sand

LOL !!! J'en rate pas une... je dois être fatiguée! Bref voilà: Incident Statut Analyse Adware:adware/comet No Désinfecté C:\WINNT\DOWNLOADED PROGRAM FILES\cc.inf Adware:adware/securityerror No Désinfecté C:\WINNT\SYSTEM32\mscornet.exe Adware:adware/emediacodec No Désinfecté C:\WINNT\SYSTEM32\ncompat.tlb Adware:adware/ipinsight No Désinfecté C:\WINNT\INF\conscorr.inf Adware:adware/aureate-radiate No Désinfecté C:\PROGRAM FILES\MediaRing Talk Outil indésirable:application/myway No Désinfecté C:\PROGRAM FILES\MyWay Adware:adware/savenow No Désinfecté Registre Windows Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Nous1\Cookies\nous1@advertising[1].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Nous1\Cookies\nous1@bluestreak[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Nous1\Cookies\nous1@xiti[1].txt Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Nous1\Bureau\l2mfix.exe[Process.exe] Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Nous1\Cookies\nous1@advertising[1].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Nous1\Cookies\nous1@bluestreak[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Nous1\Cookies\nous1@xiti[1].txt Adware:Adware/IPInsight No Désinfecté C:\WINNT\inf\conscorr.inf Merciiiii regiiiis! Sand

Hello Regis! Bon, je viens de terminer le scan panda. Il a été trouvé une application non désirée, mais je crois savoir laquelle: il s'agit de L2MFIX.EXE que j'ai téléchargé plus tôt pour corriger ma ligne R020 du rapport HijackThis, donc pas de problème? (je pense??) Par contre, c'est quoi l'outil indésirable MY WAY?? Tu trouveras ci-dessous le log du scan, car c'est pas moi la spécialiste! à plus, Sand

Hello Regis Pour te répondre au sujet des mes 2 précédents postes: Oups, meaculpa! je n'ai pas trop l'habitude d'utiliser ce type de forum, DONC: toutes mes excuses, et à l'avenir : 1/ je resterai sur le même sujet, et 2/ je serai plus patiente promis! Pour revenir au sujet: Merci pour ta réponse, j'ai suivi tes conseils et voici donc mon dernier rapport HijackThis: Logfile of HijackThis v1.99.1 Scan saved at 09:49:17, on 09/04/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINNT\System32\CTSvcCDA.exe C:\WINNT\System32\svchost.exe C:\WINNT\System32\snmp.exe C:\WINNT\system32\stisvc.exe C:\WINNT\system32\ZoneLabs\vsmon.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\inetsrv\inetinfo.exe C:\WINNT\System32\msdtc.exe C:\WINNT\system32\mqsvc.exe C:\WINNT\Explorer.EXE C:\Program Files\Creative\ShareDLL\CtNotify.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe D:\ProgramFiles\zonealarm\ZoneAlarm\zlclient.exe C:\Program Files\Creative\ShareDLL\MediaDet.Exe C:\WINNT\System32\mdm.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hotmail.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.humour.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Zone Labs Client] D:\ProgramFiles\zonealarm\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: Descargas - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - C:\WINNT\System32\shdocvw.dll O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\ProgramFiles\GhostNavigator\Ghost (file missing) O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\ProgramFiles\GhostNavigator\Ghost (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.hotmail.com O20 - AppInit_DLLs: CLKERN.DLL,FHook.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTSvcCDA.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: ewido security suite control - ewido networks - D:\ProgramFiles\ewido\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - D:\ProgramFiles\ewido\ewido anti-malware\ewidoguard.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe Merci à toi ! à plus, Sand

Bonjour à tous Tout d'abord: Je suis inscrite sur Zebulon depuis peu, je suis très agréablement surprise de l'efficacité de ce site !! Voilà, j'ai suivi la méthode indiquée par megataupe et sollicite donc un peu d'aide pour mon rapport HijackThis ci-dessous. (A savoir quAntiVir m'a trouvé un virus: TR/Dlr.Zlob.ea.4 que j'ai delete.) Logfile of HijackThis v1.99.1 Scan saved at 11:15:11, on 08/04/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINNT\System32\CTSvcCDA.exe C:\WINNT\System32\svchost.exe C:\WINNT\System32\snmp.exe C:\WINNT\system32\stisvc.exe C:\WINNT\system32\ZoneLabs\vsmon.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\inetsrv\inetinfo.exe C:\WINNT\System32\msdtc.exe C:\WINNT\system32\mqsvc.exe C:\WINNT\Explorer.EXE C:\WINNT\System32\mdm.exe C:\Program Files\Creative\ShareDLL\CtNotify.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe D:\ProgramFiles\zonealarm\ZoneAlarm\zlclient.exe C:\Program Files\Creative\ShareDLL\MediaDet.Exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hotmail.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://annuaire.super-barre.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.humour.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec la SUPER BARRE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: SUPER BARRE - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - D:\ProgramFiles\SuperBarre\SuperBarre\toolbar.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {E0B0FC07-DFCC-415C-ADF6-701494217D00} - (no file) O2 - BHO: XBTBPos00 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - D:\PROGRA~1\SUPERB~1\SUPERB~1\toolbar.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: SUPER BARRE - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - D:\ProgramFiles\SuperBarre\SuperBarre\toolbar.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Zone Labs Client] D:\ProgramFiles\zonealarm\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: Descargas - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - C:\WINNT\System32\shdocvw.dll O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\ProgramFiles\GhostNavigator\Ghost (file missing) O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\ProgramFiles\GhostNavigator\Ghost (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.hotmail.com O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version6/Applet/vchatsign.cab O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version6/Applet/wchatsign.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971C.../bridge-c18.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.informatiquepourtous.com/servic...bitdefender.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O20 - AppInit_DLLs: CLKERN.DLL,FHook.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTSvcCDA.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: ewido security suite control - ewido networks - D:\ProgramFiles\ewido\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - D:\ProgramFiles\ewido\ewido anti-malware\ewidoguard.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe Merci d'avance à qui pourrait me répondre pour la traduction de ce rapport, Bonn journée à tous! Sand

Bonsoir Regis, et merci... En fait j'ai enregistré le log de BitDef en txt ce qui donne un machin long d'chez long, c'est pour ça que je le poste pas (j'aurais ptêtre dû l'enregistrer en html mais c trop tard) et s'il faut refaire un scan en ligne ici, je peux pu ce soir, car trop naz ouam, et demain dure journée.. Je verrai ça dés dmain soir.... Mais merci encore! Sand

Re, Voici les rapports: BitDef d'abord, et Ediwo ensuite : BitDefender Online Scanner - Real Time Virus Report Generated at: Tue, Apr 04, 2006 - 23:38:04 ________________________________________ Scan Info Scanned Files 258632 Infected Files 10 Virus Detected Application.PWCrack.Brutus.A 1 Trojan.Webcracker 1 Trojan.Downloader.Zlob.FA 1 Trojan.Dloader.L 1 Virtool.WWHacker.A 2 Adware.Navexcel.A 3 Dropped:Trojan.Downloader.Zlob.FA 1 --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 00:08:09, 05/04/2006 + Somme de contrôle: 5274589C + Résultats du scan: [208] C:\WINNT\system32\ld758.tmp -> Downloader.Zlob.fa : Nettoyer et sauvegarder C:\Documents and Settings\Nous1\Cookies\nous1@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\Nous1\Cookies\nous1@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder C:\Documents and Settings\Nous1\Cookies\nous1@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\Nous1\Cookies\[email protected][1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder C:\WINNT\system32\ld758.tmp -> Downloader.Zlob.fa : Nettoyer et sauvegarder Arfff, je fais koiiiiiiiiiii???????????

Oups, y aurait des bestioles alors? OK, à plus, sand

Re, Oualà, c fait. 2ème log ci-dessous: Logfile of HijackThis v1.99.1 Scan saved at 19:55:46, on 04/04/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINNT\System32\CTSvcCDA.exe C:\WINNT\System32\svchost.exe C:\WINNT\System32\snmp.exe C:\WINNT\system32\stisvc.exe C:\WINNT\system32\ZoneLabs\vsmon.exe C:\WINNT\Explorer.EXE C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\inetsrv\inetinfo.exe C:\WINNT\System32\msdtc.exe C:\WINNT\system32\mqsvc.exe C:\Program Files\Creative\ShareDLL\CtNotify.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe D:\ProgramFiles\zonealarm\ZoneAlarm\zlclient.exe C:\Program Files\Creative\ShareDLL\MediaDet.Exe D:\ProgramFiles\Winamp\winampa.exe C:\WINNT\System32\mdm.exe C:\WINNT\system32\LVComsX.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hotmail.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://annuaire.super-barre.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.humour.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec la SUPER BARRE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: SUPER BARRE - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - D:\ProgramFiles\SuperBarre\SuperBarre\toolbar.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\ProgramFiles\Spybot\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {E0B0FC07-DFCC-415C-ADF6-701494217D00} - (no file) O2 - BHO: XBTBPos00 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - D:\PROGRA~1\SUPERB~1\SUPERB~1\toolbar.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: SUPER BARRE - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - D:\ProgramFiles\SuperBarre\SuperBarre\toolbar.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Zone Labs Client] D:\ProgramFiles\zonealarm\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [WinampAgent] D:\ProgramFiles\Winamp\winampa.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: Descargas - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - C:\WINNT\System32\shdocvw.dll O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\ProgramFiles\GhostNavigator\Ghost (file missing) O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\ProgramFiles\GhostNavigator\Ghost (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.hotmail.com O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version6/Applet/vchatsign.cab O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version6/Applet/wchatsign.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971C.../bridge-c18.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by18fd.bay18.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.informatiquepourtous.com/servic...bitdefender.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O20 - AppInit_DLLs: CLKERN.DLL,FHook.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTSvcCDA.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: ewido security suite control - ewido networks - D:\ProgramFiles\ewido\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - D:\ProgramFiles\ewido\ewido anti-malware\ewidoguard.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe Merci! je patiente donc... Sand

Re Pitcat, Oualà, c fait...AntiVir m'a trouvé une sale bestiole que j'ai delete... Pour la suite, et afin d'être sûre, ci-deesous mon rapport HijackThis: Logfile of HijackThis v1.99.1 Scan saved at 13:33:13, on 04/04/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINNT\System32\CTSvcCDA.exe C:\WINNT\System32\svchost.exe C:\WINNT\System32\snmp.exe C:\WINNT\system32\stisvc.exe C:\WINNT\system32\ZoneLabs\vsmon.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\inetsrv\inetinfo.exe C:\WINNT\System32\msdtc.exe C:\WINNT\system32\mqsvc.exe C:\WINNT\Explorer.EXE C:\WINNT\System32\mdm.exe C:\Program Files\Creative\ShareDLL\CtNotify.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe D:\ProgramFiles\zonealarm\ZoneAlarm\zlclient.exe C:\Program Files\Creative\ShareDLL\MediaDet.Exe D:\ProgramFiles\Winamp\winampa.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hotmail.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://annuaire.super-barre.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.humour.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec la SUPER BARRE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: SUPER BARRE - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - D:\ProgramFiles\SuperBarre\SuperBarre\toolbar.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\ProgramFiles\Spybot\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {E0B0FC07-DFCC-415C-ADF6-701494217D00} - (no file) O2 - BHO: XBTBPos00 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - D:\PROGRA~1\SUPERB~1\SUPERB~1\toolbar.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: SUPER BARRE - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - D:\ProgramFiles\SuperBarre\SuperBarre\toolbar.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Zone Labs Client] D:\ProgramFiles\zonealarm\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [WinampAgent] D:\ProgramFiles\Winamp\winampa.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: Descargas - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - C:\WINNT\System32\shdocvw.dll O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\ProgramFiles\GhostNavigator\Ghost (file missing) O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\ProgramFiles\GhostNavigator\Ghost (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.hotmail.com O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version6/Applet/vchatsign.cab O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version6/Applet/wchatsign.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971C.../bridge-c18.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by18fd.bay18.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.informatiquepourtous.com/servic...bitdefender.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: bw+0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {8CCF595C-9CF5-458C-AF24-D199C9E26607} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - AppInit_DLLs: CLKERN.DLL,FHook.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTSvcCDA.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: ewido security suite control - ewido networks - D:\ProgramFiles\ewido\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - D:\ProgramFiles\ewido\ewido anti-malware\ewidoguard.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe Je compte sur ton savoir pour traduire ces hiéroglyphes chinoisesques! à plus, Sand

Bonjour à tous, Hello Pitcat! Miracle en me levant ce matin: je clique par hasard sur un de mes sons pour voir, et hop, ça fonctionne à nouveau!!! (je n'avais encore rien fait de spé, mis à part dimanche soir la suppression de Windows media player...) Donc mes sons s'ouvrent à nouveau, mais avec Winamp. De tout façon, comme je souhaite savoir si j'ai de la bestiole dans mon syst, je vais quand même appliquer la méthode que tu m'as indiqué et je posterai le rapport HijackThis ici... Oualà, au boulot! à + Sand

Dac merci à toi Pitcat (et aussi Médicus! ) je donnerai des news d'main... Bonne nuitéeeeeeeeeeuuu, j'y plonge... Bye! Sand

Slt Pitcat, Jai bien lu les opé à effectuer: ouaf! j'espère que t'as raison et que c'est pas trop compliqué! Je suis rentrée tard, donc je ferai tout ça d'main les yeux bien face des trous... Simplement, le seul que je sais plus faire (car restée trop longtemps sans m'occupée de mon syst hélas), c'est de redémarrer en mode sans échec... Si tu peux me dire ça juste avant que je rejoigne morphée alors c cool... à + ! Sand

Hello Pitcat, Depuis hier soir, rien n'a changé avec mes blèmes de sons...tu penses à quoi exactement? Ci-dessous mon dernier rapport avec ediwo au cas où tu l'aurait pas lu sur le forum soft. [208] C:\WINNT\system32\ld5F0.tmp -> Downloader.Zlob.fa : Nettoyer et sauvegarder C:\WINNT\system32\ld5F0.tmp -> Downloader.Zlob.fa : Nettoyer et sauvegarder Comment nettoyer ça?? Si tu veux des compléments d'info, à 14h je serai au boulot, alors ce sera ce soir... Merci encore à toi, Sand

Merci Jean_Moi et Pitcat ! Je ferai tout ça d'main, car là je tombe de sommeil, et pi ya une grosse journée qui m'attend au boulot.... Bonne soirée à tous, et merci encore de vos coup'd pouces!!! à + Sand (j'enverrai sûrement les rapports de scan ici demain soir ou mardi...)

Oui c vrai, ça se corse.... Alors, (pour Pitcat aussi), : tout va bien avec mes autres types de fichier, que je peux ouvrir sans soucis. Quant au virus suspecté, j'ai fait un scan avec ewido qui donne ce rapport: [208] C:\WINNT\system32\ld5F0.tmp -> Downloader.Zlob.fa : Nettoyer et sauvegarder C:\WINNT\system32\ld5F0.tmp -> Downloader.Zlob.fa : Nettoyer et sauvegarder Si c'est un virus, avec koi le virer celui-là?? Autre chose Jean_Moi: dans mon précédent message, tu ne dis rien sur le rapport d'erreur d'Internet Explorer?? ça parle de DLL, c'est pas trop bon ça! ....Alors j'ai pensé que mon problème doit venir d'Internet explorer, qui est beugué quelquepart...possible, non? Sand