\TiFiC.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\proquota.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\r386725\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://violin.volvo.net/volvo3p/corporate/en/home.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://violin.volvo.net/volvo3p/corporate/en/home.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxyconf.srv.volvo.com/proxy.pac R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [MyTemporaryDocuments] msiexec /f {125B0563-7EAF-461A-9176-B5D7C8DB4A2E} /qn O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\communicator.exe" /fromrunkey O4 - HKLM\..\Run: [sPLocationProfile] wscript.exe "C:\Program Files\Microsoft Office Communicator\SPLocationProfile.vbs" {5F1F0106-4355-4AA8-9110-07752E5170E7} O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [eSupportBG] "C:\Program Files\TiFiC\TiFiC Client G1\TiFiC.exe" /SYSTRAY /HIDE /ONLINECHECK /WAIT 300 /DEFLANG "English" /SERVER esupportvcnbg.it.volvo.net O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: VPN Client.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_17\bin\npjpi142_17.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_17\bin\npjpi142_17.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://violin.volvo.net/volvo3p/corporate/en/home.htm O16 - DPF: {430C38D8-794A-490E-A46A-0AF57290306D} (TWIActiveX.TWIDeleteOutlookMail) - http://tdm.it.volvo.se:8151/orion/ft/tdm/ft/TWI.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = vcn.ds.volvo.net O17 - HKLM\Software\..\Telephony: DomainName = vcn.ds.volvo.net O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = vcn.ds.volvo.net O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = vcn.ds.volvo.net O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: Visual Insight DA Plugin (DAPlugin) - Unknown owner - C:\Program Files\AccessManager\Client\DAPlugin.exe (file missing) O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: iPassConnectEngine - iPass, Inc. - C:\Program Files\MyAccess\MyAccess\iPassConnectEngine.exe O23 - Service: iPassPeriodicUpdateApp - iPass, Inc. - C:\Program Files\MyAccess\MyAccess\iPassPeriodicUpdateApp.exe O23 - Service: iPassPeriodicUpdateService - iPass, Inc. - C:\Program Files\MyAccess\MyAccess\iPassPeriodicUpdateService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: OracleOra92ClientCache - Unknown owner - C:\oracle\ora92\bin\ONRSD.EXE O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: SP Software Installer - Unknown owner - C:\Program Files\AccessManager\PMAC\sp_SWIns.exe (file missing) O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TiFiC System Service - Tific AB - C:\Program Files\Common Files\TiFiC\TiFiC Client G1\TiFiC System Service.exe -- End of file - 9608 bytes et voila

bonjour, voici le fichier log de Lop S&D: --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Core2 CPU T5500 @ 1.66GHz ) BIOS : Phoenix ROM BIOS PLUS Version 1.10 A08 USER : r386725 ( Not Administrator ! ) BOOT : Normal boot Antivirus : Symantec AntiVirus Corporate Edition 10.1.6.6010 (Activated) C:\ (Local Disk) - NTFS - Total:37 Go (Free:4 Go) D:\ (CD or DVD) H:\ (Network Disk) - *NT5CSC - Total:37 Go (Free:4 Go) T:\ (Network Disk) X:\ (Network Disk) Y:\ (Network Disk) Z:\ (Network Disk) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( 23/01/2009|19:06 ) --------------------\\ Listing des dossiers dans APPLIC~1 [23/11/2007|09:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [15/01/2008|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Applications [28/04/2008|09:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iPass [30/10/2007|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [15/01/2009|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [05/12/2007|08:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [05/11/2007|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [26/10/2007|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [11/02/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ThermaCAM Researcher Basic 2.8 SR-1 [21/06/2007|09:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [21/06/2007|10:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun [21/06/2007|09:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\TiFiC [21/06/2007|08:04] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [07/10/2008|08:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\TiFiC [21/06/2007|08:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [10/10/2006|13:52] C:\DOCUME~1\r075092\APPLIC~1\3M [10/10/2006|13:52] C:\DOCUME~1\r075092\APPLIC~1\Adobe [25/12/2006|18:25] C:\DOCUME~1\r075092\APPLIC~1\Apple Computer [19/02/2006|21:28] C:\DOCUME~1\r075092\APPLIC~1\CyberLink [18/10/2006|12:35] C:\DOCUME~1\r075092\APPLIC~1\DataLayer [03/07/2006|06:38] C:\DOCUME~1\r075092\APPLIC~1\FileMaker [19/07/2007|08:46] C:\DOCUME~1\r075092\APPLIC~1\Google [02/04/2007|14:27] C:\DOCUME~1\r075092\APPLIC~1\Hummingbird [10/10/2006|13:52] C:\DOCUME~1\r075092\APPLIC~1\Identities [11/09/2007|08:14] C:\DOCUME~1\r075092\APPLIC~1\InstallShield [21/12/2006|14:10] C:\DOCUME~1\r075092\APPLIC~1\Jasc [12/10/2006|10:30] C:\DOCUME~1\r075092\APPLIC~1\Jasc Software Inc [12/10/2006|10:06] C:\DOCUME~1\r075092\APPLIC~1\Macromedia [27/11/2006|14:19] C:\DOCUME~1\r075092\APPLIC~1\Matrice [19/07/2007|08:45] C:\DOCUME~1\r075092\APPLIC~1\Microsoft [18/12/2006|15:18] C:\DOCUME~1\r075092\APPLIC~1\Mozilla [10/10/2006|14:05] C:\DOCUME~1\r075092\APPLIC~1\NetManage [10/10/2006|13:54] C:\DOCUME~1\r075092\APPLIC~1\NW [05/01/2007|07:27] C:\DOCUME~1\r075092\APPLIC~1\PC Suite [09/02/2006|14:09] C:\DOCUME~1\r075092\APPLIC~1\Sun [27/04/2007|14:02] C:\DOCUME~1\r075092\APPLIC~1\TiFiC [30/11/2006|12:53] C:\DOCUME~1\r075092\APPLIC~1\vlc [20/06/2006|11:45] C:\DOCUME~1\r075092\APPLIC~1\XnView [23/01/2009|15:07] C:\DOCUME~1\r386725\APPLIC~1\Adobe [06/11/2006|16:35] C:\DOCUME~1\r386725\APPLIC~1\DassaultSystemes [04/01/2008|22:18] C:\DOCUME~1\r386725\APPLIC~1\Google [07/02/2007|16:29] C:\DOCUME~1\r386725\APPLIC~1\Hummingbird [17/05/2006|07:43] C:\DOCUME~1\r386725\APPLIC~1\IAIC [16/05/2006|08:47] C:\DOCUME~1\r386725\APPLIC~1\Identities [03/02/2007|17:54] C:\DOCUME~1\r386725\APPLIC~1\InterVideo [23/05/2006|10:07] C:\DOCUME~1\r386725\APPLIC~1\Jasc Software Inc [14/06/2006|15:40] C:\DOCUME~1\r386725\APPLIC~1\Macromedia [15/01/2009|23:49] C:\DOCUME~1\r386725\APPLIC~1\Malwarebytes [28/02/2007|15:41] C:\DOCUME~1\r386725\APPLIC~1\MathWorks [15/02/2008|08:53] C:\DOCUME~1\r386725\APPLIC~1\Microsoft [15/01/2009|19:41] C:\DOCUME~1\r386725\APPLIC~1\Mozilla [16/05/2006|09:14] C:\DOCUME~1\r386725\APPLIC~1\NW [16/05/2006|10:29] C:\DOCUME~1\r386725\APPLIC~1\SAP [23/05/2007|20:43] C:\DOCUME~1\r386725\APPLIC~1\Sony Corporation [29/05/2006|15:15] C:\DOCUME~1\r386725\APPLIC~1\Sun [08/10/2008|10:39] C:\DOCUME~1\r386725\APPLIC~1\TiFiC [16/05/2006|13:00] C:\DOCUME~1\r386725\APPLIC~1\TTF [27/11/2007|11:07] C:\DOCUME~1\r386725\APPLIC~1\WinRAR [30/10/2006|08:17] C:\DOCUME~1\r387142\APPLIC~1\Adobe [02/11/2006|08:55] C:\DOCUME~1\r387142\APPLIC~1\Ahead [16/02/2007|09:24] C:\DOCUME~1\r387142\APPLIC~1\CyberLink [17/10/2006|13:20] C:\DOCUME~1\r387142\APPLIC~1\DassaultSystemes [11/04/2007|15:33] C:\DOCUME~1\r387142\APPLIC~1\Hummingbird [11/04/2007|15:34] C:\DOCUME~1\r387142\APPLIC~1\IAIC [17/10/2006|08:29] C:\DOCUME~1\r387142\APPLIC~1\Identities [20/11/2006|13:49] C:\DOCUME~1\r387142\APPLIC~1\InterVideo [02/11/2006|15:27] C:\DOCUME~1\r387142\APPLIC~1\Jasc Software Inc [17/10/2006|08:30] C:\DOCUME~1\r387142\APPLIC~1\Macromedia [31/10/2006|10:03] C:\DOCUME~1\r387142\APPLIC~1\MathWorks [02/11/2006|16:05] C:\DOCUME~1\r387142\APPLIC~1\Microsoft [27/10/2006|12:23] C:\DOCUME~1\r387142\APPLIC~1\NetManage [12/04/2007|11:28] C:\DOCUME~1\r387142\APPLIC~1\Nokia Multimedia Player [17/10/2006|10:15] C:\DOCUME~1\r387142\APPLIC~1\NW [12/04/2007|11:23] C:\DOCUME~1\r387142\APPLIC~1\PC Suite [22/05/2006|09:28] C:\DOCUME~1\r387142\APPLIC~1\Sun [12/06/2007|16:51] C:\DOCUME~1\r387142\APPLIC~1\TiFiC [02/11/2006|13:28] C:\DOCUME~1\r387142\APPLIC~1\TTF [23/12/2006|18:36] C:\DOCUME~1\r387142\APPLIC~1\vlc [22/06/2007|13:30] C:\DOCUME~1\r387142\APPLIC~1\WinRAR [05/02/2007|16:41] C:\DOCUME~1\R389785\APPLIC~1\Adobe [05/02/2007|09:21] C:\DOCUME~1\R389785\APPLIC~1\Identities [06/02/2007|07:14] C:\DOCUME~1\R389785\APPLIC~1\Imagine SA [05/02/2007|12:15] C:\DOCUME~1\R389785\APPLIC~1\Jasc Software Inc [06/06/2007|06:26] C:\DOCUME~1\R389785\APPLIC~1\Lavasoft [09/02/2007|07:24] C:\DOCUME~1\R389785\APPLIC~1\Macromedia [02/04/2007|08:22] C:\DOCUME~1\R389785\APPLIC~1\MathWorks [14/03/2007|10:38] C:\DOCUME~1\R389785\APPLIC~1\Microsoft [05/02/2007|09:21] C:\DOCUME~1\R389785\APPLIC~1\Sun [17/04/2007|11:25] C:\DOCUME~1\R389785\APPLIC~1\TiFiC [21/06/2007|09:47] C:\DOCUME~1\re7v47om\APPLIC~1\Identities [21/06/2007|09:48] C:\DOCUME~1\re7v47om\APPLIC~1\Microsoft [21/06/2007|09:33] C:\DOCUME~1\re7v47om\APPLIC~1\TiFiC --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [23/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [23/01/2009 15:05][--ah-----] C:\WINDOWS\tasks\SA.DAT --------------------\\ Listing des dossiers dans C:\Program Files [27/05/2008|09:41] C:\Program Files\Adobe [25/10/2007|11:53] C:\Program Files\APCISystemdatatool [21/06/2007|09:57] C:\Program Files\Apoint [21/06/2007|09:47] C:\Program Files\Archive Services [28/04/2008|09:23] C:\Program Files\Cisco Systems [03/11/2008|12:54] C:\Program Files\Common Files [20/01/2009|10:35] C:\Program Files\ComPlus Applications [21/06/2007|08:13] C:\Program Files\CONEXANT [21/06/2007|08:14] C:\Program Files\CyberLink [27/05/2008|09:41] C:\Program Files\CyberSafe [21/06/2007|08:15] C:\Program Files\Dell [15/01/2008|17:04] C:\Program Files\DIFX [17/04/2008|10:29] C:\Program Files\Google [11/02/2008|13:20] C:\Program Files\InstallShield Installation Information [21/06/2007|08:11] C:\Program Files\Intel [18/12/2008|09:48] C:\Program Files\Internet Explorer [03/11/2008|12:55] C:\Program Files\Java [26/10/2007|09:33] C:\Program Files\Knorr-Bremse [15/01/2009|23:49] C:\Program Files\Malwarebytes' Anti-Malware [14/02/2008|08:40] C:\Program Files\Messenger [21/06/2007|09:52] C:\Program Files\Microsoft ActiveSync [28/11/2007|12:46] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [21/06/2007|08:16] C:\Program Files\microsoft frontpage [09/12/2008|08:40] C:\Program Files\Microsoft Office [02/12/2008|08:56] C:\Program Files\Microsoft Office Communicator [05/12/2007|08:53] C:\Program Files\Microsoft Visual Studio [05/11/2007|08:45] C:\Program Files\Microsoft Visual Studio .NET 2003 [05/12/2007|08:53] C:\Program Files\Microsoft Works [21/06/2007|09:51] C:\Program Files\Microsoft.NET [21/06/2007|08:02] C:\Program Files\Movie Maker [23/01/2009|19:04] C:\Program Files\Mozilla Firefox [21/06/2007|08:16] C:\Program Files\msn gaming zone [25/06/2008|08:25] C:\Program Files\MSXML 4.0 [28/04/2008|09:30] C:\Program Files\MyAccess [14/11/2008|14:06] C:\Program Files\NetMeeting [21/06/2007|08:02] C:\Program Files\Online Services [05/11/2007|08:46] C:\Program Files\Oracle [28/11/2007|12:34] C:\Program Files\Outlook Express [21/06/2007|09:49] C:\Program Files\PalmOne [25/10/2007|12:43] C:\Program Files\Pana Max Tool 2 [27/05/2008|09:41] C:\Program Files\SAP [21/06/2007|08:13] C:\Program Files\SigmaTel [21/06/2007|09:49] C:\Program Files\Sony Ericsson [26/10/2007|12:58] C:\Program Files\Symantec [23/01/2009|15:06] C:\Program Files\Symantec AntiVirus [11/02/2008|13:20] C:\Program Files\ThermaCAM Researcher Basic 2.8 SR-1 [21/06/2007|09:33] C:\Program Files\TiFiC [21/06/2007|09:47] C:\Program Files\Uninstall Information [23/01/2009|15:07] C:\Program Files\Volvo [27/05/2008|09:41] C:\Program Files\Volvo Information Technology [04/01/2008|08:42] C:\Program Files\Wfwin [21/06/2007|08:04] C:\Program Files\Windows Media Player [21/06/2007|08:16] C:\Program Files\Windows NT [21/06/2007|08:02] C:\Program Files\WindowsUpdate [27/11/2007|11:07] C:\Program Files\WinRAR [21/06/2007|08:16] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Common Files [26/11/2007|08:16] C:\Program Files\Common Files\Adobe [21/06/2007|09:52] C:\Program Files\Common Files\DESIGNER [28/04/2008|09:23] C:\Program Files\Common Files\Deterministic Networks [27/05/2008|09:37] C:\Program Files\Common Files\ESRI [21/06/2007|08:14] C:\Program Files\Common Files\InstallShield [03/11/2008|12:54] C:\Program Files\Common Files\Java [05/12/2007|08:53] C:\Program Files\Common Files\L&H [04/09/2008|13:00] C:\Program Files\Common Files\Microsoft Shared [21/06/2007|08:02] C:\Program Files\Common Files\MSSoap [21/06/2007|09:53] C:\Program Files\Common Files\ODBC [27/05/2008|09:36] C:\Program Files\Common Files\SAP Shared [21/06/2007|08:02] C:\Program Files\Common Files\Services [21/06/2007|09:52] C:\Program Files\Common Files\SpeechEngines [26/10/2007|12:57] C:\Program Files\Common Files\Symantec Shared [28/11/2007|12:34] C:\Program Files\Common Files\System [21/06/2007|09:33] C:\Program Files\Common Files\TiFiC [04/01/2008|08:42] C:\Program Files\Common Files\WordFinder Software --------------------\\ Process ( 43 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-23 19:07:48 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... C:\WINDOWS\System32\uphclean.exe:D7390.2 241725 bytes executable C:\WINDOWS\System32\uphclean.exe:D7390.3 241725 bytes executable scan completed successfully hidden processes: 0 hidden files: 2 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:514][D:27]-> C:\TEMP [F:12][D:0]-> C:\DOCUME~1\r386725\Cookies [F:1195][D:10]-> C:\DOCUME~1\r386725\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 23/01/2009|19:10 - Option : [1] --------------------\\ Fin du rapport a 19:10:53

bonjour, un jour, je suis revenu à mon pc et le bureau etait à l'envers, les controles inversés, etc...je me suis apercu que dans les options graphiques, une rotation à 180° s'etait opéré. j'ai donc remis cela en mode normal, et cela est passé. Par la suite je me suis rendu compte que lorsque je fais une recherche sous google, quelque soit la recherche effectuée, cela me redirige vers des sites internet qui n'ont rien avoir avec ma recherche et cela dur assez longtemps. des sites plutot suspect car j'ai cliqué sur un d'eux et j'ai vu apparaitre une fenetre google me prevenant que si j'allais sur ce site, mon pc serait dangereusement infecté. Depuis, j'ai telechargé Malwarebytes, et j'ai lance un scan complet dont voici le dernier resultat : Malwarebytes' Anti-Malware 1.33 Version de la base de données: 1656 Windows 5.1.2600 Service Pack 2 23/01/2009 15:01:56 mbam-log-2009-01-23 (15-01-56).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 144082 Temps écoulé: 55 minute(s), 31 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) j'ai procédé à la suppression via Malwarebytes, qui me dit que l'infection est partie. Cependant, des que je refais une recherche google, le probleme réapparait, et si je relance une recherche avec malwarebytes, le logiciel me retrouve cette infection une fois de plus. je n'arrive donc pas à m'en débarrasser. Depuis j'ai telecharge HiJackThis, dont voici le dernier log : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:39:04, on 23/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\MyAccess\MyAccess\iPassPeriodicUpdateService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Symantec AntiVirus\SavRoam.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\Common Files\TiFiC\TiFiC Client G1\TiFiC System Service.exe C:\WINDOWS\system32\UPHClean.exe C:\WINDOWS\system32\CCM\CcmExec.exe C:\Program Files\MyAccess\MyAccess\iPassPeriodicUpdateApp.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\stsystra.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Adobe\Distillr\Acrotray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft Office Communicator\communicator.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\TiFiC\TiFiC Client G1\TiFiC.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\proquota.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\r386725\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://violin.volvo.net/volvo3p/corporate/en/home.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://violin.volvo.net/volvo3p/corporate/en/home.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxyconf.srv.volvo.com/proxy.pac R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [MyTemporaryDocuments] msiexec /f {125B0563-7EAF-461A-9176-B5D7C8DB4A2E} /qn O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\communicator.exe" /fromrunkey O4 - HKLM\..\Run: [sPLocationProfile] wscript.exe "C:\Program Files\Microsoft Office Communicator\SPLocationProfile.vbs" {5F1F0106-4355-4AA8-9110-07752E5170E7} O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [eSupportBG] "C:\Program Files\TiFiC\TiFiC Client G1\TiFiC.exe" /SYSTRAY /HIDE /ONLINECHECK /WAIT 300 /DEFLANG "English" /SERVER esupportvcnbg.it.volvo.net O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MapDrvs] wscript.exe "C:\Documents and Settings\R386725\Application Data\NW\MapDrvs.vbs" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: VPN Client.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_17\bin\npjpi142_17.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_17\bin\npjpi142_17.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://violin.volvo.net/volvo3p/corporate/en/home.htm O16 - DPF: {430C38D8-794A-490E-A46A-0AF57290306D} (TWIActiveX.TWIDeleteOutlookMail) - http://tdm.it.volvo.se:8151/orion/ft/tdm/ft/TWI.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = vcn.ds.volvo.net O17 - HKLM\Software\..\Telephony: DomainName = vcn.ds.volvo.net O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = vcn.ds.volvo.net O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = vcn.ds.volvo.net O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: Visual Insight DA Plugin (DAPlugin) - Unknown owner - C:\Program Files\AccessManager\Client\DAPlugin.exe (file missing) O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: iPassConnectEngine - iPass, Inc. - C:\Program Files\MyAccess\MyAccess\iPassConnectEngine.exe O23 - Service: iPassPeriodicUpdateApp - iPass, Inc. - C:\Program Files\MyAccess\MyAccess\iPassPeriodicUpdateApp.exe O23 - Service: iPassPeriodicUpdateService - iPass, Inc. - C:\Program Files\MyAccess\MyAccess\iPassPeriodicUpdateService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: OracleOra92ClientCache - Unknown owner - C:\oracle\ora92\bin\ONRSD.EXE O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: SP Software Installer - Unknown owner - C:\Program Files\AccessManager\PMAC\sp_SWIns.exe (file missing) O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TiFiC System Service - Tific AB - C:\Program Files\Common Files\TiFiC\TiFiC Client G1\TiFiC System Service.exe -- End of file - 9748 bytes Pouvez-vous m'aider à me débarasser de ce probleme qui persiste? merci de votre aide