Pokapoka est-il toujours la?

salut bernie j'ai suivi ton conseil ci-joint mon log
J'ai encore un doute je ne sais pas a quel antivirus je peux me fier étant donné que sur les 6 testés aucun ne m4a parlé de pokapoka seul le gestionaire de taches windoos afichait cet intru.
apres ta methode j'ai toujours explorer.exe et taskmgr.exe en activité mais tout est pourtant fermé
un conseil pour l'antivirus?

merci en attendant

Logfile of HijackThis v1.99.1
Scan saved at 20:04:52, on 20/10/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\ctfmon.exe
C:\WINNT\system32\taskmgr.exe
C:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: EPSON CardMonitor.lnk.disabled
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk.disabled
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123321807098
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe

salut bernie

je te remercie
je me met au boulot et te tiens au courant du resulat
a bientot

salut

j'ai installé sysclean (avec du mal obliger de le télécharger chez
chez trend micro) il a trouvé un virus sur un 32.pif je pensais pourtant les avoir tous supprimer a minuit il avait examiné seulement le c j'ai donc stoppé pour le d car il avait du mal a lire mais fichiers musiques et je devais penser à ma journée de boulot qui m'attendait le lendemain je vais le relancer ce soir
ci dessous son premier log t'en dirais plus demain
merci a+
ps je m'occuperai du firewall une fois que mon pc sera propre
merci encore et à plus




Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
| http://www.trendmicro.com |
\--------------------------------------------------------------/


2005-10-20, 22:36:40, Auto-clean mode specified.
2005-10-20, 22:36:40, Running scanner "C:\PROGRA~1\SYSCLEAN\TSC.BIN"...
2005-10-20, 22:36:52, Scanner "C:\PROGRA~1\SYSCLEAN\TSC.BIN" has finished running.
2005-10-20, 22:36:52, TSC Log:

Damage Cleanup Engine (DCE) 3.9(Build 1020)
Windows 2000(Build 2195: Service Pack 4)

Start time : jeu. oct. 20 2005 22:36:41

Load Damage Cleanup Template (DCT) "C:\PROGRA~1\sysclean\tsc.ptn" (version 578) [success]

Complete time : jeu. oct. 20 2005 22:36:52
Execute pattern count(2369), Virus found count(0), Virus clean count(0), Clean failed count(0)

2005-10-20, 22:37:39, An error occurred while scanning file "C:\Documents and Settings\gaetane1\NTUSER.DAT": Accès refusé.
2005-10-20, 22:37:39, An error occurred while scanning file "C:\Documents and Settings\gaetane1\ntuser.dat.LOG": Accès refusé.
2005-10-20, 22:38:00, An error occurred while scanning file "C:\Documents and Settings\gaetane1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Accès refusé.
2005-10-20, 22:38:00, An error occurred while scanning file "C:\Documents and Settings\gaetane1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Accès refusé.
2005-10-20, 22:56:07, An error was detected on "C:\System Volume Information\*.*": Accès refusé.
2005-10-20, 23:03:27, An error occurred while scanning file "C:\WINNT\system32\config\default": Accès refusé.
2005-10-20, 23:03:27, An error occurred while scanning file "C:\WINNT\system32\config\default.LOG": Accès refusé.
2005-10-20, 23:03:27, An error occurred while scanning file "C:\WINNT\system32\config\SAM": Accès refusé.
2005-10-20, 23:03:27, An error occurred while scanning file "C:\WINNT\system32\config\SAM.LOG": Accès refusé.
2005-10-20, 23:03:27, An error occurred while scanning file "C:\WINNT\system32\config\SECURITY": Accès refusé.
2005-10-20, 23:03:27, An error occurred while scanning file "C:\WINNT\system32\config\SECURITY.LOG": Accès refusé.
2005-10-20, 23:03:27, An error occurred while scanning file "C:\WINNT\system32\config\software": Accès refusé.
2005-10-20, 23:03:27, An error occurred while scanning file "C:\WINNT\system32\config\software.LOG": Accès refusé.
2005-10-20, 23:03:27, An error occurred while scanning file "C:\WINNT\system32\config\system": Accès refusé.
2005-10-20, 23:03:27, An error occurred while scanning file "C:\WINNT\system32\config\SYSTEM.ALT": Accès refusé.
2005-10-20, 23:05:31, Running scanner "C:\PROGRA~1\SYSCLEAN\VSCANTM.BIN"...
2005-10-20, 23:31:29, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 10/20/2005 23:05:32
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 903 (110894 Patterns) (2005/10/19) (290300)
Command Line: C:\PROGRA~1\SYSCLEAN\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\PROGRA~1\SYSCLEAN

C:\WINNT\system32\up32.pif [WORM_SDBOT.CKR]
27583 files have been read.
27583 files have been checked.
19021 files have been scanned.
42274 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/20/2005 23:31:26
---------*---------*---------*---------*---------*---------*---------*---------*
2005-10-20, 23:31:29, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 10/20/2005 23:05:31
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 903 (110894 Patterns) (2005/10/19) (290300)
Command Line: C:\PROGRA~1\SYSCLEAN\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\PROGRA~1\SYSCLEAN

Success Clean [ WORM_SDBOT.CKR]( 1) from C:\WINNT\system32\up32.pif
27583 files have been read.
27583 files have been checked.
19021 files have been scanned.
42274 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/20/2005 23:31:26 25 minutes 49 seconds (1549.01 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2005-10-20, 23:31:29, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 10/20/2005 23:05:31
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 903 (110894 Patterns) (2005/10/19) (290300)
Command Line: C:\PROGRA~1\SYSCLEAN\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\PROGRA~1\SYSCLEAN

27583 files have been read.
27583 files have been checked.
19021 files have been scanned.
42274 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/20/2005 23:31:26 25 minutes 49 seconds (1549.01 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2005-10-20, 23:31:29, Scanner "C:\PROGRA~1\SYSCLEAN\VSCANTM.BIN" has finished running.
2005-10-20, 23:35:39, The user stopped the operation.

merci et a bientot
salut a+