claravik

Bonjour à tous, Voilas deux mois, qu'un ami m'a fait le plaisir de me donner son Pc Mais je viens de m'apercevoir que le disque dur est en deux sessions(et plein d'autre chose!!!). J'aimerai simplement n'en faire qu'une. Mais comment? Merci d'avance pour vos réponses

Bonjour Mirware! Actuellement, j'ai CDBurner XP, J'avais Nero mais il y avait ce problème. Bref dois-je en essayer d'autres? Sinon, est-il possible que je n'ai pas assez de place disponible sur mon diskC... 15'5GB? Alors que je vois en D) 70GB!!! Comment les refusionés? Merci @+

Re bonjour, j'ai peut etre, une autre piste. En regardant sur le net (je ne sais plus quel forum) une personne conseil ceci : Il a déjà été constaté des conflits entre lecteurs et graveurs, graveurs et graveurs,... Ces conflits sont quelques fois solvables en mettant à jour firmware, en modifiant l'ordre des branchements IDE (maitre-esclave), mais hélas aussi en ne branchant plus ces périphériques. Qu'en pensez-vous? Si la piste est raisonnable, Comment mettre à jour ce fameux firmware et modifier l'IDE? En espérant une réponse Merci

Bonjour, ça ne fonctionne toujours pas... que faire? Changer de graveur? L'ancien proprietaire du PC, la déjà fait, mais il a fallu reformater @+

AH oui effectivement , maintenant c'est en rouge!!!!! Merci je poursuis...

Bonjour, Oui en effet XP est en Anglais, mais cela n'explique pas pourquoi je ne trouve pas ce fameux IMAPI CD-Burning COM ,Service, la traduction est un chouilla prés la meme. Il doit bien avoir une explication Non? @+

Merci pour la réponse rapide mais, rien ne se passe comme prévu : je n'ai pas trouvé, meme en partie: Service Com de gravure CD IMAPI" Je colle ce que j'ai, peut etre suis-je bigleuse? Name Description Status Startup Type Log On As .NET Runtime Optimization Service v2.0.50727_X86 Microsoft .NET Framework NGEN Manual Local System Alerter Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local Service AntiVir PersonalEdition Classic Guard Offers permanent protection against viruses and malware with the AntiVir search engine. Started Automatic Local System AntiVir PersonalEdition Classic Scheduler Service to schedule AntiVir jobs and updates. Started Automatic Local System Application Layer Gateway Service Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall. Started Manual Local Service Application Management Provides software installation services such as Assign, Publish, and Remove. Manual Local System ASP.NET State Service Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Network Service Automatic Updates Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. Started Automatic Local System Background Intelligent Transfer Service Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly. Started Automatic Local System C-DillaCdaC11BA Started Automatic Local System ClipBook Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System COM+ Event System Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start. Started Manual Local System COM+ System Application Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System Computer Browser Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. Automatic Local System Cryptographic Services Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System DCOM Server Process Launcher Provides launch functionality for DCOM services. Started Automatic Local System DHCP Client Manages network configuration by registering and updating IP addresses and DNS names. Started Automatic Local System Distributed Link Tracking Client Maintains links between NTFS files within a computer or across computers in a network domain. Started Automatic Local System Distributed Transaction Coordinator Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Network Service DNS Client Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Network Service Error Reporting Service Allows error reporting for services and applictions running in non-standard environments. Started Automatic Local System Event Log Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped. Started Automatic Local System Fast User Switching Compatibility Provides management for applications that require assistance in a multiple user environment. Started Manual Local System France Telecom Routing Table Service Allow protected access to routing table Started Automatic Local System Google Updater Service Manual Local System GoogleDesktopManager Manual Local System Help and Support Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System HTTP SSL This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System Human Interface Device Access Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System IMAPI CD-Burning COM Service Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System Indexing Service Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language. Manual Local System InstallDriver Table Manager Provides support for the Running Object Table for InstallShield Drivers Manual Local System IPSEC Services Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. Started Automatic Local System Logical Disk Manager Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System Logical Disk Manager Administrative Service Configures hard disk drives and volumes. The service only runs for configuration processes and then stops. Manual Local System Messenger Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System Messenger Sharing Folders USN Journal Reader service Service installed by Messenger to enable sharing scenarios Manual Local System MS Software Shadow Copy Provider Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System Net Logon Supports pass-through authentication of account logon events for computers in a domain. Manual Local System NetMeeting Remote Desktop Sharing Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System Network Connections Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections. Started Manual Local System Network DDE Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System Network DDE DSDM Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System Network Location Awareness (NLA) Collects and stores network configuration and location information, and notifies applications when this information changes. Started Manual Local System Network Provisioning Service Manages XML configuration files on a domain basis for automatic network provisioning. Manual Local System NT LM Security Support Provider Provides security to remote procedure call (RPC) programs that use transports other than named pipes. Manual Local System NVIDIA Display Driver Service Provides system and desktop level support to the NVIDIA display driver Started Automatic Local System O&O Defrag 2000 Automatic Local System Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Network Service Plug and Play Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. Started Automatic Local System Pml Driver HPZ12 Manual Local System Portable Media Serial Number Service Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device. Manual Local System Print Spooler Loads files to memory for later printing. Started Automatic Local System Protected Storage Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. Started Automatic Local System QoS RSVP Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets. Manual Local System Remote Access Auto Connection Manager Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address. Manual Local System Remote Access Connection Manager Creates a network connection. Started Manual Local System Remote Desktop Help Session Manager Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box. Manual Local System Remote Procedure Call (RPC) Provides the endpoint mapper and other miscellaneous RPC services. Started Automatic Network Service Remote Procedure Call (RPC) Locator Manages the RPC name service database. Manual Network Service Remote Registry Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service Removable Storage Manual Local System Routing and Remote Access Offers routing services to businesses in local area and wide area network environments. Disabled Local System Secondary Logon Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System Security Accounts Manager Stores security information for local user accounts. Started Automatic Local System Security Center Monitors system security settings and configurations. Started Automatic Local System Server Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System Shell Hardware Detection Provides notifications for AutoPlay hardware events. Started Automatic Local System Smart Card Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local Service SSDP Discovery Service Enables discovery of UPnP devices on your home network. Started Manual Local Service System Event Notification Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. Started Automatic Local System System Restore Service Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties Started Automatic Local System Task Scheduler Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System TCP/IP NetBIOS Helper Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. Started Automatic Local Service Telephony Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service. Started Manual Local System Telnet Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System Terminal Services Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server. Started Manual Local System Themes Provides user experience theme management. Started Automatic Local System Uninterruptible Power Supply Manages an uninterruptible power supply (UPS) connected to the computer. Manual Local System Universal Plug and Play Device Host Provides support to host Universal Plug and Play devices. Manual Local Service Volume Shadow Copy Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System WebClient Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service Windows Audio Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System Windows Driver Foundation - User-mode Driver Framework Manages user-mode driver host processes Manual Local System Windows Firewall/Internet Connection Sharing (ICS) Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. Started Automatic Local System Windows Image Acquisition (WIA) Provides image acquisition services for scanners and cameras. Started Automatic Local System Windows Installer Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System Windows Management Instrumentation Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System Windows Management Instrumentation Driver Extensions Provides systems management information to and from drivers. Manual Local System Windows Media Player Network Sharing Service Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play Manual Network Service Windows Time Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System Wireless Zero Configuration Provides automatic configuration for the 802.11 adapters Automatic Local System WMI Performance Adapter Provides performance library information from WMI HiPerf providers. Manual Local System Workstation Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System Voilou, si vous avez une idée et le temps ne vous génez pas Merci encore

Re bonjour à tous, En regardant sur Télécharger.com, j'ai vu un article fort intéressant et qui semblait résoudre mon problème : [b]Windows XP : neutraliser l'outil de gravure [/b] Windows XP intègre un module de gravure. Or si vous utilisez un autre logiciel, comme Nero ou Easy CD Creator pour réaliser vos CD, ce module risque de vous gêner, voire de provoquer des conflits. Pour éviter ce genre de problème, désactivez l'outil de gravure de Windows XP en modifiant une clé du Registre. ET justement , j'ai installé Nero et Cool edit pro (pour ma radio) Pour cela, cliquez sur Démarrer, Exécuter. Tapez regedit puis validez par Entrée. Ouvrez successivement les clés HKEY_LOCAL_MACHINE(,là je n’ai pas machine,) mais bon j'ai quand meme : SOFTWARE, Microsoft, Windows, CurrentVersion, Policies, Explorer.A partir de là , rien ne va plus, il n’ya pas édition, etc,,mais sur le panneau à coté j’ai :ab default REG SZ ( value not set) Bon je met la suite pour ceux que ça intéresse i. Déroulez ensuite le menu Edition, Nouveau, Valeur DWORD. Tapez NoCDBurning et appuyez sur la touche Entrée. Double-cliquez ensuite sur cette valeur pour la modifier, puis tapez 1 dans le champ Données de la valeur. Validez par OK avant de fermer l' Editeur du Registre. Enfin, redémarrez l'ordinateur pour désactiver le module de gravure de Windows XP. Qu'en pensez vous? J'espère une réponse, merci

Bonjour Pat015, Sorry, pour le manque de détail, mais j'ai rectifié le tir,dans le message plus haut et dans mon profil bien sure LECTEURS CD/DVD SAMSUNG DVD-ROM SD-616F F102 (DVD-ROM) Pour le reste rien ne fonctionne,mais je vais recommencer au cas où, car je n'ai pas eu le moindre message d'erreur. Vous me demandiez quelle est mon SE: J'avoue ne pas savoir de quoi il s'agit! Une arachide japonaise? @+

Bonjour, Voici la configuration du Pc que l'on m'a donner il y a 2 mois: Windows XP Professionnel (build 2600) Service Pack 2 Navigateur web par défaut: Orange Web Client e-mail par défaut: Mozilla Thunderbird RÉSUMÉ DE VOTRE CONFIGURATION Processeur : AMD Sempron Processor 3000+ (1603Mhz) (L1: 128ko L2: 256ko ) Carte mère : SMBios version 2.4 Packard Bell BV M2N-NVM 1.XX Bios: Phoenix Technologies, LTD M2N-NVM 0301 06/01/2006 taille: 512Kb Chipset : Northbridge: AMD-8131 Southbridge: NVIDIA nForce 410/430 (MCP51) Mémoire : Barette de 256 Mo 533 Mhz None mémoire windows (cette valeur ne correspond pas exactement à la mémoire totale physique): 222Mo Disque(s) dur(s) : ST3120213A (111.79Go) PÉRIPHÉRIQUES IDE ST3120213A 3.AAE (ATA, 111.79 Go, tampon: 2 Mo) LECTEURS CD/DVD SAMSUNG DVD-ROM SD-616F F102 (DVD-ROM) CARTES PCI/AGP Stockage nVidia Corporation:MCP51 IDE nVidia Corporation:MCP51 Serial ATA Controller Affichage nVidia Corporation:C51 [GeForce 6150 LE] Multimedia nVidia Corporation:MCP51 High Definition Audio Mémoires nVidia Corporation:C51 Host Bridge nVidia Corporation:C51 Memory Controller 0 nVidia Corporation:C51 Memory Controller 1 nVidia Corporation:C51 Memory Controller 5 nVidia Corporation:C51 Memory Controller 4 nVidia Corporation:C51 Host Bridge nVidia Corporation:C51 Memory Controller 3 nVidia Corporation:C51 Memory Controller 2 nVidia Corporation:MCP51 Host Bridge nVidia Corporation:MCP51 Memory Controller 0 Ponts nVidia Corporation:C51 PCI Express Bridge: C51 PCI Express Bridge nVidia Corporation:C51 PCI Express Bridge: C51 PCI Express Bridge nVidia Corporation:C51 PCI Express Bridge: C51 PCI Express Bridge nVidia Corporation:MCP51 LPC Bridge nVidia Corporation:MCP51 PCI Bridge: MCP51 PCI Bridge nVidia Corporation:MCP51 Ethernet Controller Advanced Micro Devices [AMD]:K8 [Athlon64/Opteron] HyperTransport Technology Configuration: K8 [Athlon64/Opteron] HyperTransport Technology Configuration Advanced Micro Devices [AMD]:K8 [Athlon64/Opteron] Address Map: K8 [Athlon64/Opteron] Address Map Advanced Micro Devices [AMD]:K8 [Athlon64/Opteron] DRAM Controller: K8 [Athlon64/Opteron] DRAM Controller Advanced Micro Devices [AMD]:K8 [Athlon64/Opteron] Miscellaneous Control: K8 [Athlon64/Opteron] Miscellaneous Control Bus Series nVidia Corporation:MCP51 SMBus nVidia Corporation:MCP51 USB Controller nVidia Corporation:MCP51 USB Controller Texas Instruments:TSB43AB22/A IEEE-1394a-2000 Controller (PHY/Link) Je suis surprise d'apprendre que je suis ouverte à toutes ces virus et machin chose, je viens de faire un test sur Zebulon :il n'y a rien à signaler!! bref je suppose que vous devez avoir raison. J'espère qu'il ne vous manque pas une information. Sachez, pour information que ce n'était pas une crise aigue de flemme mais un problème pour modifier mon profil .

Oui.... C'est quand meme pas foutu? Merci

Bonjour, Hier soir, en papotant avec une copine, celle-ci me dit que peut etre cela venait de mes drivers!!! Je precise que j'ai un Samsung DVD-ROM SD-616F... alors je me met en quette de ces fameux drivers... OBSOLET Que faire? mon deuil?

Bravo!!!! C'est simple mon PC n'a jamais aussi bien marché ( c'était une deuxieme main ) Encore merci

Bonjour, j'ai essayé le logiciel Burner XP il m'envoie un message :Il n'y a aucun lecteur compatible. Certains lecteurs CDR ne sont pas supportés. Si tu as une autre idée Wellcome @+

Bonjour, Je ne sais... ( tout est en anglais sur mon PC) mais j'imagine que oui, car je peux lire tous mes CD Merci et @+

Bonjour, Je ne peux plus graver , du tout! ( mais je peux tout lire) Au sujet du DRM, j'avoue mon ignorance, Kezako? Et pour finir, je suis chez Orange sans téléchargement illimité pour la musique Merci clara

Cela fais 1 mois que je ne peux plus graver ma musique j'ai eu ce problème il y a p'ti moment, la seule solution que j'ai trouvé c'est de formater... mais bon j'aimerai comprendre ...surtout qu'il est revenu J'espere ne pas etre trop hors sujet sur ce forum Merci Clara

Zut j'ai oublié la suite ... HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:47:55, on 11/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\VistaDrive\VistaDrive.exe C:\Program Files\LClock\LClock.exe C:\Program Files\Xtras\VisualTaskTips\VisualTaskTips.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Program Files\Xtras\Rainlendar\Rainlendar.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.uwininstaller.co.nr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [VisualTaskTips] C:\Program Files\Xtras\VisualTaskTips\VisualTaskTips.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKUS\S-1-5-19\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'Default user') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: Rainlendar.lnk = C:\Program Files\Xtras\Rainlendar\Rainlendar.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O14 - IERESET.INF: START_PAGE_URL=http://www.uwininstaller.co.nr O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O21 - SSODL: avast! - {1525D010-D9D6-A3B8-2573-BD5684A794B2} - c:\progra~1\alwils~1\avast4\windycr32.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8119 bytes Bonsoir PS: c'est étrange je ne peux afficher les emoticone !!!!!

bonsoir je ne sais pas trop si je dois mettre le scan de Kaspersky sur le forum, je n'ai pas trop compris Pear sur ce sujet, bref voici le rapport: KASPERSKY ONLINE SCANNER REPORT Monday, February 11, 2008 10:49:47 PM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 11/02/2008 Kaspersky Anti-Virus database records: 557960 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ Scan Statistics Total number of scanned objects 67421 Number of viruses found 11 Number of infected objects 33 Number of suspicious objects 0 Duration of the scan process 02:03:30 Infected Object Name Virus Name Last Action C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\cert8.db Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\formhistory.dat Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\history.dat Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\key3.db Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\parent.lock Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\search.sqlite Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\log.txt Object is locked skipped C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\common.rdb Object is locked skipped C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\Windows_x86.rdb Object is locked skipped C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.configuration.PackageRegistryBackend\registered_packages.db Object is locked skipped C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\uno_packages.db Object is locked skipped C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Desktop\SDFix\backups\backups.zip/backups/update.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\Documents and Settings\Administrator\Desktop\SDFix\backups\backups.zip/backups/update.exe/stream Infected: Trojan.NSIS.StartPage.c skipped C:\Documents and Settings\Administrator\Desktop\SDFix\backups\backups.zip/backups/update.exe Infected: Trojan.NSIS.StartPage.c skipped C:\Documents and Settings\Administrator\Desktop\SDFix\backups\backups.zip ZIP: infected - 3 skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbc2e.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbdam Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbdao Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbeam Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbeao Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbm Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbu2d.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbvm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbvmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\fii.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\fiih.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\hp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\hpt2i.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\rpm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\rpm1m.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\rpm1mh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\rpmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-black-enchashm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-black-enchashmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-black-urlm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-black-urlmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-malware-domainm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-malware-domainmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-white-domainm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-white-domainmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\pending.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\Working\database_4E90_73A5_9073_9267\dfsr.db Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\Working\database_4E90_73A5_9073_9267\fsr.log Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\Working\database_4E90_73A5_9073_9267\fsrtmp.log Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\Working\database_4E90_73A5_9073_9267\tmp.edb Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Live Contacts\roller_gui@hotmail.fr\real\members.stg Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008021120080212\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\~DF1166.tmp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\~DF397D.tmp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\~DF39B1.tmp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\ntuser.dat Object is locked skipped C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.ldb Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.mdb Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.617 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\tracking.log Object is locked skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP388\A0136234.exe Infected: not-a-virus:AdWare.Win32.Agent.zk skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP419\A0151138.dll Infected: not-a-virus:AdWare.Win32.Agent.zn skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151328.dll Infected: not-a-virus:AdWare.Win32.BHO.pm skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151329.dll Infected: not-a-virus:AdWare.Win32.Agent.yr skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe/stream/data0007/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe/stream/data0007/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe/stream/data0007 Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe NSIS: infected - 5 skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe/stream/data0007/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe/stream/data0007/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe/stream/data0007 Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe NSIS: infected - 5 skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159421.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159421.exe/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159421.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159438.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159438.exe/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159438.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\change.log Object is locked skipped C:\System Volume Information\_restore{25852D5B-26E7-43F7-8BC8-B391CA633734}\RP96\A0105070.ini Object is locked skipped C:\System Volume Information\_restore{25852D5B-26E7-43F7-8BC8-B391CA633734}\RP96\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\iebrowserc.dll Infected: not-a-virus:AdWare.Win32.Vapsup.awu skipped C:\WINDOWS\system32\ninjaext.dll Infected: not-a-virus:AdWare.Win32.Agent.ma skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\JET84EF.tmp Object is locked skipped C:\WINDOWS\Temp\JET881B.tmp Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_544.dat Object is locked skipped C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\setup.exe Infected: not-a-virus:Monitor.Win32.SpyLantern.530 skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped D:\vdownloader_vdownloader_v0.61_anglais_38422.zip/VDownloader.exe Infected: not-a-virus:Downloader.Win32.VDown.a skipped D:\vdownloader_vdownloader_v0.61_anglais_38422.zip ZIP: infected - 1 skipped D:\zenfants Folder\Wicked Remix.wma Infected: Trojan-Downloader.WMA.Wimad.l skipped Scan process completed. Merci pour pour l'aide! Clara

oulala! voici le scan de Kaspersky: KASPERSKY ONLINE SCANNER REPORT Monday, February 11, 2008 10:49:47 PM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 11/02/2008 Kaspersky Anti-Virus database records: 557960 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ Scan Statistics Total number of scanned objects 67421 Number of viruses found 11 Number of infected objects 33 Number of suspicious objects 0 Duration of the scan process 02:03:30 Infected Object Name Virus Name Last Action C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\cert8.db Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\formhistory.dat Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\history.dat Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\key3.db Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\parent.lock Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\search.sqlite Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\log.txt Object is locked skipped C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\common.rdb Object is locked skipped C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\Windows_x86.rdb Object is locked skipped C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.configuration.PackageRegistryBackend\registered_packages.db Object is locked skipped C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\uno_packages.db Object is locked skipped C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Desktop\SDFix\backups\backups.zip/backups/update.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\Documents and Settings\Administrator\Desktop\SDFix\backups\backups.zip/backups/update.exe/stream Infected: Trojan.NSIS.StartPage.c skipped C:\Documents and Settings\Administrator\Desktop\SDFix\backups\backups.zip/backups/update.exe Infected: Trojan.NSIS.StartPage.c skipped C:\Documents and Settings\Administrator\Desktop\SDFix\backups\backups.zip ZIP: infected - 3 skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbc2e.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbdam Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbdao Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbeam Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbeao Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbm Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbu2d.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbvm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\dbvmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\fii.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\fiih.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\hp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\hpt2i.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\rpm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\rpm1m.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\rpm1mh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\rpmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-black-enchashm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-black-enchashmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-black-urlm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-black-urlmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-malware-domainm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-malware-domainmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-white-domainm.cf1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Desktop\869460888d15\safeweb\goog-white-domainmh.ht1 Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\pending.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\Working\database_4E90_73A5_9073_9267\dfsr.db Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\Working\database_4E90_73A5_9073_9267\fsr.log Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\Working\database_4E90_73A5_9073_9267\fsrtmp.log Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\roller_gui@hotmail.fr\SharingMetadata\Working\database_4E90_73A5_9073_9267\tmp.edb Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Live Contacts\roller_gui@hotmail.fr\real\members.stg Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\uffxlg1x.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008021120080212\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\~DF1166.tmp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\~DF397D.tmp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\~DF39B1.tmp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\ntuser.dat Object is locked skipped C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.ldb Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.mdb Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.617 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\tracking.log Object is locked skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP388\A0136234.exe Infected: not-a-virus:AdWare.Win32.Agent.zk skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP419\A0151138.dll Infected: not-a-virus:AdWare.Win32.Agent.zn skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151328.dll Infected: not-a-virus:AdWare.Win32.BHO.pm skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151329.dll Infected: not-a-virus:AdWare.Win32.Agent.yr skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe/stream/data0007/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe/stream/data0007/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe/stream/data0007 Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151342.exe NSIS: infected - 5 skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe/stream/data0007/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe/stream/data0007/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe/stream/data0007 Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP420\A0151344.exe NSIS: infected - 5 skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159421.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159421.exe/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159421.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159438.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159438.exe/stream Infected: Trojan.NSIS.StartPage.c skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\A0159438.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{0C167D75-5F99-4E66-B3C6-9BFAB265DC99}\RP422\change.log Object is locked skipped C:\System Volume Information\_restore{25852D5B-26E7-43F7-8BC8-B391CA633734}\RP96\A0105070.ini Object is locked skipped C:\System Volume Information\_restore{25852D5B-26E7-43F7-8BC8-B391CA633734}\RP96\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\iebrowserc.dll Infected: not-a-virus:AdWare.Win32.Vapsup.awu skipped C:\WINDOWS\system32\ninjaext.dll Infected: not-a-virus:AdWare.Win32.Agent.ma skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\JET84EF.tmp Object is locked skipped C:\WINDOWS\Temp\JET881B.tmp Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_544.dat Object is locked skipped C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\setup.exe Infected: not-a-virus:Monitor.Win32.SpyLantern.530 skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped D:\vdownloader_vdownloader_v0.61_anglais_38422.zip/VDownloader.exe Infected: not-a-virus:Downloader.Win32.VDown.a skipped D:\vdownloader_vdownloader_v0.61_anglais_38422.zip ZIP: infected - 1 skipped D:\zenfants Folder\Wicked Remix.wma Infected: Trojan-Downloader.WMA.Wimad.l skipped Scan process completed.

Bonjour Voici les deux rapports... et j'ai retrouvé mon fond d'écran cool SDFix! SDFix: Version 1.141 Run by Administrator on 11/02/2008 at 15:29 Microsoft Windows XP [Version 5.1.2600] Running From: C:\DOCUME~1\ADMINI~1\Desktop\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Default HKCU HomePage Restoring Default Desktop Wallpaper Rebooting... Normal Mode: Checking Files: Trojan Files Found: C:\Documents and Settings\Administrator\Application Data\Deskbar_{20E0C418-986E-4e75-9082-2EC131EA8C6D}\log.txt - Deleted C:\Documents and Settings\Administrator\Local Settings\Temp\a4339a23-1036-a013-eb7d-0efd0de9956d.tmp.exe - Deleted C:\Program Files\dbar\basis.xml - Deleted C:\Program Files\dbar\channel.tmpl - Deleted C:\Program Files\dbar\content.tmpl - Deleted C:\Program Files\dbar\date.tmpl - Deleted C:\Program Files\dbar\dbaruninst.exe - Deleted C:\Program Files\dbar\deskbar.crc - Deleted C:\Program Files\dbar\deskbar.dll - Deleted C:\Program Files\dbar\deskbar.inf - Deleted C:\Program Files\dbar\edit_rss.tmpl - Deleted C:\Program Files\dbar\logo.bmp - Deleted C:\Program Files\dbar\mbback.bmp - Deleted C:\Program Files\dbar\mbbigopen.bmp - Deleted C:\Program Files\dbar\mbclose.bmp - Deleted C:\Program Files\dbar\mbfwd.bmp - Deleted C:\Program Files\dbar\mblogo.bmp - Deleted C:\Program Files\dbar\mbsep.bmp - Deleted C:\Program Files\dbar\nav1.bmp - Deleted C:\Program Files\dbar\nav2.bmp - Deleted C:\Program Files\dbar\new_alert.tmpl - Deleted C:\Program Files\dbar\version.txt - Deleted C:\Program Files\winvi\Uninst.exe - Deleted C:\Program Files\winvi\update.exe - Deleted C:\Program Files\winvi\version.ini - Deleted C:\Program Files\winvi\wupda.exe - Deleted C:\Program Files\winvi\dsktp\AC_RunActiveContent.js - Deleted C:\Program Files\winvi\dsktp\desktop.html - Deleted C:\Program Files\winvi\dsktp\internetDetection.swf - Deleted C:\Program Files\winvi\dsktp\settings.sol - Deleted C:\Program Files\winvi\temp\version.ini - Deleted C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\TA_Start.lnk - Deleted C:\WINDOWS\wr.txt - Deleted Folder C:\Documents and Settings\Administrator\Application Data\Deskbar_{20E0C418-986E-4e75-9082-2EC131EA8C6D} - Removed Folder C:\Program Files\dbar - Removed Folder C:\Program Files\winvi - Removed Removing Temp Files... ADS Check: Final Check: catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-11 15:36:30 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac|\xff\xff\xff\xff"\x2022\x20ac|\xf9\x2022\xd4w\2] "5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\Software\Adobe\FeatureSubscriptions\DVAAdobeDocMeta\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\Registered" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 96 Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk" "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:æTorrent" "C:\\Program Files\\Pando Networks\\Pando\\pando.exe"="C:\\Program Files\\Pando Networks\\Pando\\pando.exe:*:Enabled:pando" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Disabled:Firefox" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Documents and Settings\\Administrator\\Desktop\\WoW-frFR-Installer-downloader(3).exe"="C:\\Documents and Settings\\Administrator\\Desktop\\WoW-frFR-Installer-downloader(3).exe:*:Enabled:Blizzard Downloader" "C:\\Documents and Settings\\Administrator\\Desktop\\wow(2).exe"="C:\\Documents and Settings\\Administrator\\Desktop\\wow(2).exe:*:Disabled:Blizzard Downloader" "C:\\Documents and Settings\\Administrator\\Desktop\\WoW-frFR-Installer-downloader(2).exe"="C:\\Documents and Settings\\Administrator\\Desktop\\WoW-frFR-Installer-downloader(2).exe:*:Enabled:Blizzard Downloader" "C:\\Program Files\\SecondLife\\SLVoice.exe"="C:\\Program Files\\SecondLife\\SLVoice.exe:*:Enabled:SLVoice" "C:\\Program Files\\ABC\\abc.exe"="C:\\Program Files\\ABC\\abc.exe:*:Enabled:abc" "C:\\Program Files\\Wyzo\\wyzo.exe"="C:\\Program Files\\Wyzo\\wyzo.exe:*:Disabled:Wyzo" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: --------------- File Backups: - C:\DOCUME~1\ADMINI~1\Desktop\SDFix\backups\backups.zip Files with Hidden Attributes: Fri 16 Jun 2006 227 ..SH. --- "C:\BOOT.BAK" Tue 31 May 2005 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe" Tue 31 May 2005 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe" Tue 31 May 2005 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe" Sun 29 Oct 2006 4,908,912 ...H. --- "C:\Program Files\Picasa2\setup.exe" Sun 5 Aug 2007 75,264 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL0074.tmp" Fri 3 Aug 2007 71,680 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL0691.tmp" Mon 30 Apr 2007 22,016 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL1378.tmp" Sun 5 Aug 2007 79,872 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL3115.tmp" Tue 2 Oct 2007 21,504 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL3577.tmp" Mon 6 Aug 2007 80,384 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL3942.tmp" Tue 7 Aug 2007 80,384 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL4016.tmp" Thu 19 Apr 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Tue 20 Mar 2007 304,736 A..H. --- "C:\Program Files\Canon\MP Navigator 3.1\Maint.exe" Mon 19 Dec 2005 61,440 A..H. --- "C:\Program Files\Canon\MP Navigator 3.1\uinstrsc.dll" Mon 2 Jul 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Tue 31 May 2005 106,496 A..H. --- "C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll" Finished! Puis L'analyse HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:51:00, on 11/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\VistaDrive\VistaDrive.exe C:\Program Files\LClock\LClock.exe C:\Program Files\Xtras\VisualTaskTips\VisualTaskTips.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe C:\Program Files\Xtras\Rainlendar\Rainlendar.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.uwininstaller.co.nr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [VisualTaskTips] C:\Program Files\Xtras\VisualTaskTips\VisualTaskTips.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKUS\S-1-5-19\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'Default user') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: officejet 6100.lnk = ? O4 - Global Startup: Rainlendar.lnk = C:\Program Files\Xtras\Rainlendar\Rainlendar.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.uwininstaller.co.nr O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O21 - SSODL: avast! - {1525D010-D9D6-A3B8-2573-BD5684A794B2} - c:\progra~1\alwils~1\avast4\windycr32.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8642 bytes Et encore merci

Bonjour! comme vous me le demandiez voici les 2 reports: SDFix: Version 1.141 Run by Administrator on 11/02/2008 at 15:29 Microsoft Windows XP [Version 5.1.2600] Running From: C:\DOCUME~1\ADMINI~1\Desktop\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Default HKCU HomePage Restoring Default Desktop Wallpaper Rebooting... Normal Mode: Checking Files: Trojan Files Found: C:\Documents and Settings\Administrator\Application Data\Deskbar_{20E0C418-986E-4e75-9082-2EC131EA8C6D}\log.txt - Deleted C:\Documents and Settings\Administrator\Local Settings\Temp\a4339a23-1036-a013-eb7d-0efd0de9956d.tmp.exe - Deleted C:\Program Files\dbar\basis.xml - Deleted C:\Program Files\dbar\channel.tmpl - Deleted C:\Program Files\dbar\content.tmpl - Deleted C:\Program Files\dbar\date.tmpl - Deleted C:\Program Files\dbar\dbaruninst.exe - Deleted C:\Program Files\dbar\deskbar.crc - Deleted C:\Program Files\dbar\deskbar.dll - Deleted C:\Program Files\dbar\deskbar.inf - Deleted C:\Program Files\dbar\edit_rss.tmpl - Deleted C:\Program Files\dbar\logo.bmp - Deleted C:\Program Files\dbar\mbback.bmp - Deleted C:\Program Files\dbar\mbbigopen.bmp - Deleted C:\Program Files\dbar\mbclose.bmp - Deleted C:\Program Files\dbar\mbfwd.bmp - Deleted C:\Program Files\dbar\mblogo.bmp - Deleted C:\Program Files\dbar\mbsep.bmp - Deleted C:\Program Files\dbar\nav1.bmp - Deleted C:\Program Files\dbar\nav2.bmp - Deleted C:\Program Files\dbar\new_alert.tmpl - Deleted C:\Program Files\dbar\version.txt - Deleted C:\Program Files\winvi\Uninst.exe - Deleted C:\Program Files\winvi\update.exe - Deleted C:\Program Files\winvi\version.ini - Deleted C:\Program Files\winvi\wupda.exe - Deleted C:\Program Files\winvi\dsktp\AC_RunActiveContent.js - Deleted C:\Program Files\winvi\dsktp\desktop.html - Deleted C:\Program Files\winvi\dsktp\internetDetection.swf - Deleted C:\Program Files\winvi\dsktp\settings.sol - Deleted C:\Program Files\winvi\temp\version.ini - Deleted C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\TA_Start.lnk - Deleted C:\WINDOWS\wr.txt - Deleted Folder C:\Documents and Settings\Administrator\Application Data\Deskbar_{20E0C418-986E-4e75-9082-2EC131EA8C6D} - Removed Folder C:\Program Files\dbar - Removed Folder C:\Program Files\winvi - Removed Removing Temp Files... ADS Check: Final Check: catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-11 15:36:30 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac|\xff\xff\xff\xff"\x2022\x20ac|\xf9\x2022\xd4w\2] "5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\Software\Adobe\FeatureSubscriptions\DVAAdobeDocMeta\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\Registered" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 96 Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk" "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:æTorrent" "C:\\Program Files\\Pando Networks\\Pando\\pando.exe"="C:\\Program Files\\Pando Networks\\Pando\\pando.exe:*:Enabled:pando" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Disabled:Firefox" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Documents and Settings\\Administrator\\Desktop\\WoW-frFR-Installer-downloader(3).exe"="C:\\Documents and Settings\\Administrator\\Desktop\\WoW-frFR-Installer-downloader(3).exe:*:Enabled:Blizzard Downloader" "C:\\Documents and Settings\\Administrator\\Desktop\\wow(2).exe"="C:\\Documents and Settings\\Administrator\\Desktop\\wow(2).exe:*:Disabled:Blizzard Downloader" "C:\\Documents and Settings\\Administrator\\Desktop\\WoW-frFR-Installer-downloader(2).exe"="C:\\Documents and Settings\\Administrator\\Desktop\\WoW-frFR-Installer-downloader(2).exe:*:Enabled:Blizzard Downloader" "C:\\Program Files\\SecondLife\\SLVoice.exe"="C:\\Program Files\\SecondLife\\SLVoice.exe:*:Enabled:SLVoice" "C:\\Program Files\\ABC\\abc.exe"="C:\\Program Files\\ABC\\abc.exe:*:Enabled:abc" "C:\\Program Files\\Wyzo\\wyzo.exe"="C:\\Program Files\\Wyzo\\wyzo.exe:*:Disabled:Wyzo" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: --------------- File Backups: - C:\DOCUME~1\ADMINI~1\Desktop\SDFix\backups\backups.zip Files with Hidden Attributes: Fri 16 Jun 2006 227 ..SH. --- "C:\BOOT.BAK" Tue 31 May 2005 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe" Tue 31 May 2005 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe" Tue 31 May 2005 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe" Sun 29 Oct 2006 4,908,912 ...H. --- "C:\Program Files\Picasa2\setup.exe" Sun 5 Aug 2007 75,264 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL0074.tmp" Fri 3 Aug 2007 71,680 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL0691.tmp" Mon 30 Apr 2007 22,016 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL1378.tmp" Sun 5 Aug 2007 79,872 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL3115.tmp" Tue 2 Oct 2007 21,504 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL3577.tmp" Mon 6 Aug 2007 80,384 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL3942.tmp" Tue 7 Aug 2007 80,384 ...H. --- "C:\Documents and Settings\Administrator\My Documents\~WRL4016.tmp" Thu 19 Apr 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Tue 20 Mar 2007 304,736 A..H. --- "C:\Program Files\Canon\MP Navigator 3.1\Maint.exe" Mon 19 Dec 2005 61,440 A..H. --- "C:\Program Files\Canon\MP Navigator 3.1\uinstrsc.dll" Mon 2 Jul 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Tue 31 May 2005 106,496 A..H. --- "C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll" Finished! puis... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:51:00, on 11/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\VistaDrive\VistaDrive.exe C:\Program Files\LClock\LClock.exe C:\Program Files\Xtras\VisualTaskTips\VisualTaskTips.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe C:\Program Files\Xtras\Rainlendar\Rainlendar.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.uwininstaller.co.nr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [VisualTaskTips] C:\Program Files\Xtras\VisualTaskTips\VisualTaskTips.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKUS\S-1-5-19\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'Default user') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: officejet 6100.lnk = ? O4 - Global Startup: Rainlendar.lnk = C:\Program Files\Xtras\Rainlendar\Rainlendar.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.uwininstaller.co.nr O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O21 - SSODL: avast! - {1525D010-D9D6-A3B8-2573-BD5684A794B2} - c:\progra~1\alwils~1\avast4\windycr32.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8642 bytes Merci clara

Bisoir Voilou c'est pas trop original, mais G un prob' avé mon PC. Une vilaine image (1pub) à la place de mon joli fond d'écran : je vous poste ce machin chose puisque vous comprenez le chinois!!!!!! 1 GRD MERCI D'AVANCE Logfile of HijackThis v1.99.1 Scan saved at 17:50:46, on 10/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\VistaDrive\VistaDrive.exe C:\Program Files\LClock\LClock.exe C:\Program Files\Xtras\VisualTaskTips\VisualTaskTips.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe C:\Program Files\Xtras\Rainlendar\Rainlendar.exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\WINDOWS\explorer.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.w-w-w-dot-com.com/start.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.uwininstaller.co.nr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {8E015787-B1E3-404a-95DE-3E71E1FA0305} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll O2 - BHO: DbarBHO - {CC11617C-259E-429c-9063-7D70B8355EBD} - C:\Program Files\dbar\Deskbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [VisualTaskTips] C:\Program Files\Xtras\VisualTaskTips\VisualTaskTips.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [dbar_starter] C:\Documents and Settings\Administrator\Application Data\Deskbar_{20E0C418-986E-4e75-9082-2EC131EA8C6D}\starter.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Startup: TA_Start.lnk = C:\Documents and Settings\Administrator\Local Settings\Temp\BundleDownloader\22.ex_ O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: officejet 6100.lnk = ? O4 - Global Startup: Rainlendar.lnk = C:\Program Files\Xtras\Rainlendar\Rainlendar.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.uwininstaller.co.nr O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: avast! - {1525D010-D9D6-A3B8-2573-BD5684A794B2} - c:\progra~1\alwils~1\avast4\windycr32.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe