Se connecter avec
S'enregistrer | Connectez-vous

Gros Probleme de spyware

Dernière réponse : dans Sécurité

Bonjour a tous j'ai ungros probleme de spyware j'ai utilisé deja pas mal d'anti spyware comme ad aware ou spy machin spy bidulle enfin tous le monde les conné et il n'on rien doné. Le probleme c'est que ce ou ces spyware me fon ramé a mort me change ma page internet de démmarage me ferme mon iexplorer et g plein de fichiers ki se sont mis sur mon répertoire c:\windows ainsi ke sur c:\windows\system32 mais je sais pa si il sont lié voila jespere que vous pourrez m'aider

Autres pages sur : gros probleme spyware

Lassé par la pub ? Créez un compte

Bonjour

@ Nettoyage des fichiers temporaires et inutiles

* Télécharge EasyCleaner de Toni Helenius
http://personal.inet.fi/business/toniarts/ecleane.htm
Utilise les fonctions Inutiles et Registre.
Attention: pour les fichiers inutiles, inscris .bak dans la case Sauter
Supprime ce qu'il trouve. Ne pas toucher à la fonction doublons.

* Télécharge et installe CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
Lance le nettoyage.

@ Nettoyage infectieux

Suivant ta version de windows

* Avec Windows XP et 2000 télécharge Ewido
http://www.ewido.net/fr/download/
Tu l'installes et tu le mets à jour.
Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".
Fais un scan et poste son rapport.

* Avec Windows ME, 98 et 95 télécharge A2
http://www.emsisoft.net/fr/
Il est nécessaire de s'enregistrer pour bénéficier des mises à jour.

Toutes ces manipulations devraient déja permettre d'améliorer le fonctionnement de l'ordinateur.

Pour une meilleur réponse, télécharge HijackThis v1.99.1
http://telechargement.zebulon.fr/160-Patch-fran%E7ais-p...
Tutorial
http://sitethemacs.free.fr/aide_enregistrement_de_hijac...
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

Fais un scan et poste l'analyse ici.

g pa réussi a me procurer c cleanner mais les autre oui je suis en train de scanner mais je vous envoi le rapport de hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 19:10:42, on 26/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
f:\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
f:\Panda Antivirus Titanium\Pavsrv51.exe
C:\WINDOWS\system32\svchost.exe
f:\Panda Antivirus Titanium\AVENGINE.EXE
C:\WINDOWS\Explorer.EXE
f:\Panda Antivirus Titanium\apvxdwin.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\system32\rundll32.exe
F:\sonic stage\SsAAD.exe
F:\RamBoost XP\rambxpfr.exe
F:\BlueSoleil\BlueSoleil.exe
f:\Panda Antivirus Titanium\pavProxy.exe
C:\WINDOWS\apiez.exe
C:\WINDOWS\javaib.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\WinRAR\WinRAR.exe
f:\ewido anti-malware\ewidoguard.exe
f:\ewido anti-malware\ewidoctrl.exe
F:\ewido anti-malware\SecuritySuite.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
F:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {300881BB-DD69-DBCB-AE92-B05A3E8707E1} - C:\WINDOWS\ievg.dll (file missing)
O2 - BHO: Class - {480F3093-85F1-45A2-F3FD-5DC8ECE8C707} - C:\WINDOWS\netsr.dll (file missing)
O2 - BHO: (no name) - {4A41D55C-3C3E-AF30-1F46-CB52DD793120} - (no file)
O2 - BHO: Class - {5BE4195B-6C93-9060-719D-B230D823FEDE} - C:\WINDOWS\system32\atlop32.dll
O2 - BHO: Class - {604088DD-1A23-24A7-4200-2D63083C7370} - C:\WINDOWS\system32\d3mv.dll (file missing)
O2 - BHO: Class - {67293992-3673-B33A-B89D-CC5E1227D820} - C:\WINDOWS\crpb.dll (file missing)
O2 - BHO: Class - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - C:\WINDOWS\system32\sysms.dll (file missing)
O2 - BHO: Class - {6F75ABBF-6008-EDA7-8453-2ADF8601ADFA} - C:\WINDOWS\msmv32.dll (file missing)
O2 - BHO: Class - {710CC374-1C05-3C98-7AB2-B66279715E66} - C:\WINDOWS\system32\javajg32.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Class - {8424CC0C-62AB-C4C4-1B03-13D0644858C3} - C:\WINDOWS\system32\mfcoj32.dll (file missing)
O2 - BHO: Class - {8D32F80A-AB76-8C8A-C145-95961BCC455D} - C:\WINDOWS\system32\wintf32.dll (file missing)
O2 - BHO: Class - {8E0DAA14-13FF-B4FA-1BDB-7092D5E13F56} - C:\WINDOWS\system32\apiqg32.dll (file missing)
O2 - BHO: Class - {9FD3E41B-894A-375B-D1FB-85FBCC6A9DFF} - C:\WINDOWS\system32\netua.dll (file missing)
O2 - BHO: Class - {A11485E6-E2A9-54F6-CB47-2085DA9C16A5} - C:\WINDOWS\sdkrw32.dll (file missing)
O2 - BHO: Class - {B0EE1152-5AE8-5D76-5DB2-EC418F985334} - C:\WINDOWS\system32\apikj.dll (file missing)
O2 - BHO: Class - {BCF3D9B9-2A98-D31B-CDFB-D21F5D81CA48} - C:\WINDOWS\system32\mfckm32.dll (file missing)
O2 - BHO: Class - {CDE45960-40E0-55A2-18F1-392935B88569} - C:\WINDOWS\ipkc.dll (file missing)
O2 - BHO: Class - {CFEA1D24-6CC5-DF22-DF98-2913007B3236} - C:\WINDOWS\ievl32.dll
O2 - BHO: Class - {D1A20AF6-1C2B-BB38-53BA-DB004CC76510} - C:\WINDOWS\syset.dll (file missing)
O2 - BHO: Class - {F25C11A7-4B1F-5738-A16E-7A1B2A977B88} - C:\WINDOWS\system32\apprh32.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTSysVol] f:\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [APVXDWIN] "f:\Panda Antivirus Titanium\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "F:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SsAAD.exe] F:\sonic stage\SsAAD.exe
O4 - HKLM\..\Run: [CanalPlayer] f:\Lecteur CANALPLAY\CanalPlayer.exe /iconic
O4 - HKLM\..\Run: [ipva.exe] C:\WINDOWS\ipva.exe
O4 - HKLM\..\Run: [d3hh32.exe] C:\WINDOWS\d3hh32.exe
O4 - HKLM\..\Run: [javaib.exe] C:\WINDOWS\javaib.exe
O4 - HKLM\..\Run: [gcasServ] "F:\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\RunOnce: [appal32.exe] C:\WINDOWS\system32\appal32.exe
O4 - HKLM\..\RunOnce: [apiez.exe] C:\WINDOWS\apiez.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "F:\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [RamBoostXp] F:\RamBoost XP\rambxpfr.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - f:\BlueSoleil\BTNtService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - f:\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - f:\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - f:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - f:\Panda Antivirus Titanium\Pavsrv51.exe
O23 - Service: SmartFinder Uninstall (SmartFinder_Uninstall) - Unknown owner - C:\Documents and Settings\Administrateur\Bureau\SFUninstaller.exe" service (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

voila merci

bonsoir ! :-D

les autres programmes cités plus haut vont faire eux aussi déjà une grosse partie du ménage sur ton pc ! ;-)

pour ce qui est du log HJT :
as-tu un antivirus ? un pare-feu ? c'est super méga important !!! ;-)

fasi ctrl+alt+suppr et termines ces taches :
apiez.exe
javaib.exe

refais un scan HJT coche et fix ces lignes :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about :blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\egyls.dll/sp.html#44980%resultposition.net
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {300881BB-DD69-DBCB-AE92-B05A3E8707E1} - C:\WINDOWS\ievg.dll (file missing)
O2 - BHO: Class - {480F3093-85F1-45A2-F3FD-5DC8ECE8C707} - C:\WINDOWS\netsr.dll (file missing)
O2 - BHO: (no name) - {4A41D55C-3C3E-AF30-1F46-CB52DD793120} - (no file)
O2 - BHO: Class - {5BE4195B-6C93-9060-719D-B230D823FEDE} - C:\WINDOWS\system32\atlop32.dll
O2 - BHO: Class - {604088DD-1A23-24A7-4200-2D63083C7370} - C:\WINDOWS\system32\d3mv.dll (file missing)
O2 - BHO: Class - {67293992-3673-B33A-B89D-CC5E1227D820} - C:\WINDOWS\crpb.dll (file missing)
O2 - BHO: Class - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - C:\WINDOWS\system32\sysms.dll (file missing)
O2 - BHO: Class - {6F75ABBF-6008-EDA7-8453-2ADF8601ADFA} - C:\WINDOWS\msmv32.dll (file missing)
O2 - BHO: Class - {710CC374-1C05-3C98-7AB2-B66279715E66} - C:\WINDOWS\system32\javajg32.dll (file missing)
O2 - BHO: Class - {8424CC0C-62AB-C4C4-1B03-13D0644858C3} - C:\WINDOWS\system32\mfcoj32.dll (file missing)
O2 - BHO: Class - {8D32F80A-AB76-8C8A-C145-95961BCC455D} - C:\WINDOWS\system32\wintf32.dll (file missing)
O2 - BHO: Class - {8E0DAA14-13FF-B4FA-1BDB-7092D5E13F56} - C:\WINDOWS\system32\apiqg32.dll (file missing)
O2 - BHO: Class - {9FD3E41B-894A-375B-D1FB-85FBCC6A9DFF} - C:\WINDOWS\system32\netua.dll (file missing)
O2 - BHO: Class - {A11485E6-E2A9-54F6-CB47-2085DA9C16A5} - C:\WINDOWS\sdkrw32.dll (file missing)
O2 - BHO: Class - {B0EE1152-5AE8-5D76-5DB2-EC418F985334} - C:\WINDOWS\system32\apikj.dll (file missing)
O2 - BHO: Class - {BCF3D9B9-2A98-D31B-CDFB-D21F5D81CA48} - C:\WINDOWS\system32\mfckm32.dll (file missing)
O2 - BHO: Class - {CDE45960-40E0-55A2-18F1-392935B88569} - C:\WINDOWS\ipkc.dll (file missing)
O2 - BHO: Class - {CFEA1D24-6CC5-DF22-DF98-2913007B3236} - C:\WINDOWS\ievl32.dll
O2 - BHO: Class - {D1A20AF6-1C2B-BB38-53BA-DB004CC76510} - C:\WINDOWS\syset.dll (file missing)
O2 - BHO: Class - {F25C11A7-4B1F-5738-A16E-7A1B2A977B88} - C:\WINDOWS\system32\apprh32.dll (file missing)
O4 - HKLM\..\Run: [SsAAD.exe] F:\sonic stage\SsAAD.exe
O4 - HKLM\..\Run: [ipva.exe] C:\WINDOWS\ipva.exe
O4 - HKLM\..\Run: [d3hh32.exe] C:\WINDOWS\d3hh32.exe
O4 - HKLM\..\Run: [javaib.exe] C:\WINDOWS\javaib.exe
O4 - HKLM\..\RunOnce: [appal32.exe] C:\WINDOWS\system32\appal32.exe
O4 - HKLM\..\RunOnce: [apiez.exe] C:\WINDOWS\apiez.exe

ferme HJT et redémarre ton pc

repost un nouveau rapport HJT !

bon courage ! :-D

Salut voici le rapport

Logfile of HijackThis v1.99.1
Scan saved at 00:42:37, on 27/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
f:\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
f:\ewido anti-malware\ewidoctrl.exe
f:\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\nvsvc32.exe
f:\Panda Antivirus Titanium\Pavsrv51.exe
C:\WINDOWS\Explorer.EXE
f:\Panda Antivirus Titanium\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\atldj32.exe
f:\Panda Antivirus Titanium\apvxdwin.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
f:\Panda Antivirus Titanium\pavProxy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\apife.exe
F:\RamBoost XP\rambxpfr.exe
F:\BlueSoleil\BlueSoleil.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
F:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\aruhe.dll/sp.html#44980%presentsearch.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\aruhe.dll/sp.html#44980%presentsearch.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\aruhe.dll/sp.html#44980%presentsearch.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\aruhe.dll/sp.html#44980%presentsearch.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\aruhe.dll/sp.html#44980%presentsearch.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\aruhe.dll/sp.html#44980%presentsearch.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\aruhe.dll/sp.html#44980%presentsearch.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {32EDCCFD-DAC9-D83E-5DB1-6CB6E0DCD071} - C:\WINDOWS\atlls.dll (file missing)
O2 - BHO: Class - {5AECFEAF-B010-FBFD-B79E-285458AE4BFB} - C:\WINDOWS\crzw32.dll (file missing)
O2 - BHO: Class - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - C:\WINDOWS\system32\sysms.dll (file missing)
O2 - BHO: Class - {6EC0AEDF-DCC2-3AF3-5964-88EAD9AC4791} - C:\WINDOWS\system32\ntsb.dll (file missing)
O2 - BHO: Class - {705AF3C3-2AF7-A829-0D6E-3F1C89AED034} - C:\WINDOWS\system32\mfcyb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Class - {B79CC35D-10FE-026C-855E-6F9CB7D9C3B9} - C:\WINDOWS\crzu32.dll (file missing)
O2 - BHO: Class - {BF951D96-668C-0E40-F035-5B9FB0461652} - C:\WINDOWS\apife.dll
O2 - BHO: Class - {D3E658EA-D131-DCCF-DC18-81C5D9AD1C73} - C:\WINDOWS\appdc.dll (file missing)
O2 - BHO: Class - {D96D01E7-8A1B-30CB-EEBB-C958BA9ABE2A} - C:\WINDOWS\system32\iecp.dll (file missing)
O2 - BHO: Class - {DC0CC433-9E1A-DBC6-5B7F-D035FE9058DE} - C:\WINDOWS\system32\ippm.dll (file missing)
O2 - BHO: Class - {F0CCF1AE-FC91-5682-C35E-36A677E408C9} - C:\WINDOWS\addan.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTSysVol] f:\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [APVXDWIN] "f:\Panda Antivirus Titanium\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "F:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CanalPlayer] f:\Lecteur CANALPLAY\CanalPlayer.exe /iconic
O4 - HKLM\..\Run: [apife.exe] C:\WINDOWS\apife.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "F:\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [RamBoostXp] F:\RamBoost XP\rambxpfr.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\atldj32.exe" /s (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - f:\BlueSoleil\BTNtService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - f:\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - f:\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - f:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - f:\Panda Antivirus Titanium\Pavsrv51.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

g remarqué un truc bizarre g installé éwido ki a trouvé 3427probleme!!!!!!!et oui :-D et si je laisse la protection permanente toute les 10secondes g un nouveau rapport qui me di kil a détecté un nouvo fichiers corrompu je lé zé néttoyé mais un moment g mi ne rien faire et je suis alé ds le répertoire c:\windows et la iavé plein de .dll qui se créé :-o voila merci

pour tes question j'ai un antivirus et le par feu windows si tu as des logiciel a recommendé nésite pa merci

g néttoyé pa mal mon pc avec nod32 et ewido je te donne le dernier rapport

Logfile of HijackThis v1.99.1
Scan saved at 01:58:32, on 26/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
f:\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\Explorer.EXE
f:\ewido anti-malware\ewidoctrl.exe
f:\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\Drivers\SAP\FD.exe
C:\WINDOWS\system32\RUNDLL32.EXE
F:\Eset\nod32kui.exe
F:\ZoneAlarm\zlclient.exe
F:\RamBoost XP\rambxpfr.exe
F:\BlueSoleil\BlueSoleil.exe
F:\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {32EDCCFD-DAC9-D83E-5DB1-6CB6E0DCD071} - C:\WINDOWS\atlls.dll (file missing)
O2 - BHO: Class - {5AECFEAF-B010-FBFD-B79E-285458AE4BFB} - C:\WINDOWS\crzw32.dll (file missing)
O2 - BHO: Class - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - C:\WINDOWS\system32\sysms.dll (file missing)
O2 - BHO: Class - {6EC0AEDF-DCC2-3AF3-5964-88EAD9AC4791} - C:\WINDOWS\system32\ntsb.dll (file missing)
O2 - BHO: Class - {705AF3C3-2AF7-A829-0D6E-3F1C89AED034} - C:\WINDOWS\system32\mfcyb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Class - {B79CC35D-10FE-026C-855E-6F9CB7D9C3B9} - C:\WINDOWS\crzu32.dll (file missing)
O2 - BHO: Class - {BF951D96-668C-0E40-F035-5B9FB0461652} - C:\WINDOWS\apife.dll (file missing)
O2 - BHO: Class - {D3E658EA-D131-DCCF-DC18-81C5D9AD1C73} - C:\WINDOWS\appdc.dll (file missing)
O2 - BHO: Class - {D96D01E7-8A1B-30CB-EEBB-C958BA9ABE2A} - C:\WINDOWS\system32\iecp.dll (file missing)
O2 - BHO: Class - {DC0CC433-9E1A-DBC6-5B7F-D035FE9058DE} - C:\WINDOWS\system32\ippm.dll (file missing)
O2 - BHO: Class - {F0CCF1AE-FC91-5682-C35E-36A677E408C9} - C:\WINDOWS\addan.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTSysVol] f:\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "F:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CanalPlayer] f:\Lecteur CANALPLAY\CanalPlayer.exe /iconic
O4 - HKLM\..\Run: [FD_SAP] C:\WINDOWS\System32\Drivers\SAP\FD.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "f:\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Zone Labs Client] f:\ZoneAlarm\zlclient.exe
O4 - HKLM\..\RunOnce: [srePostpone] rundll32.exe c:\windows\system32\zonelabs\srescan.dll,DoSpecialAction
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "F:\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [RamBoostXp] F:\RamBoost XP\rambxpfr.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\atldj32.exe" /s (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - f:\BlueSoleil\BTNtService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - f:\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - f:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - f:\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
voila je pense kil ny a plus grand chose mais si kelkun pe i jeté un coup d'oeil sa sré cool merci

Bonsoir

Si, il en reste.

1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.

About Buster
http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-...
Une fois téléchargé,tu le dézippe,et tu mets un raccourci sur le bureau.

Cws-hsa.reg
http://www.bleepingcomputer.com/files/reg/cws-hsa.reg
Installe le sur le Bureau

2 Tu clique sur Démarrer puis Exécuter, tu tapes services.msc et tu cliques sur OK.

Dans la liste des services, cherche et sélectionne
"Network Security Service" / double clique sur la ligne
/ vérifie dans Chemin d'accès des fichiers exécutables qu'il
s'agit bien de "C:\WINDOWS\system32\atldj32.exe" / dans Type de démarrage,
sélectionne Désactiver / valide la modification.

3 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.

4 Relance un scan HijackThis et coche les lignes ci-dessous :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about :blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ihguk.dll/sp.html#44980%presentsearch.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {32EDCCFD-DAC9-D83E-5DB1-6CB6E0DCD071} - C:\WINDOWS\atlls.dll (file missing)
O2 - BHO: Class - {5AECFEAF-B010-FBFD-B79E-285458AE4BFB} - C:\WINDOWS\crzw32.dll (file missing)
O2 - BHO: Class - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - C:\WINDOWS\system32\sysms.dll (file missing)
O2 - BHO: Class - {6EC0AEDF-DCC2-3AF3-5964-88EAD9AC4791} - C:\WINDOWS\system32\ntsb.dll (file missing)
O2 - BHO: Class - {705AF3C3-2AF7-A829-0D6E-3F1C89AED034} - C:\WINDOWS\system32\mfcyb.dll (file missing)
O2 - BHO: Class - {B79CC35D-10FE-026C-855E-6F9CB7D9C3B9} - C:\WINDOWS\crzu32.dll (file missing)
O2 - BHO: Class - {BF951D96-668C-0E40-F035-5B9FB0461652} - C:\WINDOWS\apife.dll (file missing)
O2 - BHO: Class - {D3E658EA-D131-DCCF-DC18-81C5D9AD1C73} - C:\WINDOWS\appdc.dll (file missing)
O2 - BHO: Class - {D96D01E7-8A1B-30CB-EEBB-C958BA9ABE2A} - C:\WINDOWS\system32\iecp.dll (file missing)
O2 - BHO: Class - {DC0CC433-9E1A-DBC6-5B7F-D035FE9058DE} - C:\WINDOWS\system32\ippm.dll (file missing)
O2 - BHO: Class - {F0CCF1AE-FC91-5682-C35E-36A677E408C9} - C:\WINDOWS\addan.dll (file missing)
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\atldj32.exe" /s (file missing)

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

5 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer

6 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

C:\WINDOWS\system32\ihguk.dll
C:\WINDOWS\system32\atldj32.exe

7 Lance le nettoyage avec CCleaner.

Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.

8 Double clique sur About:Buster.
Clique sur Begin Removal
Un scan est exécuté.
Refaire un second scan.
Continue les scans tant qu'il trouve quelque chose.
Poste le rapport ici.

9 Double clique sur Cws-hsa.reg

10 Lance Ewido.
Fais un scan en mode complet.
Sauvegardes le rapport.

11 Redémarre normalement et poste les rapports d'Ewido et d'About Buster avec un nouveau log HijackThis.

déja je peux pas accéder aux services network security services il me di ke une entrée nécéssaire dans le registre mank ou une tentative décriture dans le registre a échoué et aprés i di chemin introuvable bon je continu... a+

SA y est enfin j'ai les trois rapport le seul truc c ke aboutbuster ne trouve rien bon je te donne le rapport ewido

AboutBuster 6.0
Scan started on [28/01/2006] at [08:04:50]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
Removed Stream! C:\WINDOWS\ARCHPR.INI:rkhqyv
Removed Stream! C:\WINDOWS\Bulles de savon.bmp:zcyiuo
Removed Stream! C:\WINDOWS\clock.avi:mvvclb
Removed Stream! C:\WINDOWS\cxkky.txt:ewnifm
Removed Stream! C:\WINDOWS\kbwaf.txt:venior
Removed Stream! C:\WINDOWS\qnnof.txt:qhsddo
Removed Stream! C:\WINDOWS\setupapi.log.1.old:khzfzz
Removed Stream! C:\WINDOWS\stub47.ini:gudoin
Removed Stream! C:\WINDOWS\stub61.ini:bxdixe
Removed Stream! C:\WINDOWS\stub66.ini:uhikoi
Removed Stream! C:\WINDOWS\stub7.ini:nhaqrk
Removed Stream! C:\WINDOWS\stub74.ini:xosqee
Removed Stream! C:\WINDOWS\_default.pif:p fwadp
Removed Stream! C:\WINDOWS\_delis32.ini:bccxir
Removed Stream! C:\WINDOWS\_delis32.ini:beoplr
Removed Stream! C:\WINDOWS\_delis32.ini:cfkdxo
Removed Stream! C:\WINDOWS\_delis32.ini:cvyjsn
Removed Stream! C:\WINDOWS\_delis32.ini:D axqoi
Removed Stream! C:\WINDOWS\_delis32.ini:D izfes
Removed Stream! C:\WINDOWS\_delis32.ini:D knsns
Removed Stream! C:\WINDOWS\_delis32.ini:D ovsma
Removed Stream! C:\WINDOWS\_delis32.ini:heiqdp
Removed Stream! C:\WINDOWS\_delis32.ini:hrnkrz
Removed Stream! C:\WINDOWS\_delis32.ini:kfnkpx
Removed Stream! C:\WINDOWS\_delis32.ini:kvmexi
Removed Stream! C:\WINDOWS\_delis32.ini:mrsmbl
Removed Stream! C:\WINDOWS\_delis32.ini:nuzfoi
Removed Stream! C:\WINDOWS\_delis32.ini:o mhoqz
Removed Stream! C:\WINDOWS\_delis32.ini:o zespx
Removed Stream! C:\WINDOWS\_delis32.ini:p trdrn
Removed Stream! C:\WINDOWS\_delis32.ini:p uinum
Removed Stream! C:\WINDOWS\_delis32.ini:qttelv
Removed Stream! C:\WINDOWS\_delis32.ini:rzspmu
Removed Stream! C:\WINDOWS\_delis32.ini:sutydx
Removed Stream! C:\WINDOWS\_delis32.ini:uwrovx
Removed Stream! C:\WINDOWS\_delis32.ini:vhspom
Removed Stream! C:\WINDOWS\_delis32.ini:xdilhc
Removed Stream! C:\WINDOWS\_delis32.ini:yjfzgp
Removed Stream! C:\WINDOWS\_delis32.ini:zfbwgz
-------------------------------------------------------------
Removed File! : C:\WINDOWS\ayejs.dat
Removed File! : C:\WINDOWS\beopl.dat
Removed File! : C:\WINDOWS\cxkky.txt
Removed File! : C:\WINDOWS\dowrz.txt
Removed File! : C:\WINDOWS\ekknv.dat
Removed File! : C:\WINDOWS\gbuee.dat
Removed File! : C:\WINDOWS\gqshq.dat
Removed File! : C:\WINDOWS\iewh.exe
Removed File! : C:\WINDOWS\ksajp.dat
Removed File! : C:\WINDOWS\lzzgf.dat
Removed File! : C:\WINDOWS\msuy.exe
Removed File! : C:\WINDOWS\nwaky.dat
Removed File! : C:\WINDOWS\pkeku.dat
Removed File! : C:\WINDOWS\qnnof.txt
Removed File! : C:\WINDOWS\uvspd.txt
Removed File! : C:\WINDOWS\uxjgl.dat
Removed File! : C:\WINDOWS\zlnti.dat
Removed File! : C:\WINDOWS\system32\avtsg.log
Removed File! : C:\WINDOWS\system32\d3pp32.exe
Removed File! : C:\WINDOWS\system32\hokpo.log
Removed File! : C:\WINDOWS\system32\jjsro.dat
Removed File! : C:\WINDOWS\system32\mfzaw.log
Removed File! : C:\WINDOWS\system32\mvrfk.log
Removed File! : C:\WINDOWS\system32\ntyrf.txt
Removed File! : C:\WINDOWS\system32\nvygz.txt
Removed File! : C:\WINDOWS\system32\pjwrg.log
Removed File! : C:\WINDOWS\system32\puxcu.log
Removed File! : C:\WINDOWS\system32\qyqwj.log
Removed File! : C:\WINDOWS\system32\rhmfs.txt
Removed File! : C:\WINDOWS\system32\rsejp.dat
Removed File! : C:\WINDOWS\system32\skfto.log
Removed File! : C:\WINDOWS\system32\xcmjz.txt
Removed File! : C:\WINDOWS\system32\xrwjl.dat
Removed File! : C:\WINDOWS\system32\zqerv.log
-------------------------------------------------------------
Removed Temp Files
Internet Explorer Settings Reset!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:06:41


AboutBuster 6.0
Scan started on [28/01/2006] at [08:07:03]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:07:39


AboutBuster 6.0
Scan started on [28/01/2006] at [08:28:14]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:29:20


AboutBuster 6.0
Scan started on [28/01/2006] at [08:29:42]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:29:45


AboutBuster 6.0
Scan started on [28/01/2006] at [08:29:52]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:29:55


AboutBuster 6.0
Scan started on [28/01/2006] at [08:30:02]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:30:05


AboutBuster 6.0
Scan started on [28/01/2006] at [08:30:13]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:30:15


AboutBuster 6.0
Scan started on [28/01/2006] at [08:30:22]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:30:25


AboutBuster 6.0
Scan started on [28/01/2006] at [08:30:31]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:30:34


AboutBuster 6.0
Scan started on [28/01/2006] at [08:30:39]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:30:42


AboutBuster 6.0
Scan started on [28/01/2006] at [08:30:46]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was ABORTED at 08:30:47


AboutBuster 6.0
Scan started on [28/01/2006] at [08:30:52]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:30:55


AboutBuster 6.0
Scan started on [28/01/2006] at [08:30:59]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:31:02


AboutBuster 6.0
Scan started on [28/01/2006] at [08:31:08]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:31:10


AboutBuster 6.0
Scan started on [28/01/2006] at [08:31:15]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:31:18


AboutBuster 6.0
Scan started on [28/01/2006] at [08:31:24]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:31:27


AboutBuster 6.0
Scan started on [28/01/2006] at [08:31:31]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:31:34


AboutBuster 6.0
Scan started on [28/01/2006] at [08:31:38]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 08:31:41


excuse moi c t celui e aboutbuster voici celui de ewido

---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 09:17:26, 28/01/2006
+ Somme de contrôle: 8D6BCA3C

+ Résultats du scan:

HKLM\SOFTWARE\Classes\CLSID\{25742C0F-DC0D-F5DC-55DE-C66285AA22AB} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{2621D1BF-0A92-2D9C-E595-02A9C3F76F46} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{2A80D71D-33B8-3E91-8293-2130B34265A4} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{2BFAB072-A3F3-0A97-6990-3673392B7DFC} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{2D99FD34-F395-DFB0-0852-36D4976F6E3D} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{2D9BB7B5-D27A-5907-A874-72E04FC719E8} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{3507B32F-B4F9-0B6B-5168-A74196010FA0} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{38BCC2CD-AF0A-EC41-D4CB-035F1C7378C9} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{3A1550DD-FD7B-8D6E-989A-49A66DF1433F} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{3B9E0A95-3EBA-124F-52D1-033C73734625} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{452C15DF-936D-C8CB-B825-97DD4A210ABD} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{46C8C875-7053-566F-B7DF-A8735884B10E} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{47B70B6F-A6B0-230A-43C3-9F9B5C710209} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{491288EB-D314-5571-9C18-B1EAC89ADE09} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{4AEDA6FC-6816-F03C-12F8-CDE056451F16} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{4B3176F0-E32F-B010-C0D8-65FC118C3716} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{53741D3E-19CE-5959-0908-3BB13C3C3990} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{5735BB6F-7A93-49E1-B628-ABB60DAA5F0B} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{59935BC1-5F4B-96F1-F3B6-C6B36821D102} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{5BCC3EE7-9153-E89F-6D4E-9B02B02B4E2E} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{5C2B2D9C-60FC-5F4C-5894-68EB7DFA3935} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{5E60DAD4-D59A-D1EA-A0B3-BD226EE43523} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{64770A00-0C3B-BCEC-D32D-83EE61896228} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{67654C62-B847-D47B-7386-202E338F4761} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{67A0E5DD-D21D-3F1C-2FD5-07C50B27B4BD} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{6A389597-708B-6F9D-B6EC-8D1A3EC9DFAF} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{71476230-0B89-E69D-D223-279F989C21BB} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{7658C68E-7ED4-8476-AC96-729091012307} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{826D0369-102B-4A44-F27B-D9DCC50A8EE6} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{8D01C3C9-547A-12EE-5401-4B29F8F98176} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{8D1DF6CE-07E4-C211-83F6-537E054EDC98} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{8DF52E69-BA52-5F6E-2A2A-0CD81E0F3492} -> Spyware.BetterInternet : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{8E883EC3-ABB5-0CD9-EC0A-78CB81A818D1} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{8F60435F-DF74-6308-E8CB-509D69906821} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{92854EC1-0623-4E3A-3993-F60435FEDF74} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{952B27F0-D129-A966-5DF7-9E2D52C7E338} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{9E2092B1-77DB-2A6A-A476-8BAA6CC65237} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{A7737E2C-9C15-D4BE-4A5B-C15B7E8C41E9} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{AEF3E64A-B4FC-FC2A-5EF9-4FC735F322D9} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{B38F516E-48F2-CDBB-7D76-E0CFBCDBEE45} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{B595A235-53A2-27D5-EFF6-D0208801D071} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{B7F4D50B-EAC3-A3F3-769F-96194A8DECDE} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{BC0FE7F5-AD1D-A795-C683-F3EB54072EFE} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{BCE50D6B-B3E6-30B9-72AB-14B60D86EB35} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{BD00AB82-F105-58F8-2B31-B600383177E6} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{BE5DCDBC-54D3-95EA-B258-2D53BD817431} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{C2FE095E-5BA7-FBC8-5387-2878C932A44F} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{C35C2F78-0E5E-F4AA-FD24-04CC74056392} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{C9368290-DE0B-80FF-0E2D-8933F6CA1A46} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{CC6B2B65-2D60-CC2D-B4A6-7C0945964771} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{D02510A9-69A7-24D5-85DA-D3EC8E911C73} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{D223F02D-058E-2CFE-D02D-81826009252B} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{DD25AEF3-3DC7-625D-F3C6-DE10B7C6BF82} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{E43C16BE-9904-7881-7685-DEE7D759572D} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{ECEAF197-B6EF-9E38-0846-FF3BB03983AD} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{EF24BEB1-9592-9F8F-4B29-99399FD2C231} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{F1B10CDC-1975-EC0C-C522-2571525E92CF} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{F1E91259-92C0-8767-A2E0-85139867622A} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{F2352FD0-B78A-FC66-EE98-5DFBF99E1F48} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{F6802757-10AB-DBC8-719A-C48394D31082} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{F704A16D-BA8A-0DD4-CB9E-F0FA4A957D8D} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{FB277F1B-89B6-A114-DD01-EC507A933F39} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKU\S-1-5-21-343818398-884357618-839522115-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D1E79E2-9563-DB05-0B53-8CBA80E13F84} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKU\S-1-5-21-343818398-884357618-839522115-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AECFEAF-B010-FBFD-B79E-285458AE4BFB} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
HKU\S-1-5-21-343818398-884357618-839522115-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C559105-9ECF-42B8-B3F7-832E75EDD959} -> Spyware.ISTBar : Nettoyer et sauvegarder
HKU\S-1-5-21-343818398-884357618-839522115-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BCF3D9B9-2A98-D31B-CDFB-D21F5D81CA48} -> Spyware.CoolWebSearch : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Cookies\administrateur@wreport.weborama[1].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Cookies\administrateur@www.smartadserver[1].txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder


::Fin du rapport

Et voila le log de hitjackthis

Logfile of HijackThis v1.99.1
Scan saved at 09:24:21, on 28/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
f:\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
f:\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\Drivers\SAP\FD.exe
C:\WINDOWS\system32\RUNDLL32.EXE
F:\Eset\nod32kui.exe
F:\Spybot - Search & Destroy\TeaTimer.exe
F:\RamBoost XP\rambxpfr.exe
F:\BlueSoleil\BlueSoleil.exe
f:\ewido anti-malware\ewidoguard.exe
f:\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
F:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTSysVol] f:\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "F:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FD_SAP] C:\WINDOWS\System32\Drivers\SAP\FD.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "f:\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Zone Labs Client] f:\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RamBoostXp] F:\RamBoost XP\rambxpfr.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\Microsoft Office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - f:\BlueSoleil\BTNtService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - f:\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - f:\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - f:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - f:\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


Bon Ba il ne me reste plus qu'a te souhaiter BONNE LECTURE :-D et merci encore

Bonjour

Plus de signe d'infection mais quelques lignes inutiles.
Relance un scan HijackThis et coche les lignes ci-dessous :

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "F:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - Global Startup: Microsoft Office.lnk = F:\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\Microsoft Office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

Fais une analyse antivirus en ligne sur Kaspersky
http://www.kaspersky.com/downloads/kws/kavwebscan.html

Colle son rapport ici.

Comment se comporte le PC ?

Bon alors l'ordinateur se porte assez bien il est carément plus rapide meme l iexplorer marche nickel.Maintenant je pense qu'il y a toujours un probleme je croi ke le trojan ve restauré les fichiers ke jéfface car mon antivirus me détecte de temps en temps un fichier trojan du type "restore + une clé de registre) voila

Bon je t e file le rapport kaspersky qui est encore pa trés bien

Le premier
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, January 28, 2006 17:05:52
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 28/01/2006
Kaspersky Anti-Virus database records: 163015
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - Critical Areas:
C:\WINDOWS
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\

Scan Statistics:
Total number of scanned objects: 11017
Number of viruses found: 0
Number of infected objects: 0
Number of suspicious objects: 0
Duration of the scan process: 334 sec
No malware has been detected. The sections that have been scanned are CLEAN.

Scan process completed.



Le deuxieme
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, January 28, 2006 19:51:19
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 28/01/2006
Kaspersky Anti-Virus database records: 163015
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\
O:\
P:\

Scan Statistics:
Total number of scanned objects: 71579
Number of viruses found: 4
Number of infected objects: 73
Number of suspicious objects: 0
Duration of the scan process: 6699 sec

Infected Object Name - Virus Name
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:bccxir:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:beoplr:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:cnsfiq:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:cvyjsn:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:D ggprh:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:D izfes:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:D knsns:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:fshlli:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:fwndnk:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:gnackc:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:grbqte:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:gtytvc:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:heiqdp:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:hpqbbf:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:hubswx:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:kfnkpx:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:kvmexi:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:lupyei:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:nevnjk:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:nhcuqw:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:o mhoqz:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:o yjlqc:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:o zespx:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:p uinum:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:qaykmg:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:rjeldm:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:sutydx:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:udciha:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:uehvft:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:uwrovx:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:vhspom:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:wdfyhc:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:wdlxic:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:wgbwrf:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:wislyv:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:xtzrns:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:yimxbk:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:ytjypn:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:zfbwgz:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:zqigvh:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:ztbtbn:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028413.ini:D uvzkk:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028414.ini:yvwbcq:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028416.ini:o sbbmz:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028417.INI:D nhdgt:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029253.ini:gudoin:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029254.ini:bxdixe:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029255.ini:uhikoi:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029256.ini:nhaqrk:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029258.pif:p fwadp:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:bccxir:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:beoplr:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:cvyjsn:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:D izfes:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:D knsns:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:heiqdp:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:kfnkpx:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:kvmexi:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:o mhoqz:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:o zespx:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:p uinum:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:sutydx:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:uwrovx:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:vhspom:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:zfbwgz:$DATA Infected: Trojan-Downloader.Win32.Agent.td
F:\ESET\infected\2A4GJPCA.NQF Infected: Trojan.Win32.Agent.bi
F:\ESET\infected\30HMSEAA.NQF Infected: Trojan-Downloader.Win32.Agent.td
F:\ESET\infected\3WWE4KDA.NQF Infected: Trojan-Downloader.Win32.Agent.td
F:\ESET\infected\DT4P5FDA.NQF Infected: Trojan-Downloader.Win32.Agent.bc
F:\ESET\infected\HMUB40DA.NQF Infected: Trojan.Win32.Agent.bi
F:\ESET\infected\QPPYYEBA.NQF Infected: Trojan-Downloader.Win32.Agent.bc
F:\ESET\infected\TGSXZYDA.NQF Infected: Trojan-Downloader.Win32.Agent.bc
F:\System Volume Information\_restore{6F008C9B-0892-4CB2-A5F7-59EDF3895D40}\RP6\A0002499.exe Infected: Trojan-Dropper.Win32.Small.bf

Scan process completed.


Voila je te donne aussi le dernier log de hitjack

Logfile of HijackThis v1.99.1
Scan saved at 19:52:13, on 28/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
f:\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
f:\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
F:\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\System32\Drivers\SAP\FD.exe
F:\Eset\nod32kui.exe
F:\Spybot - Search & Destroy\TeaTimer.exe
F:\RamBoost XP\rambxpfr.exe
F:\BlueSoleil\BlueSoleil.exe
f:\ewido anti-malware\ewidoguard.exe
f:\ewido anti-malware\ewidoctrl.exe
F:\eMule\emule.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
f:\VideoLAN\VLC\vlc.exe
F:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
O4 - HKLM\..\Run: [CTSysVol] f:\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [FD_SAP] C:\WINDOWS\System32\Drivers\SAP\FD.exe
O4 - HKLM\..\Run: [nod32kui] "f:\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Zone Labs Client] f:\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RamBoostXp] F:\RamBoost XP\rambxpfr.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Microsoft Office\Office10\OSA.EXE
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unico...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - f:\BlueSoleil\BTNtService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - f:\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - f:\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - f:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - f:\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Voila merci

Re

Restore, c'est le système de restauration.

1 Clique sur Démarrer
Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - cocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.

2 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

F:\ESET

3 Lance le nettoyage avec CCleaner.

4 Redémarre normalement

5 Clique sur Démarrer
Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - Décocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.

Nouveau scan Kaspersky de vérification.

bonjour voici le rapport kaspersky il détecte tjs un trojan dans les répertoire c:\information volume\etc........ pour le répertoire f:\eset je pe pa le supprimé c le répertoire de mon anti virus bon voila le rapport


-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, January 29, 2006 17:07:22
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 29/01/2006
Kaspersky Anti-Virus database records: 163128
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - Folders:
C:\
F:\

Scan Statistics:
Total number of scanned objects: 60980
Number of viruses found: 4
Number of infected objects: 66
Number of suspicious objects: 0
Duration of the scan process: 4035 sec

Infected Object Name - Virus Name
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:bccxir:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:beoplr:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:cnsfiq:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:cvyjsn:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:D ggprh:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:D izfes:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:D knsns:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:fshlli:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:fwndnk:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:gnackc:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:grbqte:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:gtytvc:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:heiqdp:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:hpqbbf:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:hubswx:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:kfnkpx:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:kvmexi:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:lupyei:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:nevnjk:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:nhcuqw:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:o mhoqz:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:o yjlqc:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:o zespx:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:p uinum:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:qaykmg:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:rjeldm:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:sutydx:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:udciha:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:uehvft:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:uwrovx:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:vhspom:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:wdfyhc:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:wdlxic:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:wgbwrf:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:wislyv:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:xtzrns:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:yimxbk:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:ytjypn:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:zfbwgz:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:zqigvh:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028408.ini:ztbtbn:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028413.ini:D uvzkk:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028414.ini:yvwbcq:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028416.ini:o sbbmz:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP100\A0028417.INI:D nhdgt:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029253.ini:gudoin:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029254.ini:bxdixe:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029255.ini:uhikoi:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029256.ini:nhaqrk:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029258.pif:p fwadp:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:bccxir:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:beoplr:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:cvyjsn:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:D izfes:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:D knsns:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:heiqdp:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:kfnkpx:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:kvmexi:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:o mhoqz:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:o zespx:$DATA Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:p uinum:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:sutydx:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:uwrovx:$DATA Infected: Trojan-Downloader.Win32.Agent.td
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:vhspom:$DATA Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{A9C24DF4-20E3-445C-9BDF-08BDDA2D71A5}\RP103\A0029259.ini:zfbwgz:$DATA Infected: Trojan-Downloader.Win32.Agent.td
F:\System Volume Information\_restore{6F008C9B-0892-4CB2-A5F7-59EDF3895D40}\RP6\A0002499.exe Infected: Trojan-Dropper.Win32.Small.bf

Scan process completed.

voila merci

Pourrais tu me donner aussi le nom d'un bon firewall car cemui d'xp n'est pas super et zonealarm me bloque tro.Dans certain cas il me block un téléchargement comme par exemple about buster g du fermer zone alarm pour pouvoir le télécharger. Si tu sais comment le configurer di le moi merci
Lassé par la pub ? Créez un compte

Créer un nouveau sujet

Tom's guide dans le monde