wardog92

c vrai je m'en suis rendu compte après te l'avoir envoyé

Salut Bruce! comment va? Me voila de retour mais sur le PC de mon père (bonne fête!). Je lui ai fait un p'tit scan avec AntiVir en mode sans échec et un p'tit log avec HijackThis! Juste pour savoir s'il y a des trucs ki clochent dessus. A la suite je te mets les 2 rapports: AntiVir PersonalEdition Classic Report file date: samedi 17 juin 2006 17:44 Scanning for 409240 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 1) [5.1.2600] Username: Propriétaire Computer name: NOM-FHA60KKNN64 Version informations: AVSCAN.EXE : 7.0.0.42 376872 17/06/2006 14:49:59 AVSCAN.DLL : 7.0.0.42 53288 17/06/2006 14:49:59 LUKE.DLL : 7.0.0.42 110632 17/06/2006 14:50:01 LUKERES.DLL : 7.0.0.42 25640 17/06/2006 14:50:01 ANTIVIR0.VDF : 6.35.0.1 7371264 17/06/2006 14:49:56 ANTIVIR1.VDF : 6.35.0.5 2048 17/06/2006 14:49:57 ANTIVIR2.VDF : 6.35.0.33 173568 17/06/2006 14:49:57 ANTIVIR3.VDF : 6.35.0.42 16384 17/06/2006 14:49:57 AVEWIN32.DLL : 7.1.0.13 1536512 17/06/2006 14:49:57 AVPREF.DLL : 7.0.0.1 33832 17/06/2006 14:49:58 AVREP.DLL : 6.35.0.2 454696 17/06/2006 14:49:59 AVRPBASE.DLL : 7.0.0.0 1544232 17/06/2006 14:49:59 AVPACK32.DLL : 7.1.0.1 331816 17/06/2006 14:49:58 AVREG.DLL : 6.31.0.90 25128 17/06/2006 14:49:58 NETNT.DLL : 6.32.0.0 6696 17/06/2006 14:50:02 NETNW.DLL : 6.32.0.0 9768 17/06/2006 14:50:02 RCIMAGE.DLL : 7.0.0.71 1642536 17/06/2006 14:50:05 RCTEXT.DLL : 7.0.0.75 77864 17/06/2006 14:50:05 Configuration settings for the scan: Jobname: '%s'.................: Manual Selection Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp Boot sectors..................: A,C,D,E,F Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004, Macro heuristic...............: 1 File heuristic................: 3 Primary action................: 1 Secondary action..............: 0 Start of the scan: samedi 17 juin 2006 17:44 The scan over running processes will be started 12 Processes was scanned Start scanning boot sectors: Boot sector 'A:\' [NOTE] In the drive 'A:\' no data medium is inserted! Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 36 files ). Starting the file scan: The path A:\ could not be found! Le périphérique n'est pas prêt. C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp [WARNING] The file could not be opened! C:\Documents and Settings\Default User\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: SouthTrust <custservice_id_9166766141648@southt][subject: Important information from SouthTrust Bank bill]30.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]40.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.Q.13 --> Mailbox_[From: SouthTrust Bank <custservice_id_48100590534202@][subject: SOUTHTRUST BANK: PLEASE CONFIRM YOUR INTERNET B]44.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: berrard.j.jacques@wanodoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]48.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: guy.chuiton@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]96.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: athletisme.stade-villeneuvois@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]102.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: shaista@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]110.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: saintagnant.athle@9online.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]134.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SOUTHTRUST <supprefnum607312390020@southtrust.c][subject: URGENT SECURITY NOTIFICATION]142.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: ldeseynes@aol.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]162.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]164.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> file0.mim [3] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: je.suis.un.canard@caramail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]168.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: vivipiv@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]176.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SouthTrust <custservice_id_0559853510@southtrus][subject: SOUTHTRUST BANK - SECURITY UPDATE]184.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: waly108@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]372.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ligue.athle.guyane@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]402.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: michelmag2@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]406.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl [WARNING] The file was ignored! C:\Documents and Settings\Default User\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: SouthTrust Bank <custservice_id_980620@southtru][subject: SouthTrust Bank security maintenance]26.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: andre.duval10@wanadoo.fr][subject: Re: document]28.mim [DETECTION] Contains signature of the worm WORM/Netsky.X [1] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.X --> Mailbox_[From: SouthTrust Bank <custservice_578127576@southtru][subject: SouthTrust Bank - Urgent Security Notice [sat, ]30.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]86.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.Q.13 --> Mailbox_[From: SouthTrust <custservice_id_9166766141648@southt][subject: Important information from SouthTrust Bank bill]90.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: SouthTrust Bank <custservice_id_48100590534202@][subject: SOUTHTRUST BANK: PLEASE CONFIRM YOUR INTERNET B]98.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: berrard.j.jacques@wanodoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]114.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: athletisme.stade-villeneuvois@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]156.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: guy.chuiton@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]158.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: shaista@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]170.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SOUTHTRUST <supprefnum607312390020@southtrust.c][subject: URGENT SECURITY NOTIFICATION]190.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: saintagnant.athle@9online.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]200.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ldeseynes@aol.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]216.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]220.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> file0.mim [3] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: je.suis.un.canard@caramail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]222.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: vivipiv@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]234.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SouthTrust <custservice_id_0559853510@southtrus][subject: SOUTHTRUST BANK - SECURITY UPDATE]260.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: waly108@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]450.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ligue.athle.guyane@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]480.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: michelmag2@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]490.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl [WARNING] The file was ignored! C:\Documents and Settings\Propriétaire\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Propriétaire\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: SouthTrust <custservice_id_9166766141648@southt][subject: Important information from SouthTrust Bank bill]30.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]40.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.Q.13 --> Mailbox_[From: SouthTrust Bank <custservice_id_48100590534202@][subject: SOUTHTRUST BANK: PLEASE CONFIRM YOUR INTERNET B]44.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: berrard.j.jacques@wanodoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]48.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: guy.chuiton@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]96.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: athletisme.stade-villeneuvois@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]102.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: shaista@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]110.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: saintagnant.athle@9online.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]134.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SOUTHTRUST <supprefnum607312390020@southtrust.c][subject: URGENT SECURITY NOTIFICATION]142.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: ldeseynes@aol.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]162.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]164.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> file0.mim [3] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: je.suis.un.canard@caramail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]168.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: vivipiv@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]176.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SouthTrust <custservice_id_0559853510@southtrus][subject: SOUTHTRUST BANK - SECURITY UPDATE]184.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: waly108@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]372.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ligue.athle.guyane@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]402.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: michelmag2@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]406.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: extincteur@hotmail.com][subject: Mail Delivery (failure w.widendaele@tiscali.fr)]416.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> message.scr [DETECTION] Contains signature of the worm WORM/NetSky.P --> Mailbox_[From: tmadisclaire@wanadoo.fr][subject: Mail Delivery (failure w.widendaele@tiscali.fr)]418.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> message.scr [DETECTION] Contains signature of the worm WORM/NetSky.P --> Mailbox_[From: support@symantec.com][subject: Re: Virus Sample]420.mim [1] Archive type: MIME --> signature.zip [DETECTION] Contains signature of the worm WORM/NetSky.P [2] Archive type: ZIP --> details.txt .pif [DETECTION] Contains signature of the worm WORM/NetSky.P --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]596.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: robert.dedieu@free.fr][subject: Re: Your bill]686.mim [1] Archive type: MIME --> your_bill.pif [DETECTION] Contains signature of the worm WORM/Netsky.K --> Mailbox_[From: info@adc-soft.com][subject: smtp mail failed]764.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: hostmaster@cegetel.net][subject: Mail delivery failed]772.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]782.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: info@presence-pc.com][subject: Mail delivery failed]786.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: postman@semimarathon-lille.com][subject: Your_Password]800.mim [1] Archive type: MIME --> reg_pass.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: modeste04a@infonie.fr][subject: hi,_ive_a_new_mail_address]820.mim [1] Archive type: MIME --> mailtext.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: info@fr.ibm.com][subject: Paris Hilton & Nicole Richie]830.mim [1] Archive type: MIME --> downloadm.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: office@wanadoo.fr][subject: Paris Hilton & Nicole Richie]858.mim [1] Archive type: MIME --> downloadm.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: Mail@fbi.gov][subject: You visit illegal websites]862.mim [1] Archive type: MIME --> question_list.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]864.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]880.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: info@freesbee.fr][subject: Mail delivery failed]890.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]892.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]910.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Alsg.jpcabret" <alsg.jpcabret@wanadoo.fr>][subject: Registration is accepted]1254.mim [1] Archive type: MIME --> zupd02.zip [2] Archive type: ZIP --> tjzxtsl.exe [DETECTION] Contains signature of the worm WORM/Bagle.FH --> Mailbox_[From: "VISA Service" <VisaService@visa.com>][subject: Attention! Several VISA Credit Card bases have ]1360.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/VisaFraud.B [1] Archive type: MIME --> file0.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/VisaFraud.B --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]1628.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: CitiBusiness Security Staff <securitystaff@citi][subject: CitiBusiness department banking software change]1666.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfrau.Z1 [1] Archive type: MIME --> file0.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfrau.Z1 --> cblogo.gif [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfr.Z1.A --> citilogo.gif [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfr.Z1.B --> Mailbox_[From: MidAmerica Bank <pw-conf@midamerica.com>][subject: Update account information]2670.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [1] Archive type: MIME --> file1.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A --> Mailbox_[From: MidAmerica Bank <aw-conf@midamerica.com>][subject: Security Measures]2674.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [1] Archive type: MIME --> file1.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [WARNING] The file was ignored! C:\Documents and Settings\Propriétaire\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]194.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: robert.dedieu@free.fr][subject: Re: Your bill]276.mim [1] Archive type: MIME --> your_bill.pif [DETECTION] Contains signature of the worm WORM/Netsky.K --> Mailbox_[From: info@adc-soft.com][subject: smtp mail failed]352.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: hostmaster@cegetel.net][subject: Mail delivery failed]356.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]382.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: info@presence-pc.com][subject: Mail delivery failed]390.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: postman@semimarathon-lille.com][subject: Your_Password]402.mim [1] Archive type: MIME --> reg_pass.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: modeste04a@infonie.fr][subject: hi,_ive_a_new_mail_address]416.mim [1] Archive type: MIME --> mailtext.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: info@fr.ibm.com][subject: Paris Hilton & Nicole Richie]422.mim [1] Archive type: MIME --> downloadm.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: office@wanadoo.fr][subject: Paris Hilton & Nicole Richie]452.mim [1] Archive type: MIME --> downloadm.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: Mail@fbi.gov][subject: You visit illegal websites]456.mim [1] Archive type: MIME --> question_list.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]458.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]478.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: info@freesbee.fr][subject: Mail delivery failed]484.mim [1] Archive type: MIME --> mail_body.zip [DETECTION] Contains signature of the worm WORM/Sober.Y [2] Archive type: ZIP --> File-packed_dataInfo.exe [DETECTION] Contains signature of the worm WORM/Sober.Y --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]486.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]504.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: "Alsg.jpcabret" <alsg.jpcabret@wanadoo.fr>][subject: Registration is accepted]874.mim [1] Archive type: MIME --> zupd02.zip [2] Archive type: ZIP --> tjzxtsl.exe [DETECTION] Contains signature of the worm WORM/Bagle.FH --> Mailbox_[From: "VISA Service" <VisaService@visa.com>][subject: Attention! Several VISA Credit Card bases have ]978.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/VisaFraud.B [1] Archive type: MIME --> file0.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/VisaFraud.B --> Mailbox_[From: "Andrew Smith" <andrew1996@yahoo.com> ][subject: 123 ]1248.mim [1] Archive type: MIME --> PlayGirls2.exe [DETECTION] Contains signature of the worm WORM/Maslan.A.2 --> Mailbox_[From: CitiBusiness Security Staff <securitystaff@citi][subject: CitiBusiness department banking software change]1296.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfrau.Z1 [1] Archive type: MIME --> file0.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfrau.Z1 --> cblogo.gif [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfr.Z1.A --> citilogo.gif [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/CitiBkfr.Z1.B --> Mailbox_[From: MidAmerica Bank <pw-conf@midamerica.com>][subject: Update account information]2274.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [1] Archive type: MIME --> file1.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A --> Mailbox_[From: MidAmerica Bank <aw-conf@midamerica.com>][subject: Security Measures]2306.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [1] Archive type: MIME --> file1.html [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/Midamerica.A [WARNING] The file was ignored! C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\WINDOWS\zipo0.txt [DETECTION] Contains signature of the worm WORM/NetSky.Q.3 [iNFO] The file was deleted! C:\WINDOWS\zipo1.txt [DETECTION] Contains signature of the worm WORM/NetSky.Q.4 [iNFO] The file was deleted! C:\WINDOWS\zipo2.txt [DETECTION] Contains signature of the worm WORM/NetSky.Q.5 [iNFO] The file was deleted! C:\WINDOWS\zipo3.txt [DETECTION] Contains signature of the worm WORM/NetSky.Q.5 [iNFO] The file was deleted! C:\WINDOWS\system32\EGDACCESS.dll [DETECTION] Contains signature of the dial-up program DIAL/301999 [iNFO] The file was deleted! C:\WINDOWS\system32\EGDACCESS_1055.dll [DETECTION] Contains signature of the dial-up program DIAL/61440.A [iNFO] The file was deleted! C:\WINDOWS\system32\EGDACCESS_1057.dll [DETECTION] Contains signature of the dial-up program DIAL/301999 [iNFO] The file was deleted! C:\WINDOWS\system32\osconfig.dll [DETECTION] Contains signature of the SPR/MarketScode.C program [iNFO] The file was deleted! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Inbox [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: SouthTrust <custservice_id_9166766141648@southt][subject: Important information from SouthTrust Bank bill]30.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]40.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.Q.13 --> Mailbox_[From: SouthTrust Bank <custservice_id_48100590534202@][subject: SOUTHTRUST BANK: PLEASE CONFIRM YOUR INTERNET B]44.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: berrard.j.jacques@wanodoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]48.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: guy.chuiton@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]96.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: athletisme.stade-villeneuvois@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]102.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: shaista@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]110.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: saintagnant.athle@9online.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]134.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SOUTHTRUST <supprefnum607312390020@southtrust.c][subject: URGENT SECURITY NOTIFICATION]142.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: ldeseynes@aol.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]162.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]164.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> file0.mim [3] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: je.suis.un.canard@caramail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]168.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: vivipiv@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]176.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SouthTrust <custservice_id_0559853510@southtrus][subject: SOUTHTRUST BANK - SECURITY UPDATE]184.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: waly108@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]372.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ligue.athle.guyane@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]402.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: michelmag2@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]406.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl [WARNING] The file was ignored! C:\WINDOWS\system32\config\systemprofile\Application Data\Thunderbird\Profiles\t0sn79qj.default\Mail\Local Folders\Trash [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[From: SouthTrust Bank <custservice_id_980620@southtru][subject: SouthTrust Bank security maintenance]26.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: andre.duval10@wanadoo.fr][subject: Re: document]28.mim [DETECTION] Contains signature of the worm WORM/Netsky.X [1] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.X --> Mailbox_[From: SouthTrust Bank <custservice_578127576@southtru][subject: SouthTrust Bank - Urgent Security Notice [sat, ]30.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]86.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> document.pif [DETECTION] Contains signature of the worm WORM/NetSky.Q.13 --> Mailbox_[From: SouthTrust <custservice_id_9166766141648@southt][subject: Important information from SouthTrust Bank bill]90.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: SouthTrust Bank <custservice_id_48100590534202@][subject: SOUTHTRUST BANK: PLEASE CONFIRM YOUR INTERNET B]98.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: berrard.j.jacques@wanodoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]114.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: athletisme.stade-villeneuvois@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]156.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: guy.chuiton@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]158.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: shaista@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]170.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SOUTHTRUST <supprefnum607312390020@southtrust.c][subject: URGENT SECURITY NOTIFICATION]190.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: saintagnant.athle@9online.fr][subject: [avast! - INFECTED] Mail Delivery (failure wi]200.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ldeseynes@aol.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]216.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: MAILER-DAEMON@wanadoo.fr (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]220.mim [1] Archive type: MIME --> file2.mim [2] Archive type: MIME --> file0.mim [3] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: je.suis.un.canard@caramail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]222.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: vivipiv@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]234.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: SouthTrust <custservice_id_0559853510@southtrus][subject: SOUTHTRUST BANK - SECURITY UPDATE]260.mim [DETECTION] Enthält Signatur der Phish-Datei/Email PHISH/SunBkfraud.G --> Mailbox_[From: waly108@hotmail.com][subject: [avast! - INFECTED] Mail Delivery (failure w.]450.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: ligue.athle.guyane@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]480.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl --> Mailbox_[From: michelmag2@wanadoo.fr][subject: [avast! - INFECTED] Mail Delivery (failure w.]490.mim [1] Archive type: MIME --> file0.mim [2] Archive type: MIME --> file1.html [DETECTION] Contains signature of the worm WORM/NetSky.P.Expl [WARNING] The file was ignored! C:\WINDOWS\system32\P2P Networking\P2P Networking.exe [DETECTION] Contains suspicious code HEUR/Trojan.Keylogger [iNFO] The file was deleted! The path E:\ could not be found! Le périphérique n'est pas prêt. The path F:\ could not be found! Le périphérique n'est pas prêt. End of the scan: samedi 17 juin 2006 21:08 Used time: 3:23:33 min The scan has been done completely. 8168 Scanning directories 372779 Files were scanned 182 viruses and/or unwanted programs was found 9 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 24015 Archives were scanned 22 Warnings 0 Notes Pendant le scan, il est tombé sur bocou de mails (Y'A KE CA EN FAIT! LOL!!) ki lui était impossible à réparer ou supprimer, comment faire pour les traiter? Logfile of HijackThis v1.99.1 Scan saved at 23:14:59, on 17/06/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\USB Storage RW\shwicon.exe C:\HP\KBD\KBD.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\VERITAS Software\Update Manager\sgtray.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\vsnpstd.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Advanced Messenger Plus\AdvMsg.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\hp center\137903\Program\BackWeb-137903.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe C:\Program Files\OpenOffice.org1.1.5\program\soffice.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr7.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr7.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr7.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr7.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr7.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\quickstart.exe O4 - Global Startup: Advanced Messenger Plus.lnk = C:\Program Files\Advanced Messenger Plus\AdvMsg.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe Voila c'est fait, bon courage merci d'avance!

pour l'instant non mais au cas où, je sais à ki m'adresser... merci encore bye bruce!!!!

Non ça ira, je trouvai ça plus bizarre ke dérangeant

ok bin pas de purge alors si le temps est normal merci bruce bon w-e à + tard

le temps de redémarrage te semble long?

re Bruce! un problème? heu ouais je sais pas trop en fait... le problème du redémarrage, il me semble ossi long k'avant. en gros entre le moment où je clike sur redémarrer et le moment où il revient sur l'écran du Bureau, il s'écoule au moins 2 min 30. Je sais pas si c'est bon comme temps mais juste avant ke Windows se lance tu as l'écran de la marque du PC "FUJITSU", celui-ci reste au moins 1 min 15 sans k'il ne se passe pas grand choz... C'est peut-être normal en fait... Voila à +

Salut bruce! Me revoila, j'ai suivi ta procédure mais j'ai 2 p'tits "problèmes": I/ à l'étape 5 sur hijackthis, il manquait 2 lignes à cocher: O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s II/ à l'étape 7, je n'avais pas le dossier " NewDotNet" à supprimer dans Program Files Sinon "EGCOMLIB_1035.dll" ne s'affiche plus plus juste après avoir démarrer, c'est cool! Et voila le rapport d'analyse d'Ewido et le new log hijack: --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 22:19:12, 11/05/2006 + Somme de contrôle: AF25B3D1 + Résultats du scan: C:\Documents and Settings\NANA\Cookies\tofine@com[2].txt -> TrackingCookie.Com : Nettoyer et sauvegarder C:\Documents and Settings\NANA\Cookies\tofine@download.com[2].txt -> TrackingCookie.Com : Nettoyer et sauvegarder C:\Documents and Settings\NANA\Cookies\tofine@goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyer et sauvegarder C:\Documents and Settings\NANA\Local Settings\Temporary Internet Files\Content.IE5\9IGN44BL\saveupdate[1].exe/Save.exe -> Adware.SaveNow : Nettoyer et sauvegarder C:\Documents and Settings\NANA\Local Settings\Temporary Internet Files\Content.IE5\9IGN44BL\saveupdate[1].exe/SaveUninst.exe -> Adware.SaveNow : Nettoyer et sauvegarder C:\Documents and Settings\NANA\Local Settings\Temporary Internet Files\Content.IE5\9IGN44BL\saveupdate[1].exe/Save.exe -> Adware.SaveNow : Nettoyer et sauvegarder C:\Documents and Settings\NANA\Local Settings\Temporary Internet Files\Content.IE5\9IGN44BL\saveupdate[1].exe/SaveUninst.exe -> Adware.SaveNow : Nettoyer et sauvegarder :mozilla.18:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder :mozilla.19:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder :mozilla.20:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder :mozilla.21:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder :mozilla.24:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder :mozilla.25:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.26:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.27:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.28:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.29:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.30:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.31:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.39:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.40:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.42:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.43:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.44:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.45:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.46:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.47:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.48:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.49:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.50:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.51:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.82:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder :mozilla.145:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder :mozilla.146:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder :mozilla.147:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder :mozilla.149:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.150:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.151:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.152:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.153:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.158:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder :mozilla.159:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder :mozilla.178:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder :mozilla.188:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.189:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.190:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.191:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.192:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.236:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder :mozilla.237:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder :mozilla.238:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder :mozilla.242:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder :mozilla.243:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder :mozilla.244:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder :mozilla.245:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder :mozilla.246:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder :mozilla.247:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder :mozilla.249:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.250:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.252:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.253:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.264:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.265:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.266:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.267:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.268:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder :mozilla.285:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder :mozilla.286:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder :mozilla.287:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder :mozilla.342:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyer et sauvegarder :mozilla.343:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder :mozilla.344:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder :mozilla.345:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder :mozilla.348:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.349:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.354:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.355:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.381:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.382:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.383:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.390:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.392:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyer et sauvegarder :mozilla.393:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyer et sauvegarder :mozilla.401:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder :mozilla.414:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.426:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder :mozilla.427:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder :mozilla.458:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.459:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyer et sauvegarder :mozilla.460:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyer et sauvegarder :mozilla.475:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder :mozilla.476:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder :mozilla.477:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder :mozilla.523:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.538:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.540:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.541:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.553:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder :mozilla.653:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.704:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder :mozilla.705:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder :mozilla.706:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder :mozilla.707:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder :mozilla.726:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.745:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.763:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Ivwbox : Nettoyer et sauvegarder :mozilla.778:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyer et sauvegarder :mozilla.790:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.794:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyer et sauvegarder :mozilla.795:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyer et sauvegarder :mozilla.796:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.797:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.798:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.799:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.835:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder :mozilla.836:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder :mozilla.837:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Adocean : Nettoyer et sauvegarder :mozilla.838:C:\Documents and Settings\TOF\Application Data\Mozilla\Firefox\Profiles\snvvk4xa.default\cookies.txt -> TrackingCookie.Adocean : Nettoyer et sauvegarder C:\Documents and Settings\TOF\Cookies\tof@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\TOF\Cookies\tof@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\FP2002\bureau\PANDA\Qrv.krn -> Trojan.FormatC : Nettoyer et sauvegarder C:\Program Files\Fichiers communs\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Nettoyer et sauvegarder C:\Program Files\MediaLoads\v1\ML.exe -> Adware.DownloadWare : Nettoyer et sauvegarder C:\WINDOWS\NDNuninstall6_10.exe -> Adware.NewDotNet : Nettoyer et sauvegarder C:\WINDOWS\NDNuninstall6_22.exe -> Adware.NewDotNet : Nettoyer et sauvegarder C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Nettoyer et sauvegarder C:\WINDOWS\NDNuninstall6_90.exe -> Adware.NewDotNet : Nettoyer et sauvegarder C:\WINDOWS\NDNuninstall6_98.exe -> Adware.NewDotNet : Nettoyer et sauvegarder C:\WINDOWS\NDNuninstall7_14.exe -> Adware.NewDotNet : Nettoyer et sauvegarder C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Nettoyer et sauvegarder C:\WINDOWS\Temp\Adware\SaveNowInst.exe/SaveNow.exe -> Adware.SaveNow : Nettoyer et sauvegarder C:\WINDOWS\Temp\Adware\SaveNowInst.exe/SaveNow.exe -> Adware.SaveNow : Nettoyer et sauvegarder C:\WINDOWS\Temp\Brilliant\b3dsetup.exe -> Adware.BrilliantDigital : Nettoyer et sauvegarder ::Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 22:20:13, on 11/05/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\Explorer.EXE C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lycos.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\windows\system32\BhoECart.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O5 "LPT1:" /M "Stylus CX3200" O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe Voila merci à + tard bye!

salut gazo! Au fait, merci pour le problème d'Universys! a +

salut bruce! Une p'tite kestion? Pour Ewido, j'arrive pas à mettre à jour, ça vient de leur serveur ki est en remise à niveau. Je ne fais rien tant ke je ne l'ai pas fait ou ça n'a pas trop d'importance?

ok! Merci la fenêtre Universys c'est du passé! Mon FAI est Numéricable, ça a un rapport avec ça? Et comme tu me l'a demandé, je t'envoie ma nouvelle analyse. A plus tard... Logfile of HijackThis v1.99.1 Scan saved at 23:34:05, on 08/05/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\Ati2evxx.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\windows\system32\Ati2evxx.exe C:\windows\Explorer.EXE C:\ATI-CPanel\atiptaxx.exe C:\windows\SOUNDMAN.EXE C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\windows\system32\rundll32.exe C:\windows\system32\ctfmon.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\program files\valve\steam\steam.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe C:\windows\System32\svchost.exe C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe C:\Program Files\Netropa\Onscreen Display\OSD.exe C:\Program Files\Netropa\InetKb\Inetkb.exe C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lycos.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {021BB032-80A8-4FB6-B3D5-CF27B1553B95} - C:\WINDOWS\mslagent\4b_1,0,1,0_mslagent.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\windows\system32\BhoECart.dll O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O5 "LPT1:" /M "Stylus CX3200" O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [instant Access] rundll32.exe EGCOMLIB_1035.dll,InstantAccess O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_FR_XP.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://acces-direct.net/15671/MereDeFamille40a.exe O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} (MastaCash Loader Class) - http://dx.mastacash.com/loader.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {CEFB7B49-9652-464F-8AFD-A577C0500F39} - http://akamai.downloadv3.com/binaries/P2EC..._1011_FR_XP.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

Salut à tous!! J'ai 2 p'tits problèmes sur mon PC au démarrage. Le 1er: j'ai une fenêtre qui s'affiche "assistant de redémarrage" et qui me demande d'insèrer le CD d'installation rapide de Universys. J'ai essayé tous les CD que j'ai avec mon PC et aucun ne convient. Le 2ème: avec la fenêtre précédente, j'ai un message RUNDLL, "Erreur de chargement de EGCOMLIB_1035.dll". Je ne sais pas à quoi ça correspond. J'ai déja fait un pré-nettoyage à partir de votre site, un scan avec AntiVir en mode sans échec et un scan avec HijackThis dont le rapport est ci-dessous. Logfile of HijackThis v1.99.1 Scan saved at 15:58:19, on 08/05/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\Ati2evxx.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\windows\system32\Ati2evxx.exe C:\windows\Explorer.EXE C:\ATI-CPanel\atiptaxx.exe C:\windows\SOUNDMAN.EXE C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\windows\system32\rundll32.exe C:\windows\system32\ctfmon.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\program files\valve\steam\steam.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\windows\System32\svchost.exe C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe C:\Program Files\Netropa\Onscreen Display\OSD.exe C:\Program Files\Netropa\InetKb\Inetkb.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lycos.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {021BB032-80A8-4FB6-B3D5-CF27B1553B95} - C:\WINDOWS\mslagent\4b_1,0,1,0_mslagent.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\windows\system32\BhoECart.dll O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O5 "LPT1:" /M "Stylus CX3200" O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [instant Access] rundll32.exe EGCOMLIB_1035.dll,InstantAccess O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_FR_XP.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://acces-direct.net/15671/MereDeFamille40a.exe O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} (MastaCash Loader Class) - http://dx.mastacash.com/loader.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {CEFB7B49-9652-464F-8AFD-A577C0500F39} - http://akamai.downloadv3.com/binaries/P2EC..._1011_FR_XP.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe J'attends votre réponse, merci d'avance!!