mike80

Bonjour a tous, Je me permets de déposer ce message sur votre forum car je ne peux plus graver avec mon PC portable HP Pavillon zv5000. En effet , lorsque je veux graver , je fais un copier coller sur le disque puis je clique sur Graver ces fichiers. Depuis quelques semaines , ca ne fonctionne plus. Je fais toujours le copier mais lorsque je fais le coller, l'ordinateur fait un son "tong" et ne fais rien . Je n'ai pas le raccourci qui apparait et je ne peux donc plus garver de fichiers sur un CD. Est-ce que quelqu'un peut m'aider ? Bonne journée. Mike80

Bonsoir a tous , bonsoir megataupe , Dernièrement antivir m'a affirmé qu'il y avait un trojan sur mon pc. Quelqu'un peut me dire si c'est le cas ? Voici mon log: Logfile of HijackThis v1.99.1 Scan saved at 20:28:05, on 02/12/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.exe C:\Program Files\AVPersonal\AVGNT.EXE C:\Program Files\AVPersonal\AVSched32.EXE C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Wanadoo\Synchronisation Wanadoo\Voxsync.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxyweb.utc.fr:3128 F2 - REG:system.ini: Shell=Explorer.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32.EXE /min O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [yebfdt] C:\WINDOWS\system32\tkpinhj.exe r O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Synchronisation Wanadoo.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll O9 - Extra button: Bloc Notes - {AF4F850B-68FF-404C-8417-549F86B1E236} - notepad.exe (file missing) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30000279-D5B3-4DD4-BE4F-6889D1E74167} - http://st.bestoffersnetworks.com/download/scm/smiley.cab O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - http://contacts.wanadoo.fr/wfr_webab/VoxsyncX.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1126170840765 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe mike

Salut a tous , Personne ne me répond sur l'autre forum et j'attends désespérément une réponse . j'ai un soucis , lorsque j'essaie de créer un réseau ou il y aurait deux ordi dessus et quand je fais le nécessaire sur celui qui possède le fournisseur d'acces WANADOO , celui me répond : " Spooler Sub System App a rencontré un problème et doit fermer ... " A quoi est du ce message ? je m'interroge mais ne vois pas ! Quelqu'un a une idée ? Bonne soirée a tous ...

Salut a tous , j'ai un soucis , lorsque j'essaie de créer un réseau ou il y aurait deux ordi dessus et quand je fais le nécessaire sur celui qui possède le fournisseur d'acces WANADOO , celui me répond : " Spooler Sub System App a rencontré un problème et doit fermer ... " A quoi est du ce message ? je m'interroge mais ne vois pas ! Quelqu'un a une idée ? Bonne soirée a tous ...

Personne pour me répondre ?

salut, Oui j'ai un modem USB et la synchronisation est longue à venir ! Est-ce anormal ? Que dois-je faire ?

Pour effecteur un diagnostic matériel, vous pouvez télécharger Aida32 sur http://telecharger.01net.com/Total.php?sea...indows&x=22&y=6 Regarder plus particulièrement les tests de performances de la mémoire. Une température trop élevée du processeur provoque aussi un stop. Salut et merci de me répondre. Une fois le test fait , qu'en conclue-t-on et comment tire-t-on une conclusion ?

RE salut, Je désespère complettement. Pourquoi ? Voila: mon ordinateur redémarre tt seul plusieurs fois depuis quelques semaines ! Je ne comprends pas pourquoi ! J'ai des problèmes également avec ma connaexion wanadoo avec les messages suivants : --------------------------------------------------------------------------------------------- Erreur lors de la connexion a wanadoo Erreur 734:le protocole de contrôle de liaison PPP a été arrêté --------------------------------------------------------------------------------------------- puis --------------------------------------------------------------------------------------------- Vérification du nom d'utilisateur et du mot de passe Erreur 691: Accès refusé car le nom d'utilisateur et/ou du mot de passe ne sont pas valides sur le domaine. (3 voire 4 fois de suite !!! ) --------------------------------------------------------------------------------------------- Après cela , il redéarre tt seul et j'obtient sur l'écran bleu : --------------------------------------------------------------------------------------------- Un problème a été détecté et Windows a été arrêté afin de prévenir tout dommage sur votre ordinateur. BAD_POOL_CALLER Si vous voyez cet écran d'erreur d'arrêt pour la 1ère fois redémarrez votre ordinateur. Si cet écran apparaît encore, suivez ces étapes : Assurez-vous que tout nouveau matérielou logiciel est installé correctement. S'il s'git d'une nouvelle installation, consultez votre fabricant de matériel ou de logiciels afin d'obtenir les mises à jour Windows dont vous avez besoin. Si lkes problèmes persistent, désactivez ou supprimez tout matériel ou tout logiciel manuellement installé. Désactivez les options de mémoire du BIOS telles que la mise en cache ou l'ombrage. Si vous êts obligé d'utiliser le mode sans échec pour supprimer ou désactiver des composants ; redémarrez votre odinateur , puis appuyer sur F8 poursélectionner les options de démarrage avancées puis sélectionner, puis sélectionner le mode sans échec. Informations techniques : ***STOP : 0x000000C2 ( 0x00000007,0x00000CD4,0x00100013,0x84350D48) Début du vidage de la mémoire physique. vidage de la mémoire physique terminée Contacter votre administrateur système ou votre groupe de support technique pour --------------------------------------------------------------------------------------------- et ca s'arrête la et l'écran est bloqué Qu'est-ce que je dois en conclure ? Mon ordinateur rame et déconne de plus en plus , j'ai vraiment peur !!! Quelqu'un peut-il m'aider et surtout me rassurer ?

Personne ne peut résoudre mon problème ?

J'ai vraiment besoin d'aide, quelqu'un peut-il m'aider ? Je désespère vraiment !!!

RE salut, Je désespère complettement. Pourquoi ? Voila: mon ordinateur redémarre tt seul plusieurs fois depuis quelques semaines ! Je ne comprends pas pourquoi ! J'ai des problèmes également avec ma connaexion wanadoo avec les messages suivants : --------------------------------------------------------------------------------------------- Erreur lors de la connexion a wanadoo Erreur 734:le protocole de contrôle de liaison PPP a été arrêté --------------------------------------------------------------------------------------------- puis --------------------------------------------------------------------------------------------- Vérification du nom d'utilisateur et du mot de passe Erreur 691: Accès refusé car le nom d'utilisateur et/ou du mot de passe ne sont pas valides sur le domaine. (3 voire 4 fois de suite !!! ) --------------------------------------------------------------------------------------------- Après cela , il redéarre tt seul et j'obtient sur l'écran bleu : --------------------------------------------------------------------------------------------- Un problème a été détecté et Windows a été arrêté afin de prévenir tout dommage sur votre ordinateur. BAD_POOL_CALLER Si vous voyez cet écran d'erreur d'arrêt pour la 1ère fois redémarrez votre ordinateur. Si cet écran apparaît encore, suivez ces étapes : Assurez-vous que tout nouveau matérielou logiciel est installé correctement. S'il s'git d'une nouvelle installation, consultez votre fabricant de matériel ou de logiciels afin d'obtenir les mises à jour Windows dont vous avez besoin. Si lkes problèmes persistent, désactivez ou supprimez tout matériel ou tout logiciel manuellement installé. Désactivez les options de mémoire du BIOS telles que la mise en cache ou l'ombrage. Si vous êts obligé d'utiliser le mode sans échec pour supprimer ou désactiver des composants ; redémarrez votre odinateur , puis appuyer sur F8 poursélectionner les options de démarrage avancées puis sélectionner, puis sélectionner le mode sans échec. Informations techniques : ***STOP : 0x000000C2 ( 0x00000007,0x00000CD4,0x00100013,0x84350D48) Début du vidage de la mémoire physique. vidage de la mémoire physique terminée Contacter votre administrateur système ou votre groupe de support technique pour --------------------------------------------------------------------------------------------- et ca s'arrête la et l'écran est bloqué Qu'est-ce que je dois en conclure ? Mon ordinateur rame et déconne de plus en plus , j'ai vraiment peur !!! Quelqu'un peut-il m'aider et surtout me rassurer ?

Ok je vais suivre tes conseils . Encore une question ....j'espère que je ne te gave pas avec toutes mes questions ........ Mon fournisseur d'accès est Wandoo et lorsque je ferme la fenêtre d'accès a Wanadoo , ce dernier me redemande systématiquement si je veux me reconnecter au moins ts les quarts d'heure ? C'est gavant a la fin ! Tu peux EGALEMENT me conseiller quelque chose pour ça ?

Nous ici la pièce où il se trouve fait environ 3m sur 3m et il est allumé en continu parfois une semaine complète si c'est pas plus ! Ca craint tu crois ?

On n'arrête quasiment jamais l'ordinateur , est-ce bien ou pas ? Comme tu viens de le dire , il ya peut-être trop de chaleur dans le boitier !

Au fait , je ne sais pas si c'est important mais mon disque dur fait un bruit bizarre en ce moment : on dirait le bruit d'un petit criquet , on dirait qu'il tourne mais frotte sur qqch , c'est possible que le pb vienne du disque dur ? ca m'inquiète !!

OK on verra bien alors .... merci pour votre aide ! A +

Comment expliquer ces redémarrages ? Et pourquoi rame-t-il autant depuis ces fameux redémarrages ? Quelqu'un a une idée ? Jack ?

Voici comme convenu 3 scan: EWIDO , ANTIVIR et HIJACKTHIS tous les 3 en mode ss échec : --------------------------------------------------------- ewido security suite - Rapport de scan --------------------------------------------------------- + Créé le: 15:14:34, 17/10/2005 + Somme de contrôle: 68EF8F1B + Résultats du scan: HKLM\SYSTEM\CurrentControlSet\Services\WinToolsSvc -> Spyware.WebSearch : Erreur durant le nettoyage HKLM\SYSTEM\CurrentControlSet\Services\WinToolsSvc\Enum -> Spyware.WebSearch : Erreur durant le nettoyage C:\Documents and Settings\Delphine\Cookies\delphine@adtech[2].txt -> Spyware.Cookie.Adtech : Nettoyer et sauvegarder C:\Documents and Settings\Delphine\Cookies\delphine@atdmt[2].txt -> Spyware.Cookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\Delphine\Cookies\delphine@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\Delphine\Cookies\delphine@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\Delphine\Cookies\delphine@estat[1].txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\Delphine\Cookies\delphine@weborama[2].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\Delphine\Cookies\delphine@www.smartadserver[1].txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder ::Fin du rapport ------------------------------------------------------------------------------------ Creation date of the report file: lundi 17 octobre 2005 14:03 AntiVir®/XP (2000 + NT) PersonalEdition Classic Build 1068 of 21.09.2005 Mainprogram 6.32.00.07 of 16.09.2005 VDF file 6.32.0.88 (0) of 16.10.2005 This program is for PERSONAL USE only. Any other use is PROHIBITED. Informations regarding commercial versions of AntiVir may be obtained from: www.hbedv.com. Scanning for 231606 virus strains and unwanted programs. Licensed for: AntiVir Personal Edition Serial number: 0000149991-WURGE-0001 Please enter the workstation and contact name with phone number in this form: Name ___________________________________________ Street ___________________________________________ Town ___________________________________________ Phone/Fax ___________________________________________ Email ___________________________________________ Platform: Windows NT Workstation Windows version: 5.1 Build 2600 (Service Pack 2) Username: Delphine Computername: DELF Processor: Pentium Working memory: 458224 KB free Version information: AVWIN.DLL : 6.32.00.04 561192 16.08.2005 10:22:36 AVEWIN32.DLL : 6.32.0.6 832000 28.09.2005 14:10:40 AVGNT.EXE : 6.32.00.00 168039 29.07.2005 10:19:28 AVGUARD.EXE : 6.32.00.06 207912 07.09.2005 16:34:50 GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 11:24:12 AVGCMSG.DLL : 6.32.00.00 258165 29.07.2005 10:19:30 AVGNTDW.SYS : 6.31.00.01 32896 29.04.2005 08:07:16 AVPACK32.DLL : 6.31.01.07 327720 07.09.2005 09:08:28 AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 18:10:20 AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 18:10:22 AVSched32.EXE : 6.32.00.01 110632 21.09.2005 11:14:42 AVSched32.DLL : 6.30.00.00 122880 01.02.2005 11:24:12 AVREG.DLL : 6.31.00.05 41000 07.09.2005 16:34:50 AVRep.DLL : 6.32.00.80 1421352 16.10.2005 16:37:18 INETUPD.EXE : 6.32.00.05 254011 16.08.2005 16:46:10 INETUPD.DLL : 6.32.00.05 143360 16.08.2005 16:46:10 CTL3D32.DLL : 2.31.000 27136 30.08.2002 14:00:00 MFC42.DLL : 6.02.4131.0 1028096 20.08.2004 01:09:30 MSVCRT.DLL : 7.0.2600.2180 (xpsp_sp2_rtm.0408 MSVCRT.DLL : 7.0.2600.2180 343040 20.08.2004 01:09:34 CTL3DV2.DLL : 2.31.000 27632 17.12.1996 00:00:00 Configuration file: Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG Start path: C:\Program Files\AVPersonal Command line: Start mode: unknown Mode of report file: [ ] Do not create report [X] Overwrite report [ ] Append new report Data in report file: [X] Infected files [ ] Infected files with paths [ ] All scanned files [ ] Full information Abridge report file: [ ] Abridge report file Warnings in report: [X] Access denied/file locked [X] Wrong file size in directory [X] Wrong creation time in directory [ ] COM file is too large [X] Invalid start address [X] Invalid EXE header [X] Possibly damaged Summary report: [X] Create summary report Output file: AVWIN.ACT Maximum number of entries: 100 Where to search: [X] Memory [X] Boot record of selected drives [ ] Report unknown boot sectors [X] All files [ ] Program files Response in case of a detection: [X] Repair with prompt [ ] Repair without prompt [ ] Delete with prompt [ ] Delete without prompt [ ] Write in report file only [X] Acoustic alarm Response in case of destroyed files: [X] Delete with prompt [ ] Delete without prompt [ ] Ignore Response in case of destroyed files: [X] No change [ ] Current system time [ ] Correct date Drag&drop settings: [X] Scan subdirectories Profile settings: [X] Scan subdirectories Archive options [X] Search archive [X] Archive types to leave out 1000 1001 1002 Miscellaneous options: Temporary path: %TEMP% -> C:\DOCUME~1\Delphine\LOCALS~1\Temp [X] Overwrite infected files [ ] Detect idle time [X] Allow interruptions of scan [ ] Load AVWin®/NT Guard on System start General settings: [X] Save options on exiting AntiVir Priority: medium Drives: A: Floppy drive C: Hard disk D: CD-ROM E: CD-ROM F: Floppy drive Start of scan: lundi 17 octobre 2005 14:03 Memory test OK Master boot record of hard disk HD0 OK Master boot record of hard disk HD1 The record could not be read! Error code: 0x0015 Boot record of drive C: OK C:\ pagefile.sys Access denied! Error during file opening! This is a Windows swap file. This file is locked by Windows. Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson user.dmp Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery Altnet.zip ArchiveType: ZIP NOTE! The whole archive is password protected Altnet1.zip ArchiveType: ZIP NOTE! The whole archive is password protected Altnet2.zip ArchiveType: ZIP NOTE! The whole archive is password protected Altnet3.zip ArchiveType: ZIP NOTE! The whole archive is password protected Altnet4.zip ArchiveType: ZIP NOTE! The whole archive is password protected Altnet5.zip ArchiveType: ZIP NOTE! The whole archive is password protected Altnet6.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite1.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite10.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite11.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite12.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite13.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite14.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite15.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite16.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite17.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite18.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite19.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite2.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite20.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite21.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite22.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite23.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite24.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite25.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite26.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite27.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite28.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite29.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite3.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite30.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite31.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite32.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite33.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite34.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite35.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite36.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite37.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite38.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite39.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite4.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite40.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite41.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite42.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite43.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite44.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite45.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite46.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite47.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite48.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite49.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite5.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite50.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite51.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite52.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite53.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite54.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite55.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite56.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite6.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite7.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite8.zip ArchiveType: ZIP NOTE! The whole archive is password protected BackWeblite9.zip ArchiveType: ZIP NOTE! The whole archive is password protected CommonName.zip ArchiveType: ZIP NOTE! The whole archive is password protected ConnectMFCApplication.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit1.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit2.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit3.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit4.zip ArchiveType: ZIP NOTE! The whole archive is password protected eGroupInstantAccess.zip ArchiveType: ZIP NOTE! The whole archive is password protected GAINGator.zip ArchiveType: ZIP NOTE! The whole archive is password protected GAINGator1.zip ArchiveType: ZIP NOTE! The whole archive is password protected GAINGator2.zip ArchiveType: ZIP NOTE! The whole archive is password protected HuntBar.zip ArchiveType: ZIP NOTE! The whole archive is password protected MagicControlAgent.zip ArchiveType: ZIP NOTE! The whole archive is password protected MagicControlAgent1.zip ArchiveType: ZIP NOTE! The whole archive is password protected MagicControlAgent2.zip ArchiveType: ZIP NOTE! The whole archive is password protected MagicControlAgent3.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar1.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar10.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar2.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar3.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar4.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar5.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar6.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar7.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar8.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWayMyBar9.zip ArchiveType: ZIP NOTE! The whole archive is password protected SumomA.zip ArchiveType: ZIP NOTE! The whole archive is password protected SumomA1.zip ArchiveType: ZIP NOTE! The whole archive is password protected WindowsSecurityCenterAntiVirusDisableNotify.zip ArchiveType: ZIP NOTE! The whole archive is password protected WindowsSecurityCenterAntiVirusOverride.zip ArchiveType: ZIP NOTE! The whole archive is password protected WindowsSecurityCenterFirewallDisableNotify.zip ArchiveType: ZIP NOTE! The whole archive is password protected C:\Documents and Settings\Delphine NTUSER.DAT Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ntuser.dat.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\Delphine\Bureau\DELPHINE\MUSIQUES\ZZ CLASSIQUE\Classic - Orff - Carmina Burana - Philarmonia Chorus, Southend Boys'choir, Philadelphia Orchestra, dir. Riccardo Muti (mp3) Orff - Carmina Burana - 09 - Reie Swaz hie gat umbe chume.mp3 Access denied! Error during file opening! Error code: 0x0016 WARNING! Access error/file locked! C:\Documents and Settings\Delphine\Bureau\Incoming bis 3,95 Go\Nouveau dossier POUR SYLVAIN\Best Sampler Ever #5 - Madrugada, Audioslave, System Of A Down, Ryan Adams, Eels, Sarah Bettens, Arcade Fire, Robocop Kraus\Various\GreenGreenGreen 01-Fink - Dies Für Dich.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 02-Zita Swoon - Thinking About You All The Time.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 03-Kashmir - Melpomene.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 04-Elliott - Blessed By Your Own Ghost.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 05-Niels Frevert - Wohin.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 06-Audioslave - Doesn't Remind Me.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 07-Die Goldenen Zitronen - Meine Kleine Welt.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 08-Babe The Blue Ox - Can't Stand Up.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 09-The House of Love - Love You Too Much.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 10-Eels - Trouble With Dreams.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 11-The Robocop Kraus - In Fact You Are Just Fiction.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 12-U2 - Tomorrow.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 13-The Arcade Fire - Crown of Love.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 14-Nick Cave And The Bad Seeds - Under This Moon.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 15-Ed Harcourt - She Fell Into My Arms.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 16-Bright Eyes - No Lies, Just Love.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 17-Ryan Adams - Meadowlake Street.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 18-Sarah Bettens - Grey.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 19-The Notwist - The String.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 20-Nine Inch Nails - Right Where It Belongs.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! C:\Documents and Settings\Delphine\Bureau\Incoming bis 3,95 Go\Nouveau dossier POUR SYLVAIN\Best Sampler Ever #5 - Madrugada, Audioslave, System Of A Down, Ryan Adams, Eels, Sarah Bettens, Arcade Fire, Robocop Kraus\Various\RedRedRed 01-System Of A Down - Bring Your Own Bombs.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 02-Karate - Need A Job.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 03-Keith Caputo - Razzberry Mockery.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 04-Janove Ottesen - Go Tell Her.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 05-Madrugada - On Your Side.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 06-Ghinzu - Do You Read Me.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 07-Nine Inch Nails - Every Day Is Exactly The Same.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 08-The Robocop Kraus - Fake Boys.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 09-The Magic Numbers - Forever Lost.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 10-Kristofer Åström - Midnight Sun.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 11-Logh - Destinymanifesto.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 12-Millionaire - Me Crazy, You Sane.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 13-Scumbucket - Traces & Things.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 14-The Soundtrack Of Our Lives - Black Star.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 15-Idlewild - Love Steals Us From Loneliness.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 16-Kungfu - Unsichtbar.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 17-The Gloria Record - The Arctic Cat.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 18-Elliott - Carry On.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! 19-The God Machine - The Hunter.mp3 Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! C:\Documents and Settings\Delphine\Local Settings\Application Data\Microsoft\Windows UsrClass.dat Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! UsrClass.dat.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\Delphine\Local Settings\Temp Perflib_Perfdata_348.dat Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\Delphine\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN swflash[1].cab ArchiveType: CAB (Microsoft) --> swflash.inf NOTE! Bad header --> Flash8.ocx NOTE! Bad header --> GetFlash.exe NOTE! Bad header --> GetFlash.man NOTE! Bad header C:\Documents and Settings\NetworkService NTUSER.DAT Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ntuser.dat.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows UsrClass.dat Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! UsrClass.dat.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Program Files\WinRAR rarnew.dat ArchiveType: RAR NOTE! The archive is created by multiple volumes Error! Could not change directory: System Volume Information C:\WINDOWS MEMORY.DMP Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\system32\config default Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! default.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! SAM Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! SAM.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! SECURITY Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! SECURITY.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! software Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! software.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! system Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! system.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! End of scan: lundi 17 octobre 2005 15:10 Time taken: 67:07 min 3790 directories were scanned 88066 files were scanned 62 warning messages were issued 0 files were deleted 0 files were repaired 0 detections ---------------------------------------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 15:15:28, on 17/10/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe ----------------------------------------------------------------------------------------- Y a-t-il quelque chose d'anormal ?

au fait , je scan avec quoi ? antivir , ewido , ?

ok je fais ca et je poste ... a de suite

Voici les symptomes remarqués depuis quelques jours : Ily a deux semains a peine , mon pc a redémarré tt seul 3 fois de suite a qques minutes d'intervalle, puis m'a affiché une connexion a un débit divisé par 2 par rapport a avant ( de 8 MO --> 4 Mo à peine) ! Je l'ai donc redémarré manuellement et la connexion est revenue a un débit de 8 Mo . Seulement depuis ce problème , mon pc rame énormément !! Je ne comprends pas ! mike

Bonjour à tous, J'ai un pc qui reboot tt seul ! Et souvent depuis quelques jours ! Depuis ces redémarrages intempestifs, il rame comme jamais depuis que je l'ai ! Quelqu'un peut-il m'aider ? Voici le log de hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 13:33:23, on 17/10/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\MESSAG~1\StartMessager.exe C:\Program Files\AVPersonal\AVGNT.EXE C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\Program Files\ewido\security suite\ewidoctrl.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Wanadoo\ComComp.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\Wanadoo\Watch.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [WOOKIT] C:\Program Files\Wanadoo\EspaceWanadoo.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Bloc Notes - {AF4F850B-68FF-404C-8417-549F86B1E236} - notepad.exe (file missing) O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{E31B106E-487B-4704-966C-75E52564111D}: NameServer = 80.10.246.130 80.10.246.3 O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe ---------------------------------------------------------------------------------------------- Tout est normal ou pas ? merci de votre aide....

Les voici au cas ou : Creation date of the report file: mardi 27 septembre 2005 18:16 AntiVir®/XP (2000 + NT) PersonalEdition Classic Build 1068 of 21.09.2005 Mainprogram 6.32.00.07 of 16.09.2005 VDF file 6.32.0.36 (0) of 21.09.2005 This program is for PERSONAL USE only. Any other use is PROHIBITED. Informations regarding commercial versions of AntiVir may be obtained from: www.hbedv.com. Scanning for 223228 virus strains and unwanted programs. Licensed for: AntiVir Personal Edition Serial number: 0000149991-WURGE-0001 Please enter the workstation and contact name with phone number in this form: Name ___________________________________________ Street ___________________________________________ Town ___________________________________________ Phone/Fax ___________________________________________ Email ___________________________________________ Platform: Windows NT Workstation Windows version: 5.1 Build 2600 (Service Pack 1) Username: mickael Processor: Pentium Working memory: 1048044 KB free Version information: AVWIN.DLL : 6.32.00.04 561192 16.08.2005 10:22:36 AVEWIN32.DLL : 6.32.0.6 832000 23.09.2005 12:59:58 AVGNT.EXE : 6.32.00.00 168039 29.07.2005 10:19:28 AVGUARD.EXE : 6.32.00.06 207912 07.09.2005 16:34:50 GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 11:24:12 AVGCMSG.DLL : 6.32.00.00 258165 29.07.2005 10:19:30 AVGNTDW.SYS : 6.31.00.01 32896 29.04.2005 08:07:16 AVPACK32.DLL : 6.31.01.07 327720 07.09.2005 09:08:28 AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 18:10:20 AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 18:10:22 AVSched32.EXE : 6.32.00.01 110632 21.09.2005 11:14:42 AVSched32.DLL : 6.30.00.00 122880 01.02.2005 11:24:12 AVREG.DLL : 6.31.00.05 41000 07.09.2005 16:34:50 AVRep.DLL : 6.32.00.33 1364008 23.09.2005 13:00:34 INETUPD.EXE : 6.32.00.05 254011 16.08.2005 16:46:10 INETUPD.DLL : 6.32.00.05 143360 16.08.2005 16:46:10 CTL3D32.DLL : 2.31.000 27136 24.04.2003 03:00:00 MFC42.DLL : 6.00.8665.0 995383 24.04.2003 03:00:00 MSVCRT.DLL : 7.0.2600.1106 (xpsp1.020828-1920 MSVCRT.DLL : 7.0.2600.1106 323072 24.04.2003 03:00:00 CTL3DV2.DLL : No information Configuration file: Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG Start path: C:\Program Files\AVPersonal Command line: Start mode: unknown Mode of report file: [ ] Do not create report [X] Overwrite report [ ] Append new report Data in report file: [X] Infected files [ ] Infected files with paths [ ] All scanned files [ ] Full information Abridge report file: [ ] Abridge report file Warnings in report: [X] Access denied/file locked [X] Wrong file size in directory [X] Wrong creation time in directory [ ] COM file is too large [X] Invalid start address [X] Invalid EXE header [X] Possibly damaged Summary report: [X] Create summary report Output file: AVWIN.ACT Maximum number of entries: 100 Where to search: [X] Memory [X] Boot record of selected drives [X] Report unknown boot sectors [X] All files [ ] Program files Response in case of a detection: [X] Repair with prompt [ ] Repair without prompt [ ] Delete with prompt [ ] Delete without prompt [ ] Write in report file only [X] Acoustic alarm Response in case of destroyed files: [X] Delete with prompt [ ] Delete without prompt [ ] Ignore Response in case of destroyed files: [X] No change [ ] Current system time [ ] Correct date Drag&drop settings: [X] Scan subdirectories Profile settings: [X] Scan subdirectories Archive options [X] Search archive [X] Archive types to leave out 1000 1001 1002 Miscellaneous options: Temporary path: %TEMP% -> C:\DOCUME~1\mickael\LOCALS~1\Temp [X] Overwrite infected files [ ] Detect idle time [X] Allow interruptions of scan [X] Load AVWin®/NT Guard on System start General settings: [X] Save options on exiting AntiVir Priority: medium Drives: A: Floppy drive C: Hard disk D: CD-ROM Start of scan: mardi 27 septembre 2005 18:16 Memory test OK Master boot record of hard disk HD0 OK Boot record of drive A: The record could not be read! Error code: 0x0015 Boot record of drive C: OK C:\ hiberfil.sys Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! pagefile.sys Access denied! Error during file opening! This is a Windows swap file. This file is locked by Windows. Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson user.dmp Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery AlexaRelated.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow1.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow10.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow11.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow12.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow13.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow14.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow15.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow16.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow17.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow18.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow19.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow2.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow20.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow21.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow22.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow23.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow24.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow25.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow26.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow27.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow28.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow29.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow3.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow30.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow31.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow32.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow33.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow4.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow5.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow6.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow7.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow8.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchAffWinshow9.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL1.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL10.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL11.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL12.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL13.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL14.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL15.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL16.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL17.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL18.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL19.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL2.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL20.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL3.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL4.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL5.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL6.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL7.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL8.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatDLL9.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller1.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller10.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller11.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller12.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller13.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller14.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller2.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller3.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller4.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller5.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller6.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller7.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller8.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchFeatInstaller9.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch1.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch10.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch2.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch3.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch4.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch5.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch6.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch7.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch8.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchHomeSearch9.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick1.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick10.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick11.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick12.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick2.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick3.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick4.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick5.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick6.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick7.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick8.zip ArchiveType: ZIP NOTE! The whole archive is password protected CoolWWWSearchSearchKlick9.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit1.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit10.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit11.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit12.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit13.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit14.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit15.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit16.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit17.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit18.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit19.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit2.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit20.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit21.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit22.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit3.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit4.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit5.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit6.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit7.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit8.zip ArchiveType: ZIP NOTE! The whole archive is password protected DSOExploit9.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb1.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb10.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb11.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb12.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb13.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb14.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb15.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb16.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb2.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb3.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb4.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb5.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb6.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb7.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb8.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWeb9.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWebProducts.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWebProducts1.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWebProducts2.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWebProducts3.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWebProducts4.zip ArchiveType: ZIP NOTE! The whole archive is password protected FunWebProducts5.zip ArchiveType: ZIP NOTE! The whole archive is password protected GAINDashBar.zip ArchiveType: ZIP NOTE! The whole archive is password protected GAINGator.zip ArchiveType: ZIP NOTE! The whole archive is password protected GAINGator1.zip ArchiveType: ZIP NOTE! The whole archive is password protected GAINGator2.zip ArchiveType: ZIP NOTE! The whole archive is password protected GAINGator3.zip ArchiveType: ZIP NOTE! The whole archive is password protected GAINGator4.zip ArchiveType: ZIP NOTE! The whole archive is password protected Investigator.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWebSearch.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWebSearch1.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWebSearch2.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWebSearch3.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWebSearch4.zip ArchiveType: ZIP NOTE! The whole archive is password protected MyWebSearch5.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker1.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker10.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker11.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker12.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker13.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker14.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker15.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker16.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker17.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker18.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker19.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker2.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker20.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker21.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker3.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker4.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker5.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker6.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker7.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker8.zip ArchiveType: ZIP NOTE! The whole archive is password protected TrekBlueErrorNuker9.zip ArchiveType: ZIP NOTE! The whole archive is password protected C:\Documents and Settings\LocalService NTUSER.DAT Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ntuser.dat.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows UsrClass.dat Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! UsrClass.dat.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\mickael NTUSER.DAT Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ntuser.dat.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\mickael\Application Data\Microsoft\Office\Récent ????? ?????? UTC.doc.lnk Access denied! Error during file opening! Error code: 0x0016 WARNING! Access error/file locked! C:\Documents and Settings\mickael\Bureau\MICKAËL\TRAVAIL UTC MICKAEL\dossier-fortran\X86\SUPPORT\IE4\WIN95 MSGMS_2.CAB ArchiveType: CAB (Microsoft) NOTE! The archive is created by multiple volumes MSGMS_3.CAB ArchiveType: CAB (Microsoft) NOTE! The archive is created by multiple volumes C:\Documents and Settings\mickael\Bureau\MICKAËL\TRAVAIL UTC MICKAEL\dossier-fortran\X86\SUPPORT\IE4\WINNT MSGMS_2.CAB ArchiveType: CAB (Microsoft) NOTE! The archive is created by multiple volumes MSGMS_3.CAB ArchiveType: CAB (Microsoft) NOTE! The archive is created by multiple volumes C:\Documents and Settings\mickael\Bureau\MICKAËL\TRAVAIL UTC MICKAEL\FICHIERS EXECUTABLES Fortran 77.rar ArchiveType: RAR --> Fortran 77\X86\SUPPORT\IE4\WIN95\MSGMS_2.CAB ArchiveType: CAB (Microsoft) NOTE! The archive is created by multiple volumes --> Fortran 77\X86\SUPPORT\IE4\WIN95\MSGMS_3.CAB ArchiveType: CAB (Microsoft) NOTE! The archive is created by multiple volumes --> Fortran 77\X86\SUPPORT\IE4\WINNT\MSGMS_2.CAB ArchiveType: CAB (Microsoft) NOTE! The archive is created by multiple volumes --> Fortran 77\X86\SUPPORT\IE4\WINNT\MSGMS_3.CAB ArchiveType: CAB (Microsoft) NOTE! The archive is created by multiple volumes GID 7.2.rar ArchiveType: RAR --> GID 7.2\GiD7.2-win-split.exe ArchiveType: RAR SFX (self extracting) NOTE! The archive is created by multiple volumes C:\Documents and Settings\mickael\Bureau\MICKAËL\TRAVAIL UTC MICKAEL\FICHIERS EXECUTABLES\GID 7.2 GiD7.2-win-split.exe ArchiveType: RAR SFX (self extracting) NOTE! The archive is created by multiple volumes C:\Documents and Settings\mickael\Bureau\MICKAËL\TRAVAIL UTC MICKAEL\Papiers\Etudes réalisées avec REFLUX\Domaine Etang\Modification des niveaux d'eau en raison du vent dans les lacs palavasiens Modification des niveaux d'eau en araison du vent ds les lacs palvasiens.doc Access denied! Error during file opening! Error code: 0x0002 WARNING! Access error/file locked! C:\Documents and Settings\mickael\Local Settings\Application Data\Microsoft\Windows UsrClass.dat Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! UsrClass.dat.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\NetworkService NTUSER.DAT Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ntuser.dat.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows UsrClass.dat Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! UsrClass.dat.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Program Files\AVPersonal\INFECTED A0118544.EXE.VIR [DETECTION] Is the Trojan horse TR/Dldr.Agen.hl.1.A WAS DELETED! ADDEU.EXE.VIR [DETECTION] Is the Trojan horse TR/Dldr.Agen.hl.1.A WAS DELETED! addeu.VIR [DETECTION] Is the Trojan horse TR/Dldr.Agen.hl.1.A WAS DELETED! CRBS32.EXE.VIR [DETECTION] Is the Trojan horse TR/Dldr.Agen.hl.1.A WAS DELETED! NETIG.EXE.VIR [DETECTION] Is the Trojan horse TR/Agent.BI WAS DELETED! SDKCQ.EXE.VIR [DETECTION] Is the Trojan horse TR/Agent.BI WAS DELETED! C:\Program Files\WinRAR rarnew.dat ArchiveType: RAR NOTE! The archive is created by multiple volumes C:\WINDOWS\$NtUninstallKB824141$ user32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! win32k.sys Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallKB826939$ accwiz.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! crypt32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! cryptsvc.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! html32.cnv Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! locator.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! magnify.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! migwiz.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mrxsmb.sys Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msconv97.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! narrator.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! newdev.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ntdll.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ntkrnlpa.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ntoskrnl.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! osk.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! pchshell.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! raspptp.sys Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! shell32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! srrstr.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! srv.sys Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! sysmain.sdb Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! user32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! win32k.sys Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! winsrv.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! zipfldr.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallKB828741$ catsrv.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! catsrvut.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! clbcatex.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! clbcatq.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! colbact.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! comadmin.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! comrepl.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! comsvcs.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! comuid.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! es.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msdtcprx.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msdtctm.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msdtcuiu.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mtxclu.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mtxoci.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ole32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! rpcrt4.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! rpcss.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! txflog.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallKB835732$ callcont.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! cmdevtgprov.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! gdi32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! h323.tsp Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! h323msp.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! helpctr.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ipnathlp.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! lsasrv.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mf3216.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msasn1.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msgina.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mst120.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! netapi32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! nmcom.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! rtcdll.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! schannel.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallKB837001$ dao360.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! expsrv.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msexch40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msexcl40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjet40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjetoledb40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjint40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjter40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjtes40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msltus40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mspbde40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msrd2x40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msrd3x40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msrepl40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mstext40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mswdat10.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mswstr10.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msxbde40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! vbajet32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallQ828026$ msdxm.ocx Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! wmpcore.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\system32 mtnjp.dll [DETECTION] Is the Trojan horse TR/StartPa.DU.DLL.1 WAS DELETED! tqvnv.dll [DETECTION] Is the Trojan horse TR/StartPa.DU.DLL.1 WAS DELETED! C:\WINDOWS\system32\config default Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! default.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! SAM Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! SAM.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! SECURITY Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! SECURITY.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! software Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! software.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! system Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! system.LOG Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\Temp ZLT03f87.TMP Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\Temp\hsperfdata_SYSTEM 1948 Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! 416 Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! End of scan: jeudi 29 septembre 2005 09:38 Time taken: 2361:31 min 11186 directories were scanned 526902 files were scanned 113 warning messages were issued 8 files were deleted 0 files were repaired 8 detections ------------------------------------------------------------------------------------------ AboutBuster 5.0 reference file 28 Scan started on [29/09/2005] at [10:14:10] ------------------------------------------------ Removed Stream! C:\WINDOWS\WORDPAD.INI:nqbajn Removed Stream! C:\WINDOWS\yoxgz.dat:grugdq Removed Stream! C:\WINDOWS\_iserr31.ini:vhlgnt Removed Stream! C:\WINDOWS\_iserr31.ini:vsrbk ------------------------------------------------ Removed File! : C:\Windows\auaip.dat ------------------------------------------------ Scan was COMPLETED SUCCESSFULLY at 10:14:35

Re salut bipbip, bonjour a tous, voici le log hijackthis comme convenu : Logfile of HijackThis v1.99.1 Scan saved at 10:00:32, on 29/09/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\atlmc32.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\Program Files\ewido\security suite\ewidoctrl.exe C:\Program Files\ATI Technologies\Fire GL Control Panel\atiisrgl.exe C:\Matlab7\webserver\bin\win32\matlabserver.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraMD.exe C:\Program Files\AVPersonal\AVGNT.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\atlje.exe C:\Compaq\EAKDRV\EAUSBKBD.EXE C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\AVPersonal\INETUPD.EXE C:\WINDOWS\System32\msiexec.exe C:\Program Files\WinRAR\WinRAR.exe C:\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\mtnjp.dll/sp.html#93256 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\mtnjp.dll/sp.html#93256 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\mtnjp.dll/sp.html#93256 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\mtnjp.dll/sp.html#93256 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\mtnjp.dll/sp.html#93256 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\mtnjp.dll/sp.html#93256 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\mtnjp.dll/sp.html#93256 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxyweb.utc.fr:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: Class - {0B770DD6-AEB5-21ED-6D51-033B76258C77} - C:\WINDOWS\system32\ieso.dll O2 - BHO: Class - {10ABDCE8-0FE1-1F00-353B-C722D83B9139} - C:\WINDOWS\system32\netjz32.dll O2 - BHO: Class - {1E94F949-F3F0-5C64-038A-53C68D35F288} - C:\WINDOWS\system32\javaoj.dll O2 - BHO: Class - {1EABB716-6766-9034-E2FB-D0FA3A1B06E9} - C:\WINDOWS\system32\netyy.dll O2 - BHO: Class - {1F6BBD3D-4D92-B6C9-0D86-67BC18D25967} - C:\WINDOWS\system32\d3my32.dll O2 - BHO: Class - {201C2FBF-3759-3A0D-344E-15772DA97FF5} - C:\WINDOWS\javazq.dll O2 - BHO: Class - {21550CC0-2AA4-18C6-156A-0927D0630C0D} - C:\WINDOWS\system32\ipwo.dll O2 - BHO: Class - {27E1E8D6-D0CD-4321-1020-995AA1BFB2B5} - C:\WINDOWS\system32\javapc.dll O2 - BHO: Class - {27E66E0E-10B1-AE94-6FA4-137B013EE875} - C:\WINDOWS\system32\sysvz.dll O2 - BHO: Class - {2CFEA94E-5A24-A0DD-8BBF-23387F8EEBCF} - C:\WINDOWS\system32\sdkkb32.dll O2 - BHO: Class - {321EE590-67C6-6B11-CCA5-70323A77E2B6} - C:\WINDOWS\msko.dll O2 - BHO: Class - {3430DBD7-FB8E-89AC-570B-BFD4FF9822B6} - C:\WINDOWS\system32\sdkyc32.dll O2 - BHO: Class - {347CF0FD-5E7D-8D1B-57E2-27841B120F68} - C:\WINDOWS\javagq32.dll O2 - BHO: Class - {35F1EB9B-2875-FC5F-C210-4FA3B45FC995} - C:\WINDOWS\system32\javafp32.dll O2 - BHO: Class - {3A3AA010-1800-53BA-E16B-DD32344A479E} - C:\WINDOWS\ntqd32.dll O2 - BHO: Class - {40623E66-6632-B92E-52FA-C47B8259279F} - C:\WINDOWS\system32\atlgx32.dll O2 - BHO: Class - {46B118F7-A9C3-30B6-F02A-A8C72E1E4FD5} - C:\WINDOWS\system32\javayy32.dll O2 - BHO: Class - {4C71452A-6C8B-7351-0338-0370964A66D2} - C:\WINDOWS\ievo32.dll O2 - BHO: Class - {4CDCBA87-7E66-3831-67E7-C02FD3C6CA1B} - C:\WINDOWS\system32\apial.dll O2 - BHO: Class - {517564DA-70D9-1F28-3710-89856CB474C4} - C:\WINDOWS\system32\netfk.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Class - {572A44A6-4945-DA71-B13F-066F8EC29E66} - C:\WINDOWS\appex.dll O2 - BHO: Class - {575C418B-0B32-878B-11D3-E5EA0E460E09} - C:\WINDOWS\system32\ntpv32.dll O2 - BHO: Class - {5874F8D0-E3AD-83A1-3957-B52E1289B231} - C:\WINDOWS\addmc.dll O2 - BHO: Class - {61CB9A96-52A6-77AC-2D80-908A69B10150} - C:\WINDOWS\sysqg32.dll O2 - BHO: Class - {6261A424-B0FC-0029-57C0-677FD04E086B} - C:\WINDOWS\sysej32.dll O2 - BHO: Class - {655B57FC-F511-E626-4D9C-B315180CF3AA} - C:\WINDOWS\system32\sdkme32.dll O2 - BHO: Class - {6C924832-BFE0-5FFA-789B-ABE3BCB3F18B} - C:\WINDOWS\atlyt32.dll O2 - BHO: Class - {6D1994C5-8E89-1F2D-9ABD-D6FD47944E0B} - C:\WINDOWS\system32\iebd.dll O2 - BHO: Class - {70BA9630-8D19-EFD5-E92D-0662A9598CAE} - C:\WINDOWS\addxs.dll O2 - BHO: Class - {7585DA5E-00B8-A6A6-588F-E650C178A259} - C:\WINDOWS\syser32.dll O2 - BHO: Class - {763B83B8-1A6B-61BB-A43E-8A426D1F77FC} - C:\WINDOWS\system32\apizl.dll O2 - BHO: Class - {795C4F6D-8709-7CDE-2594-4B088D22936D} - C:\WINDOWS\sdkzt32.dll O2 - BHO: Class - {865E429D-BFA4-C656-5DF9-DD49CC5D9CC7} - C:\WINDOWS\sdklw32.dll O2 - BHO: Class - {868B9A8E-F8FF-0CE7-B336-2B1AF1713C5F} - C:\WINDOWS\addvi32.dll O2 - BHO: Class - {8D199EFD-5E92-9066-A959-CAE4A3ADE0B2} - C:\WINDOWS\system32\mszt.dll O2 - BHO: Class - {92CDA6FC-1C7D-E1DC-676E-761A6ECC0847} - C:\WINDOWS\system32\msbw.dll O2 - BHO: Class - {93757B32-DCC3-5C75-4010-8C148E619B58} - C:\WINDOWS\system32\sdkvj.dll O2 - BHO: Class - {9A7207C1-F9CF-2AD4-96C4-3A2EDCF39262} - C:\WINDOWS\nttw32.dll O2 - BHO: Class - {9A8FA81A-5DB1-391E-A47A-E2064E5B330E} - C:\WINDOWS\d3yn.dll O2 - BHO: Class - {9D9DFEE4-D4FF-4DF2-9A8B-75B98238D291} - C:\WINDOWS\ntxd32.dll O2 - BHO: Class - {A4881825-4CC9-B4CE-6290-C430E5E901F8} - C:\WINDOWS\system32\appsk.dll O2 - BHO: Class - {A5F1C6CB-4A7E-5372-1963-B6EBAEC0BB23} - C:\WINDOWS\system32\msyq32.dll O2 - BHO: Class - {A992910C-ED06-1A17-A389-6EE7DD6C9071} - C:\WINDOWS\iprs.dll O2 - BHO: Class - {C0146C97-9E45-541E-2BF9-8DEC38F21C73} - C:\WINDOWS\javahn.dll O2 - BHO: Class - {CEDD5709-5058-410D-7FA2-8B13FFF31739} - C:\WINDOWS\system32\msca.dll O2 - BHO: Class - {CF5405A2-4593-3340-58C9-D8197B57070C} - C:\WINDOWS\system32\crmd32.dll O2 - BHO: Class - {D1F0CDB5-E908-7D81-54C6-CCE72BC8C94D} - C:\WINDOWS\addym32.dll O2 - BHO: Class - {D26313C5-AFE8-33BB-E5DB-1E585F2541C9} - C:\WINDOWS\wincw.dll O2 - BHO: Class - {EAB92D78-0DD3-8A5E-CA0A-36AA7566EC41} - C:\WINDOWS\system32\appqj32.dll O2 - BHO: Class - {ECDBD93B-30EF-D196-FC96-85492CDB4F6A} - C:\WINDOWS\javakw32.dll O2 - BHO: Class - {F292FDF9-73D1-15E7-DA6B-DA2D7932EB4D} - C:\WINDOWS\apidv32.dll O2 - BHO: Class - {F3485428-77FF-E708-DA20-E086B5881F90} - C:\WINDOWS\msjk.dll O2 - BHO: Class - {FA6A4655-C13C-BF9A-C97E-513B7A9A010A} - C:\WINDOWS\system32\apijv32.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe O4 - HKLM\..\Run: [HydraVisionViewport] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraMD.exe O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [atlje.exe] C:\WINDOWS\system32\atlje.exe O4 - HKLM\..\RunOnce: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1127472494031 O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: FGLRYUTIL (FGLRYUtil) - ATI Technologies, Inc. - C:\Program Files\ATI Technologies\Fire GL Control Panel\atiisrgl.exe O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Matlab7\webserver\bin\win32\matlabserver.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe J'ai un rapport ANTIVIR et n autre ABOUTBUSTER , je te les envoie ?

Voila , l j'ai bien respecté les consignes : (9/27/05 14:12:53) SPSeHjFix started v1.1.2 (9/27/05 14:12:53) OS: WinXP Service Pack 1 (5.1.2600) (9/27/05 14:12:53) Language: français (9/27/05 14:12:53) Win-Path: C:\WINDOWS (9/27/05 14:12:53) System-Path: C:\WINDOWS\System32 (9/27/05 14:12:53) Temp-Path: C:\DOCUME~1\mickael\LOCALS~1\Temp\ (9/27/05 14:12:54) Disinfection started (9/27/05 14:12:54) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:12:54) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:12:54) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:12:54) Bad IE-pages: deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar: res://c:\windows\jtytv.dll/sp.html#93256 deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Search Page: res://c:\windows\jtytv.dll/sp.html#93256 deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Start Page: about:blank deleted: HKCU\Software\Microsoft\Internet Explorer\Search, SearchAssistant: res://c:\windows\jtytv.dll/sp.html#93256 deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Search Bar: res://c:\windows\jtytv.dll/sp.html#93256 deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Search Page: res://c:\windows\jtytv.dll/sp.html#93256 deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Start Page: about:blank deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Default_Page_URL: about:blank deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Default_Search_URL: res://c:\windows\jtytv.dll/sp.html#93256 deleted: HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant: res://c:\windows\jtytv.dll/sp.html#93256 (9/27/05 14:12:54) Stealth-String not found (9/27/05 14:12:54) No locked Files to delete. End without Reboot (9/27/05 14:12:57) Disinfection started (9/27/05 14:12:57) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:12:57) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:12:57) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:12:57) Bad IE-pages: (none) (9/27/05 14:12:57) Stealth-String not found (9/27/05 14:12:57) No locked Files to delete. End without Reboot (9/27/05 14:13:01) Disinfection started (9/27/05 14:13:01) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:13:01) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:01) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:01) Bad IE-pages: (none) (9/27/05 14:13:01) Stealth-String not found (9/27/05 14:13:01) No locked Files to delete. End without Reboot (9/27/05 14:13:02) Disinfection started (9/27/05 14:13:02) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) Bad IE-pages: (none) (9/27/05 14:13:02) Stealth-String not found (9/27/05 14:13:02) No locked Files to delete. End without Reboot (9/27/05 14:13:02) Disinfection started (9/27/05 14:13:02) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) Bad IE-pages: (none) (9/27/05 14:13:02) Stealth-String not found (9/27/05 14:13:02) No locked Files to delete. End without Reboot (9/27/05 14:13:02) Disinfection started (9/27/05 14:13:02) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) Bad IE-pages: (none) (9/27/05 14:13:02) Stealth-String not found (9/27/05 14:13:02) No locked Files to delete. End without Reboot (9/27/05 14:13:02) Disinfection started (9/27/05 14:13:02) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) Bad IE-pages: (none) (9/27/05 14:13:02) Stealth-String not found (9/27/05 14:13:02) No locked Files to delete. End without Reboot (9/27/05 14:13:02) Disinfection started (9/27/05 14:13:02) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) Bad IE-pages: (none) (9/27/05 14:13:02) Stealth-String not found (9/27/05 14:13:02) No locked Files to delete. End without Reboot (9/27/05 14:13:02) Disinfection started (9/27/05 14:13:02) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:02) Bad IE-pages: (none) (9/27/05 14:13:02) Stealth-String not found (9/27/05 14:13:02) No locked Files to delete. End without Reboot (9/27/05 14:13:03) Disinfection started (9/27/05 14:13:03) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:13:03) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:03) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:03) Bad IE-pages: (none) (9/27/05 14:13:03) Stealth-String not found (9/27/05 14:13:03) No locked Files to delete. End without Reboot (9/27/05 14:13:03) Disinfection started (9/27/05 14:13:03) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:13:03) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:03) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:03) Bad IE-pages: (none) (9/27/05 14:13:03) Stealth-String not found (9/27/05 14:13:03) No locked Files to delete. End without Reboot (9/27/05 14:13:03) Disinfection started (9/27/05 14:13:03) Bad-Dll(IEP): c:\windows\jtytv.dll (9/27/05 14:13:03) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:03) UBF: 5 - UBB: 1 - UBR: 6 (9/27/05 14:13:03) Bad IE-pages: (none) (9/27/05 14:13:03) Stealth-String not found (9/27/05 14:13:03) No locked Files to delete. End without Reboot ---------------------------------------------------------------------------------------- Mais a chaque fois que je veux ouvrir une page internet, antivir détect ceci : C:\WINDOWS\SYSTEM32\EVVPX.DLL Is the Trojan horse TR/StartPa.DU.DLL.1 -------------------------------------------------------------------- Est-ce normal ?