mag77130

Bonjour, LE RAPPORT EST LE SUIVANT : Friday, September 29, 2006 9:29:17 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 29/09/2006 Enregistrements dans la base antivirus Kaspersky : 214312 Paramètres d'analyse Analyser avec la base antivirus suivante standard Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail C:\ D:\ Statistiques de l'analyse Total d'objets analysés 98787 Nombre de virus trouvés 0 Nombre d'objets infectés 0 / 0 Nombre d'objets suspects 0 Durée de l'analyse 01:53:57 Nom de l'objet infecté Nom du virus Dernière action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\call256.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\chat1024.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\chat2048.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\chat4096.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\chat512.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\chat8192.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\chatmsg1024.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\chatmsg2048.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\chatmsg256.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\chatmsg512.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\contactgroup256.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\index2.dat L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\message256.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\profile4096.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\transfer256.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\user1024.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\user256.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Application Data\Skype\bourdima\user4096.dbb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\infected.dat L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Logs\Dfsr.log L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\pending.dat L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_B6D_C1A_322F_9439\dfsr.db L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_B6D_C1A_322F_9439\fsr.log L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_B6D_C1A_322F_9439\fsrtmp.log L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_B6D_C1A_322F_9439\tmp.edb L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Windows Live Contacts\[email protected]\real\members.stg L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Application Data\Microsoft\Windows Live Contacts\[email protected]\shadow\members.stg L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Historique\History.IE5\MSHist012006092920060930\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Temp\~DFA026.tmp L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Temp\~DFA041.tmp L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Temp\~DFB342.tmp L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Temp\~DFB388.tmp L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\bourdille\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré C:\Program Files\HP\hpcoretech\hpcmerr.log L'objet est verrouillé ignoré C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP391\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\fwdbglog.txt L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\fwpktlog.txt L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\IAMDB.RDB L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\MAGALIE.ldb L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\tvDebug.log L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\Temp\Perflib_Perfdata_150.dat L'objet est verrouillé ignoré C:\WINDOWS\Temp\ZLT02036.TMP L'objet est verrouillé ignoré C:\WINDOWS\Temp\ZLT02039.TMP L'objet est verrouillé ignoré C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré Analyse terminée.

NOTE: le scan est a faire avec Internet Explorer

Re.. Voici les rapports... Merci de votre aide ogfile of HijackThis v1.99.1 Scan saved at 00:06:55, on 25/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\bourdille\Bureau\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\hphmon05.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\wlancfg.exe C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE C:\Program Files\Winamp\winampa.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Securite\ZoneAlarm\zlclient.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\bourdille\Bureau\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\WINDOWS\system32\svchost.exe C:\DOCUME~1\BOURDI~1\LOCALS~1\Temp\Répertoire temporaire 4 pour hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.cegetel.net/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Securite\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!ewido] "C:\Documents and Settings\bourdille\Bureau\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: Moniteur & Configuration.lnk = ? O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Program Files\Poker.com\poker.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q304&bd=pavilion&pf=laptop O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127515810062 O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37480.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Documents and Settings\bourdille\Bureau\ewido anti-spyware 4.0\guard.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 23:49:06 24/09/2006 + Scan result: C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc296.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). C:\Documents and Settings\bourdille\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc289.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc292.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc393.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc402.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc540.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc551.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc601.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc740.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc323.txt -> TrackingCookie.71i : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc571.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined). C:\Documents and Settings\bourdille\Cookies\bourdille@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc326.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc328.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). C:\Documents and Settings\bourdille\Cookies\bourdille@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc344.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc746.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). C:\Documents and Settings\bourdille\Cookies\bourdille@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc354.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc501.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc367.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc368.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc416.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc656.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc451.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc421.txt -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc603.txt -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined). C:\Documents and Settings\bourdille\Cookies\bourdille@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc428.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc748.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc442.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc340.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc341.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc448.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc435.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc436.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc484.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc502.txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc581.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined). C:\Documents and Settings\bourdille\Cookies\bourdille@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc534.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined). C:\Documents and Settings\Invité\Cookies\invité@banner.newyorkcasino[1].txt -> TrackingCookie.Newyorkcasino : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc591.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc395.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc408.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc407.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc320.txt -> TrackingCookie.Planetactive : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc321.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc593.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc566.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc360.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc582.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc419.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc714.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc592.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). C:\Documents and Settings\bourdille\Cookies\bourdille@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc611.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc622.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined). C:\Documents and Settings\bourdille\Cookies\bourdille@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc635.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc765.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc596.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc312.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc744.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1096116029-3805270727-313121708-1007\Dc734.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). ::Report end

Malheureusement non ma soeur s'en est occupé et elle l'a effacé mais d'après mon rapport la...ca nous en dit pas plus????

Bonjour, Mon pc rame énormément.........j'ai fait un pré - nettoyage et je vous fais parvenir le rapport Hijackthis pour que vous puissiez me dire si tout est normal ou si je dois faire quelque chose.... Merci pour votre aide Logfile of HijackThis v1.99.1 Scan saved at 18:10:05, on 24/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido\security suite\ewidoctrl.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\wlancfg.exe C:\WINDOWS\system32\hphmon05.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE C:\Program Files\Winamp\winampa.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Securite\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\WINDOWS\system32\msiexec.exe C:\DOCUME~1\BOURDI~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.cegetel.net/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2DAC4199-DB52-2E4E-C161-C8B9AB120DB3} - C:\DOCUME~1\BOURDI~1\APPLIC~1\CompPlan\Boob Frag.exe (file missing) O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [signCastOwnsAce] C:\Documents and Settings\All Users\Application Data\WMA BIND SIGN CAST\deletebore.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Securite\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ManagerMeet] C:\DOCUME~1\BOURDI~1\APPLIC~1\BINHTM~1\Download Regs.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: Moniteur & Configuration.lnk = ? O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Program Files\Poker.com\poker.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q304&bd=pavilion&pf=laptop O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127515810062 O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37480.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe