thylacine

Désolé pour la lenteur de ma réponse :s Voila sinon Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 12:00:04, on 14/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\hphmon06.exe C:\WINDOWS\system32\keyhook.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Mouse Driver\MouseDrv.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\iPod\bin\iPodService.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Batty\Batty.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Profiles\default\jlq74mit.slt\prefs.js) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Mouse Driver\MouseDrv.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: text/html - {994D478A-45D0-4DB4-AE27-738B1E346E99} - C:\Program Files\Batty\Batty.dll O20 - AppInit_DLLs: runner.dll,runner.dll,hidamhhe.dll,BattyRun.dll,,bnppeppa.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe BFU Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe" "HPHmon06"="C:\\WINDOWS\\system32\\hphmon06.exe" "Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE" "SiS Windows KeyHook"="C:\\WINDOWS\\system32\\keyhook.exe" "Reminder"="\"C:\\Windows\\Creator\\Remind_XP.exe\"" "WooCnxMon"="C:\\PROGRA~1\\Wanadoo\\CnxMon.exe" "WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe" "WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\TaskbarIcon.exe" "Microsoft Works Update Detection"="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Works Shared\\WkUFind.exe" "LVCOMS"="C:\\Program Files\\Fichiers communs\\Logitech\\QCDriver\\LVCOMS.EXE" "RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "CreativeMouse "="C:\\Program Files\\Mouse Driver\\MouseDrv.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_03\\bin\\jusched.exe" "HPHUPD06"="c:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphupd06.exe" "AlcxMonitor"="ALCXMNTR.EXE" "AGRSMMSG"="AGRSMMSG.exe" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "KBD"="C:\\HP\\KBD\\KBD.EXE" "PS2"="C:\\WINDOWS\\system32\\ps2.exe" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" "NeroFilterCheck"="C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe" "!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" Ewido et je viens de m'apercevoir que dans mon 1er scan avec Ewido j'avais pas fait "apply all actions", je suis un boulet -__- --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 11:32:57 14/07/2006 + Scan result: HKU\S-1-5-21-513454675-746167570-12481781-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Cleaned with backup (quarantined). C:\Downloads\amsn-0.95-windows-installer.exe -> Not-A-Virus.HackTool.Win32.Homac : Ignored. :mozilla.155:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.254:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.255:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.9:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Profiles\default\jlq74mit.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.225:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.226:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.170:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.171:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.187:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.207:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.159:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.172:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Com : Cleaned. :mozilla.174:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.175:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.176:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.10:C:\Documents and Settings\Emilie\Application Data\Mozilla\Firefox\Profiles\gs5sq3r2.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.141:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.8:C:\Documents and Settings\Didier\Application Data\Mozilla\Firefox\Profiles\chbaeayo.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.160:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.273:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.274:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. C:\Documents and Settings\HP_Propriétaire\Cookies\hp_proprié[email protected][2].txt -> TrackingCookie.Falkag : Cleaned. :mozilla.231:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.109:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.76:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.82:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.92:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.166:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned. :mozilla.289:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.290:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.291:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.292:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.190:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned. :mozilla.209:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. C:\Documents and Settings\HP_Propriétaire\Cookies\hp_proprié[email protected][1].txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.211:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.212:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.213:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.214:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.79:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.80:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.81:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.83:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.120:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.121:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.167:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@weborama[2].txt -> TrackingCookie.Weborama : Cleaned. :mozilla.232:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. C:\Documents and Settings\HP_Propriétaire\Cookies\hp_proprié[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned. ::Report end

voili voilou, je pense avoir bien désinstaller Norton mais j'suis pas trop sur :/ sinon voila les logs EWIDO --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 20:36:51 12/07/2006 + Scan result: C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\Tspd.dll -> Adware.Agent : No action taken. C:\Program Files\PSHope\PSHope.exe -> Adware.PurityScan : No action taken. HKU\S-1-5-21-513454675-746167570-12481781-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken. C:\Downloads\amsn-0.95-windows-installer.exe -> Not-A-Virus.HackTool.Win32.Homac : No action taken. :mozilla.153:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.247realmedia : No action taken. :mozilla.252:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.253:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.9:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Profiles\default\jlq74mit.slt\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.223:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Adserver : No action taken. :mozilla.224:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Adserver : No action taken. :mozilla.168:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Adtech : No action taken. :mozilla.169:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Adtech : No action taken. :mozilla.185:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.205:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Atdmt : No action taken. :mozilla.157:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken. :mozilla.170:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Com : No action taken. :mozilla.172:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Comclick : No action taken. :mozilla.173:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Comclick : No action taken. :mozilla.174:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Comclick : No action taken. :mozilla.10:C:\Documents and Settings\Emilie\Application Data\Mozilla\Firefox\Profiles\gs5sq3r2.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken. :mozilla.139:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken. :mozilla.8:C:\Documents and Settings\Didier\Application Data\Mozilla\Firefox\Profiles\chbaeayo.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken. :mozilla.158:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Estat : No action taken. :mozilla.271:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Euroclick : No action taken. :mozilla.272:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Euroclick : No action taken. :mozilla.229:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Fastclick : No action taken. :mozilla.107:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.73:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.79:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.90:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.164:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Ivwbox : No action taken. :mozilla.287:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.288:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.289:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.290:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.188:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Sexlist : No action taken. :mozilla.207:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken. C:\Documents and Settings\HP_Propriétaire\Cookies\hp_proprié[email protected][1].txt -> TrackingCookie.Smartadserver : No action taken. :mozilla.209:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.210:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.211:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.212:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.76:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.77:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.78:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.80:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.118:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Valueclick : No action taken. :mozilla.119:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Valueclick : No action taken. :mozilla.165:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Weborama : No action taken. C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@weborama[2].txt -> TrackingCookie.Weborama : No action taken. :mozilla.230:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0god2aep.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken. C:\Documents and Settings\HP_Propriétaire\Cookies\hp_proprié[email protected][1].txt -> TrackingCookie.Yieldmanager : No action taken. ::Report end BlackLight 07/12/06 20:48:02 [info]: BlackLight Engine 1.0.42 initialized 07/12/06 20:48:02 [info]: OS: 5.1 build 2600 (Service Pack 2) 07/12/06 20:48:03 [Note]: 7019 4 07/12/06 20:48:03 [Note]: 7005 0 07/12/06 20:48:09 [Note]: 7006 0 07/12/06 20:48:09 [Note]: 7011 492 07/12/06 20:48:09 [Note]: 7026 0 07/12/06 20:48:09 [Note]: 7026 0 07/12/06 20:48:12 [Note]: FSRAW library version 1.7.1019 07/12/06 20:53:50 [Note]: 7006 0 07/12/06 20:53:50 [Note]: 7011 492 07/12/06 20:53:50 [Note]: 7026 0 07/12/06 20:53:50 [Note]: 7026 0 07/12/06 20:53:54 [Note]: FSRAW library version 1.7.1019 07/12/06 20:59:07 [Note]: 7007 0 HJT Logfile of HijackThis v1.99.1 Scan saved at 21:04:57, on 12/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\hphmon06.exe C:\Program Files\Batty\Batty.exe C:\WINDOWS\system32\keyhook.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Mouse Driver\MouseDrv.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\AGRSMMSG.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Profiles\default\jlq74mit.slt\prefs.js) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Mouse Driver\MouseDrv.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/binaries/IA/...svc32_FR_XP.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: text/html - {994D478A-45D0-4DB4-AE27-738B1E346E99} - C:\Program Files\Batty\Batty.dll O20 - AppInit_DLLs: runner.dll,runner.dll,hidamhhe.dll,BattyRun.dll,,bnppeppa.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Merci bien Régis ! Je ferais ça demain en fin d'après-midi en rentrant du taf par contre :/ Donc à demain avec les log ewido, Blacklight et un nouveau rapport HJT

Voila je viens ici pour me repentir de mes exactions ^^...J'ai en effet usé (et même abusé) de p2p avant de voir votre petit tuto sur ce sujet...J'ai donc décider d'arréter avec ces bétises là. En ayant utilisé ce genre de programmes et surtout en ayant vu les conséquences que ça avait sur un pc, je pense donc avoir quelques petits soucis au niveau des malwares sur mon pc.... De plus mon frère (de 15 ans) utilise la même session que moi sur le pc donc peut-etre aurait-il lui aussi commis quelques petites fautes. J'ai donc suivi la procédure indiquée par Mégataupe, et j'ai même fait un scan avec avast en plus (on est jamais trop prudent finalement ^^). Voici donc mon log HiJackThis, merci d'y jeter un petit coup d'oeil et de me dire si éventuellement mon pc est infésté de petites bébetes pas très sympathiques....Et promis, j'arrete la mule & co Et aussi, je trouve que j'ai bcp de processus qui se lance au démarrage et comme je suis une buse en informatique, si vous pouviez m'aider à faire le "tri" ça serait vraiment génial de votre part Logfile of HijackThis v1.99.1 Scan saved at 21:58:38, on 11/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\hphmon06.exe C:\WINDOWS\system32\keyhook.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Mouse Driver\MouseDrv.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\AGRSMMSG.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Batty\Batty.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\PSHope\PSHope.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Profiles\default\jlq74mit.slt\prefs.js) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Mouse Driver\MouseDrv.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [bqdkgsy] c:\windows\system32\bqdkgsy.exe bqdkgsy O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [RefreshLock] C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\Rar$EX04.516\RefreshLock.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKCU\..\Run: [EQBranch] "C:\Program Files\EQBranch\EQBranch.exe" O4 - HKCU\..\Run: [AXVenore] "C:\Program Files\AXVenore\AXVenore.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PSHope] "C:\Program Files\PSHope\PSHope.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/binaries/IA/...svc32_FR_XP.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: text/html - {994D478A-45D0-4DB4-AE27-738B1E346E99} - C:\Program Files\Batty\Batty.dll O20 - AppInit_DLLs: runner.dll,runner.dll,hidamhhe.dll,BattyRun.dll, O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe