toshigaya

Voilà le scan de panda ;******************************************************************************* ********************************************************************************* ******************* ANALYSIS: 2008-03-08 18:39:33 PROTECTIONS: 1 MALWARE: 20 SUSPECTS: 0 ;******************************************************************************* ********************************************************************************* ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================= =================== avast! antivirus 4.7.1098 [VPS 080307-0] 4.7.1098 No Yes ;=============================================================================== ================================================================================= =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================= =================== 00041446 application/myway HackTools No 0 Yes No c:\program files\myway 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.doubleclick.net/] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.atdmt.com/] 00139535 Application/Processor HackTools No 0 Yes No C:\MSNFix\INCL\Process.exe 00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\pamela bonomi\Bureau\Virus\SDFix.exe[sDFix\apps\Process.exe] 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP482\A0146696.EXE 00139535 Application/Processor HackTools No 0 Yes No C:\Lop SD\Process.exe 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP482\A0146528.EXE 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP482\A0146466.EXE 00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\Invité\Local Settings\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\Cache\DD0DBD66d01[sDFix\apps\Process.exe] 00139535 Application/Processor HackTools No 0 Yes No D:\MSNFix.zip[MSNFix/incl/Process.exe] 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP482\A0146590.EXE 00139535 Application/Processor HackTools No 0 Yes No D:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP480\A0113987.exe 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML.(2007.03.01 22.44.04)[.xiti.com/] 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.xiti.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.serving-sys.com/] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.bs.serving-sys.com/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.weborama.fr/] 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.adtech.de/] 00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[fl01.ct2.comclick.com/] 00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[fl01.ct2.comclick.com/] 00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[fl01.ct2.comclick.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.advertising.com/] 00172447 Cookie/Inet-Traffic TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML.(2007.03.01 22.44.04)[.inet-traffic.com/] 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.bluestreak.com/] 00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML.(2007.03.01 22.44.04)[.bravenet.com/] 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.adviva.net/] 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.smartadserver.com/] 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.smartadserver.com/] 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.smartadserver.com/] 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\COOKIES.TXT[.smartadserver.com/] 02898360 Trj/Clicker.AIQ Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP460\A0107719.SYS 02898360 Trj/Clicker.AIQ Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP459\A0107624.SYS 02903896 Trj/Delf.AIF Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP466\A0109399.OLD 02904767 Trj/Downloader.SWL Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0122023.EXE 02904767 Trj/Downloader.SWL Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP480\A0112983.EXE 02904767 Trj/Downloader.SWL Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0122024.EXE 02904767 Trj/Downloader.SWL Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0122025.EXE 02904767 Trj/Downloader.SWL Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0122058.EXE 02904767 Trj/Downloader.SWL Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0133234.EXE 02904998 Trj/Agent.IGF Virus/Trojan No 0 Yes No D:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP480\A0112988.com ;=============================================================================== ================================================================================= =================== SUSPECTS Location ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= =================== et le nouveau hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:43:57, on 08/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Acer\eManager\anbmServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\acer\epm\epm-dm.exe C:\Program Files\Acer\eRecovery\Monitor.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\PROMT5\INTEGRAL\pinmenu.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\TweakRAM\TweakRAM.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\pamela bonomi\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum 2\UIWatcher.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\ASHAMPOO\ASHAMP~1\AMO_TA~1.EXE" -TRAY O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?76d39cd923c94604948883cb7ba42870 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?76d39cd923c94604948883cb7ba42870 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 14054 bytes

Voici le rapport de Lop -----------------------------[ Lop S&D 4.0.4 ]--------------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : pamela bonomi ] [ "C:\Lop SD" ] [ 08/03/2008 | 14:50:00,14 ] [ PC : MATTEI ] [ MAJ : 05-03-2008 | 13:30 ] -------------[ Listing des dossiers dans Application Data ]------------ [15/10/2004|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\. [15/10/2004|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.. [15/10/2004|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [15/10/2004|12:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [15/10/2004|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [15/10/2004|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\. [15/10/2004|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.. [20/01/2007|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [07/04/2007|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems [05/09/2007|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus [06/08/2006|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ [15/10/2004|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [22/01/2006|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [02/11/2006|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [16/07/2007|03:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [05/03/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [21/10/2006|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [30/12/2005|03:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak [15/10/2004|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [10/01/2006|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy [30/12/2005|03:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [20/08/2007|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real [08/10/2006|14:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung [05/06/2006|23:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson [03/08/2006|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [30/12/2005|01:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [03/08/2006|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [07/02/2007|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [27/02/2008|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [15/10/2004|12:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\. [15/10/2004|12:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\.. [15/10/2004|11:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [15/10/2004|12:04] C:\DOCUME~1\LOCALS~1\APPLIC~1\. [15/10/2004|12:04] C:\DOCUME~1\LOCALS~1\APPLIC~1\.. [24/01/2008|11:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [15/10/2004|11:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [30/12/2005|00:41] C:\DOCUME~1\PAMELA~1\APPLIC~1\. [30/12/2005|00:41] C:\DOCUME~1\PAMELA~1\APPLIC~1\.. [11/04/2007|00:00] C:\DOCUME~1\PAMELA~1\APPLIC~1\.gaim [31/12/2005|11:47] C:\DOCUME~1\PAMELA~1\APPLIC~1\Adobe [19/01/2006|19:09] C:\DOCUME~1\PAMELA~1\APPLIC~1\AdobeUM [21/01/2008|22:28] C:\DOCUME~1\PAMELA~1\APPLIC~1\Aegisub [20/10/2006|22:08] C:\DOCUME~1\PAMELA~1\APPLIC~1\Ahead [24/06/2006|18:19] C:\DOCUME~1\PAMELA~1\APPLIC~1\ArcSoft [02/03/2008|19:26] C:\DOCUME~1\PAMELA~1\APPLIC~1\ASSDraw3.cfg [05/09/2007|18:29] C:\DOCUME~1\PAMELA~1\APPLIC~1\Azureus [30/12/2005|13:03] C:\DOCUME~1\PAMELA~1\APPLIC~1\Canon [30/12/2005|02:12] C:\DOCUME~1\PAMELA~1\APPLIC~1\CyberLink [15/10/2004|11:51] C:\DOCUME~1\PAMELA~1\APPLIC~1\desktop.ini [20/01/2008|20:56] C:\DOCUME~1\PAMELA~1\APPLIC~1\DivX [04/01/2007|18:30] C:\DOCUME~1\PAMELA~1\APPLIC~1\DMCache [26/01/2008|20:26] C:\DOCUME~1\PAMELA~1\APPLIC~1\eSobi [09/08/2007|16:49] C:\DOCUME~1\PAMELA~1\APPLIC~1\Free Download Manager [03/08/2006|16:44] C:\DOCUME~1\PAMELA~1\APPLIC~1\Google [05/03/2008|16:26] C:\DOCUME~1\PAMELA~1\APPLIC~1\Grisoft [19/04/2007|03:55] C:\DOCUME~1\PAMELA~1\APPLIC~1\gtk-2.0 [30/12/2005|03:58] C:\DOCUME~1\PAMELA~1\APPLIC~1\Help [15/10/2004|12:05] C:\DOCUME~1\PAMELA~1\APPLIC~1\Identities [04/08/2007|13:48] C:\DOCUME~1\PAMELA~1\APPLIC~1\inst.exe [25/03/2006|13:38] C:\DOCUME~1\PAMELA~1\APPLIC~1\Lavasoft [13/01/2006|22:32] C:\DOCUME~1\PAMELA~1\APPLIC~1\Macromedia [12/12/2006|12:31] C:\DOCUME~1\PAMELA~1\APPLIC~1\Media Player Classic [31/07/2007|15:00] C:\DOCUME~1\PAMELA~1\APPLIC~1\MegauploadToolbar [15/10/2004|11:51] C:\DOCUME~1\PAMELA~1\APPLIC~1\Microsoft [31/12/2005|11:40] C:\DOCUME~1\PAMELA~1\APPLIC~1\Microsoft Web Folders [12/10/2007|19:39] C:\DOCUME~1\PAMELA~1\APPLIC~1\mIRC [08/11/2006|15:31] C:\DOCUME~1\PAMELA~1\APPLIC~1\Mozilla [20/10/2006|22:06] C:\DOCUME~1\PAMELA~1\APPLIC~1\NeroVision [13/01/2006|22:27] C:\DOCUME~1\PAMELA~1\APPLIC~1\Not a Number [04/08/2007|13:48] C:\DOCUME~1\PAMELA~1\APPLIC~1\pcouffin.cat [04/08/2007|13:48] C:\DOCUME~1\PAMELA~1\APPLIC~1\pcouffin.inf [04/08/2007|13:48] C:\DOCUME~1\PAMELA~1\APPLIC~1\pcouffin.log [04/08/2007|13:48] C:\DOCUME~1\PAMELA~1\APPLIC~1\pcouffin.sys [03/08/2006|16:42] C:\DOCUME~1\PAMELA~1\APPLIC~1\Real [15/03/2007|18:17] C:\DOCUME~1\PAMELA~1\APPLIC~1\Screenshot Sender [02/11/2006|23:07] C:\DOCUME~1\PAMELA~1\APPLIC~1\Sun [30/12/2005|01:20] C:\DOCUME~1\PAMELA~1\APPLIC~1\Symantec [30/12/2005|01:14] C:\DOCUME~1\PAMELA~1\APPLIC~1\Template [04/10/2006|18:53] C:\DOCUME~1\PAMELA~1\APPLIC~1\ViewerApp.dat [03/08/2006|16:37] C:\DOCUME~1\PAMELA~1\APPLIC~1\vlc [28/03/2007|20:03] C:\DOCUME~1\PAMELA~1\APPLIC~1\V-Safe [04/08/2007|13:48] C:\DOCUME~1\PAMELA~1\APPLIC~1\Vso [05/09/2007|21:20] C:\DOCUME~1\PAMELA~1\APPLIC~1\WinRAR [11/01/2006|13:40] C:\DOCUME~1\PAMELA~1\APPLIC~1\wklnhst.dat [28/01/2006|20:28] C:\DOCUME~1\INVIT?\APPLIC~1\. [28/01/2006|20:28] C:\DOCUME~1\INVIT?\APPLIC~1\.. [15/10/2004|11:51] C:\DOCUME~1\INVIT?\APPLIC~1\desktop.ini [05/03/2008|21:43] C:\DOCUME~1\INVIT?\APPLIC~1\Grisoft [15/10/2004|12:05] C:\DOCUME~1\INVIT?\APPLIC~1\Identities [05/03/2008|21:57] C:\DOCUME~1\INVIT?\APPLIC~1\Lavasoft [16/02/2007|13:44] C:\DOCUME~1\INVIT?\APPLIC~1\Macromedia [15/10/2007|06:00] C:\DOCUME~1\INVIT?\APPLIC~1\MEGAUPLOADTOOLBAR [15/10/2004|11:51] C:\DOCUME~1\INVIT?\APPLIC~1\Microsoft [16/02/2007|13:52] C:\DOCUME~1\INVIT?\APPLIC~1\Mozilla [07/08/2006|19:23] C:\DOCUME~1\INVIT?\APPLIC~1\Real [05/03/2008|22:39] C:\DOCUME~1\INVIT?\APPLIC~1\Sun [05/03/2008|23:24] C:\DOCUME~1\INVIT?\APPLIC~1\Talkback [15/10/2007|05:59] C:\DOCUME~1\INVIT?\APPLIC~1\WinRAR [13/08/2006|19:38] C:\DOCUME~1\NEJISA~1\APPLIC~1\. [13/08/2006|19:38] C:\DOCUME~1\NEJISA~1\APPLIC~1\.. [03/11/2006|23:30] C:\DOCUME~1\NEJISA~1\APPLIC~1\Adobe [12/02/2007|15:23] C:\DOCUME~1\NEJISA~1\APPLIC~1\AdobeUM [15/10/2004|11:51] C:\DOCUME~1\NEJISA~1\APPLIC~1\desktop.ini [03/11/2006|23:30] C:\DOCUME~1\NEJISA~1\APPLIC~1\Google [07/03/2008|15:46] C:\DOCUME~1\NEJISA~1\APPLIC~1\Grisoft [15/10/2004|12:05] C:\DOCUME~1\NEJISA~1\APPLIC~1\Identities [08/11/2006|16:32] C:\DOCUME~1\NEJISA~1\APPLIC~1\Macromedia [28/01/2007|01:18] C:\DOCUME~1\NEJISA~1\APPLIC~1\Media Player Classic [15/10/2004|11:51] C:\DOCUME~1\NEJISA~1\APPLIC~1\Microsoft [08/11/2006|16:23] C:\DOCUME~1\NEJISA~1\APPLIC~1\Mozilla [25/06/2007|13:21] C:\DOCUME~1\NEJISA~1\APPLIC~1\Opera [13/08/2006|19:39] C:\DOCUME~1\NEJISA~1\APPLIC~1\Real [05/03/2008|23:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\. [05/03/2008|23:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\.. [15/10/2004|11:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [15/10/2004|12:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [15/10/2004|11:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [05/03/2008|23:52] C:\DOCUME~1\ADMINI~1.MAT\APPLIC~1\. [05/03/2008|23:52] C:\DOCUME~1\ADMINI~1.MAT\APPLIC~1\.. [15/10/2004|11:51] C:\DOCUME~1\ADMINI~1.MAT\APPLIC~1\desktop.ini [05/03/2008|23:54] C:\DOCUME~1\ADMINI~1.MAT\APPLIC~1\Grisoft [15/10/2004|12:05] C:\DOCUME~1\ADMINI~1.MAT\APPLIC~1\Identities [05/03/2008|23:56] C:\DOCUME~1\ADMINI~1.MAT\APPLIC~1\Lavasoft [15/10/2004|11:51] C:\DOCUME~1\ADMINI~1.MAT\APPLIC~1\Microsoft [07/03/2008|00:48] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\. [07/03/2008|00:48] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\.. [15/10/2004|11:51] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\desktop.ini [07/03/2008|17:08] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Grisoft [15/10/2004|12:05] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Identities [15/10/2004|11:51] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Microsoft [07/03/2008|16:36] C:\DOCUME~1\KYO\APPLIC~1\. [07/03/2008|16:36] C:\DOCUME~1\KYO\APPLIC~1\.. [15/10/2004|11:51] C:\DOCUME~1\KYO\APPLIC~1\desktop.ini [15/10/2004|12:05] C:\DOCUME~1\KYO\APPLIC~1\Identities [15/10/2004|11:51] C:\DOCUME~1\KYO\APPLIC~1\Microsoft ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]--------------- [08/03/2008 14:48][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job [08/03/2008 14:36][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini ---------------[ Listing des dossiers dans C:\Program Files ]-------------- [15/10/2004|11:52] C:\Program Files\. [15/10/2004|11:52] C:\Program Files\.. [30/12/2005|00:43] C:\Program Files\acer [06/07/2005|20:04] C:\Program Files\Acer Inc [06/07/2005|20:03] C:\Program Files\Adobe [02/03/2008|21:09] C:\Program Files\Aegisub [20/10/2006|22:03] C:\Program Files\Ahead [03/08/2006|11:17] C:\Program Files\Alwil Software [06/08/2006|20:45] C:\Program Files\ArcSoft [14/02/2008|21:53] C:\Program Files\Ashampoo [06/12/2007|15:46] C:\Program Files\Audacity [02/03/2008|20:45] C:\Program Files\AviSynth 2.5 [05/09/2007|18:27] C:\Program Files\Azureus [27/05/2007|15:42] C:\Program Files\BitComet [09/12/2007|19:53] C:\Program Files\BitSpirit [06/08/2006|20:40] C:\Program Files\Canon [05/03/2008|16:21] C:\Program Files\CCleaner [06/07/2005|19:59] C:\Program Files\CONEXANT [06/07/2005|20:03] C:\Program Files\CyberLink [30/04/2007|19:32] C:\Program Files\Dictionnaire [13/09/2007|11:33] C:\Program Files\Disc2Phone [04/08/2006|13:25] C:\Program Files\DivX [26/05/2007|20:39] C:\Program Files\D-Link [21/10/2006|18:01] C:\Program Files\DVD Shrink [09/11/2006|13:22] C:\Program Files\eMule [02/02/2007|22:12] C:\Program Files\ffdsasetts.reg [02/02/2007|22:12] C:\Program Files\ffdssetts.reg [02/02/2007|22:12] C:\Program Files\ffdsvsetts.reg [15/10/2004|11:52] C:\Program Files\Fichiers communs [04/08/2006|13:44] C:\Program Files\Filtre Matroska [09/08/2007|16:49] C:\Program Files\Free Download Manager [16/06/2007|01:07] C:\Program Files\Gabest [26/09/2007|20:43] C:\Program Files\Gadwin Systems [03/08/2006|16:44] C:\Program Files\Google [05/03/2008|16:25] C:\Program Files\Grisoft [13/10/2007|16:17] C:\Program Files\IKEA HomePlanner [06/07/2005|19:50] C:\Program Files\InstallShield Installation Information [06/07/2005|19:51] C:\Program Files\Intel [15/10/2004|11:58] C:\Program Files\Internet Explorer [21/10/2006|18:06] C:\Program Files\Jasc Software Inc [02/11/2006|23:05] C:\Program Files\Java [14/02/2008|22:24] C:\Program Files\Kaspersky Lab [20/08/2007|17:47] C:\Program Files\K-Lite Codec Pack [06/08/2006|21:16] C:\Program Files\Kodak [14/12/2006|23:44] C:\Program Files\Larousse [30/12/2005|00:43] C:\Program Files\Launch Manager [03/11/2006|18:02] C:\Program Files\Lavasoft [09/08/2007|21:07] C:\Program Files\Master_timesub [31/07/2007|15:00] C:\Program Files\MegauploadToolbar [15/10/2004|11:57] C:\Program Files\Messenger [14/02/2008|22:21] C:\Program Files\Micro Application [09/05/2007|03:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [15/10/2004|12:01] C:\Program Files\microsoft frontpage [30/12/2005|01:12] C:\Program Files\Microsoft Office [07/04/2007|17:22] C:\Program Files\Microsoft.NET [15/10/2004|11:58] C:\Program Files\Movie Maker [08/11/2006|15:31] C:\Program Files\Mozilla Firefox [02/02/2007|22:12] C:\Program Files\mpc1.reg [02/02/2007|22:12] C:\Program Files\mpc2.reg [02/02/2007|22:12] C:\Program Files\mpc3.reg [02/02/2007|22:12] C:\Program Files\mpc4.reg [02/02/2007|22:12] C:\Program Files\mpc5.reg [02/02/2007|22:12] C:\Program Files\mpc6.reg [02/02/2007|22:12] C:\Program Files\mpc7.reg [15/10/2004|11:57] C:\Program Files\MSN [15/10/2004|11:57] C:\Program Files\MSN Gaming Zone [15/11/2006|12:44] C:\Program Files\MSXML 4.0 [14/08/2007|21:00] C:\Program Files\Multi_Media_France [20/12/2007|18:17] C:\Program Files\MultiMedia France Toolbar [03/02/2007|15:48] C:\Program Files\MyWay [15/10/2004|11:58] C:\Program Files\NetMeeting [29/09/2006|15:47] C:\Program Files\NetShow Services [20/04/2007|19:09] C:\Program Files\NTR global [15/10/2004|11:57] C:\Program Files\Online Services [15/10/2004|11:58] C:\Program Files\Outlook Express [05/03/2008|22:56] C:\Program Files\Panda Security [06/01/2008|21:09] C:\Program Files\Paraben [04/08/2006|11:02] C:\Program Files\Pegasus Imaging [06/06/2006|21:15] C:\Program Files\printFIT [17/02/2008|16:10] C:\Program Files\PROMT5 [15/08/2007|14:26] C:\Program Files\QuickSFV [09/09/2007|21:37] C:\Program Files\QuickSFVa [06/08/2006|21:25] C:\Program Files\QuickTime [20/12/2007|18:26] C:\Program Files\RadioXpi [03/08/2006|16:42] C:\Program Files\Real [06/11/2006|21:26] C:\Program Files\RegCleaner [17/02/2008|16:54] C:\Program Files\Reverso Pro v5.0 [04/08/2006|09:15] C:\Program Files\RngInterstitial.dll [08/10/2006|14:22] C:\Program Files\Samsung [21/01/2007|18:41] C:\Program Files\Satsuki Decoder Pack [21/01/2007|18:41] C:\Program Files\satsukidecodersettings.ini [30/12/2005|12:30] C:\Program Files\ScanSoft [15/10/2004|11:59] C:\Program Files\Services en ligne [17/02/2008|21:38] C:\Program Files\Sierra On-Line [15/01/2007|01:48] C:\Program Files\SLD Codec Pack [21/10/2006|19:13] C:\Program Files\SlySoft [03/06/2007|13:56] C:\Program Files\SMF Fun Cards Maker [17/02/2006|21:21] C:\Program Files\Sony Corporation [03/08/2006|20:07] C:\Program Files\Spybot - Search & Destroy [05/03/2008|20:16] C:\Program Files\Sunbelt Software [06/07/2005|19:58] C:\Program Files\Synaptics [06/01/2008|17:22] C:\Program Files\Tarot Club [21/02/2007|17:06] C:\Program Files\Trust [14/02/2008|22:13] C:\Program Files\TweakRAM [29/09/2006|15:46] C:\Program Files\Ulead Systems [15/10/2004|12:05] C:\Program Files\Uninstall Information [02/03/2008|20:46] C:\Program Files\VirtualDub-1.7.1 [04/08/2007|13:42] C:\Program Files\VirtualDubMOD [04/08/2007|13:48] C:\Program Files\VSO [19/02/2007|18:36] C:\Program Files\WebShonen [07/06/2007|16:30] C:\Program Files\Windows Live [30/11/2007|03:03] C:\Program Files\Windows Live Favorites [07/02/2007|14:06] C:\Program Files\Windows Live Toolbar [03/08/2006|15:20] C:\Program Files\Windows Media Connect 2 [15/10/2004|11:57] C:\Program Files\Windows Media Player [15/10/2004|11:57] C:\Program Files\Windows NT [15/10/2004|11:59] C:\Program Files\WindowsUpdate [03/08/2006|16:35] C:\Program Files\WinRAR [14/09/2006|18:01] C:\Program Files\Wizards of the Coast [20/08/2007|17:50] C:\Program Files\Word Translator [04/08/2006|13:46] C:\Program Files\x264 [15/10/2004|12:01] C:\Program Files\xerox [04/08/2006|13:46] C:\Program Files\XviD ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------ [15/10/2004|11:52] C:\Program Files\Fichiers communs\. [15/10/2004|11:52] C:\Program Files\Fichiers communs\.. [14/02/2008|22:21] C:\Program Files\Fichiers communs\Acronis [31/12/2005|11:47] C:\Program Files\Fichiers communs\Adobe [07/04/2007|17:32] C:\Program Files\Fichiers communs\Adobe Systems Shared [21/10/2006|18:14] C:\Program Files\Fichiers communs\Ahead [31/12/2005|11:44] C:\Program Files\Fichiers communs\Designer [10/04/2007|23:59] C:\Program Files\Fichiers communs\GTK [06/07/2005|19:50] C:\Program Files\Fichiers communs\InstallShield [02/11/2006|23:02] C:\Program Files\Fichiers communs\Java [14/02/2008|22:24] C:\Program Files\Fichiers communs\Kaspersky Lab [06/08/2006|21:24] C:\Program Files\Fichiers communs\Kodak [13/01/2006|22:31] C:\Program Files\Fichiers communs\Macromedia [15/10/2004|11:52] C:\Program Files\Fichiers communs\Microsoft Shared [15/10/2004|11:58] C:\Program Files\Fichiers communs\MSSoap [06/07/2005|20:02] C:\Program Files\Fichiers communs\muvee Technologies [15/10/2004|11:52] C:\Program Files\Fichiers communs\ODBC [21/02/2007|17:06] C:\Program Files\Fichiers communs\PCCamera [03/08/2006|16:42] C:\Program Files\Fichiers communs\Real [15/10/2004|11:58] C:\Program Files\Fichiers communs\Services [15/10/2004|11:52] C:\Program Files\Fichiers communs\SpeechEngines [25/01/2007|20:05] C:\Program Files\Fichiers communs\SWF Studio [26/03/2006|13:30] C:\Program Files\Fichiers communs\Symantec Shared [15/10/2004|11:58] C:\Program Files\Fichiers communs\System [13/01/2006|22:32] C:\Program Files\Fichiers communs\Vbox [27/02/2008|12:26] C:\Program Files\Fichiers communs\WindowsLiveInstaller [13/10/2007|16:17] C:\Program Files\Fichiers communs\Wise Installation Wizard ----------------------[ Recherche avec S_Lop ]--------------------- Aucun fichier / dossier Lop trouvé ! -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- C:\Program Files\Multi_Media_France C:\Program Files\Multi_Media_France\tbMul0.dll C:\Program Files\MultiMedia France Toolbar C:\Program Files\MultiMedia France Toolbar\UNWISE.EXE C:\Program Files\MultiMedia France Toolbar\Multi_Media_France.xpi C:\Program Files\MultiMedia France Toolbar\Multi_Media_France.exe C:\Program Files\MultiMedia France Toolbar\INSTALL.LOG ----------------------[ Verification du Registre ]---------------------- ..... OK ! --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts PROPRE ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-08 14:56:33 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden files ... scan completed successfully hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- Aucune autre infection trouvée ! /!\ [Fich:922][Doss:5] C:\DOCUME~1\PAMELA~1\LOCALS~1\Temp /!\ [Fich:4][Doss:0] C:\DOCUME~1\PAMELA~1\Cookies /!\ [Fich:14][Doss:4] C:\DOCUME~1\PAMELA~1\LOCALS~1\TEMPOR~1\content.IE5 --------------------[ Fin du rapport a 14:56:49,75 ]---------------------- PS: en faisant l'analyse, avast m'a trouvé un virus sous C que j'ai mis en quarantaine

Bonjour, J'ai donc passer AVG en mode sans échec et il ne m'a trouvé qe quelque cookies. Voici le rapport d'hijackthis en mode normal après le passage d'AGV Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:41:03, on 08/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Acer\eManager\anbmServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\acer\epm\epm-dm.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Acer\eRecovery\Monitor.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\PROMT5\INTEGRAL\pinmenu.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\TweakRAM\TweakRAM.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\PROGRA~1\ASHAMPOO\ASHAMP~1\AMO_TA~1.EXE C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\pamela bonomi\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum 2\UIWatcher.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\ASHAMPOO\ASHAMP~1\AMO_TA~1.EXE" -TRAY O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?76d39cd923c94604948883cb7ba42870 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?76d39cd923c94604948883cb7ba42870 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 14036 bytes PS: Je vais passer Lop S&D sur le pc et je te mettrai le rapport Merci encore^^

Voilà déjà le rapports d'ewido __________________________________________________ ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.2o7 Path: C:\Documents and Settings\pamela bonomi\Cookies\pamela bonomi@msnportal.112.2o7[1].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\pamela bonomi\Cookies\pamela bonomi@bs.serving-sys[2].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\pamela bonomi\Cookies\pamela bonomi@serving-sys[2].txt Risk: Medium Name: TrackingCookie.Adviva Path: :mozilla.14:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.15:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.21:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.22:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.23:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Bluestreak Path: :mozilla.30:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.33:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Webtrendslive Path: :mozilla.35:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Doubleclick Path: :mozilla.36:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Atdmt Path: :mozilla.39:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.77:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: :mozilla.79:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: :mozilla.80:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: :mozilla.81:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Comclick Path: :mozilla.109:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Comclick Path: :mozilla.110:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Comclick Path: :mozilla.111:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Overture Path: :mozilla.118:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.140:C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.6:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.7:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.10:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.11:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.12:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Atdmt Path: :mozilla.13:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.15:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.16:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.17:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Doubleclick Path: :mozilla.18:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.77:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.78:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.79:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Bluestreak Path: :mozilla.80:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Name: TrackingCookie.Webtrends Path: :mozilla.107:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\975qs9u3.default\cookies.txt Risk: Medium Que du cookies quoi^^ Et voia le rapport d'hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 02:06:51, on 08/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Acer\eManager\anbmServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\acer\epm\epm-dm.exe C:\Program Files\Acer\eRecovery\Monitor.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TweakRAM\TweakRAM.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\pamela bonomi\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum 2\UIWatcher.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\ASHAMPOO\ASHAMP~1\AMO_TA~1.EXE" -TRAY O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?76d39cd923c94604948883cb7ba42870 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?76d39cd923c94604948883cb7ba42870 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 13727 bytes

Ok, je vois, donc pas touché à ce truc, merci de prévenir^^

Vais finir les scans, et je vais retenter en ss échec avec AVG, et je te mettrais tous ça dès que possible. Et si reste des trucs style dans restore, je suivrai tes indications pour les virer. Sinon on m'a parler de combofix, mais je ne connais pas du tout ce truc^^

merci d'avoir répondu aussi vite, l'analyse est en cours. POur AVG, je l'avait déjà fait et ça a rien changé

bonjour, Voilà, j'ai eu un soucis ces derniers jours avec un virus msn que j'ai réussi a supprimé, cependant, après rapport hijackthis et analyse de kaspersky en ligne, j'ai un certains nombres de trojan Win 32 sur le pc, qui même après avoir été mis en quarantaine par différents antivirus reviennent tous le temps. N'étant pas très calé en informatique, je sollicite votre aide pour pouvoir virer ces tites bébêtes qui sont assez embetantes. J'ai vu quelques sujets similaires sur le forum, mais n'y connaissant pas grand chose, je ne voulais pas faire de manip qui aurait pu endommager le pc. Help me please^^ Voici le rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 00:09:31, on 08/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Acer\eManager\anbmServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\acer\epm\epm-dm.exe C:\Program Files\Acer\eRecovery\Monitor.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\TweakRAM\TweakRAM.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashQuick.exe C:\PROGRA~1\ALWILS~1\Avast4\ashQuick.exe C:\Documents and Settings\pamela bonomi\Bureau\test.exe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum 2\UIWatcher.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\ASHAMPOO\ASHAMP~1\AMO_TA~1.EXE" -TRAY O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?76d39cd923c94604948883cb7ba42870 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?76d39cd923c94604948883cb7ba42870 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe et voici le rapport de kaspersky en ligne KASPERSKY ON-LINE SCANNER REPORT Friday, March 07, 2008 11:25:03 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 7/03/2008 Enregistrements dans la base antivirus Kaspersky : 557517 Paramètres d'analyse Analyser avec la base antivirus suivante standard Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail C:\ D:\ E:\ Statistiques de l'analyse Total d'objets analysés 85630 Nombre de virus trouvés 6 Nombre d'objets infectés 16 / 0 Nombre d'objets suspects 0 Durée de l'analyse 03:28:12 Nom de l'objet infecté Nom du virus Dernière action C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré C:\WINDOWS\system32\andt.sys Infecté : Trojan-Downloader.Win32.Delf.evt ignoré C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré C:\WINDOWS\Temp\Perflib_Perfdata_658.dat L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\EventCache\{42160183-FD63-4426-8797-5876F7728906}.bin L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Temp\Perflib_Perfdata_778.dat L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Historique\History.IE5\MSHist012008030720080308\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Local Settings\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Bureau\SDFix\backups\backups.zip/backups/mrofinu881.exe.tmp Infecté : Trojan-Downloader.Win32.Agent.krh ignoré C:\Documents and Settings\pamela bonomi\Bureau\SDFix\backups\backups.zip ZIP: infecté - 1 ignoré C:\Documents and Settings\pamela bonomi\Bureau\catchme.zip/services.exe Infecté : Trojan.Win32.DNSChanger.azo ignoré C:\Documents and Settings\pamela bonomi\Bureau\catchme.zip ZIP: infecté - 1 ignoré C:\Documents and Settings\pamela bonomi\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\history.dat L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\search.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\cert8.db L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\key3.db L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\formhistory.dat L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\parent.lock L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\urlclassifier2.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\pamela bonomi\Application Data\Mozilla\Firefox\Profiles\fgcvldr1.default\GoogleToolbarData\googlesafebrowsing.db L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx L'objet est verrouillé ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP459\A0107624.sys Infecté : Trojan-Downloader.Win32.Delf.elk ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP460\A0107719.sys Infecté : Trojan-Downloader.Win32.Delf.elk ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP466\A0109399.old Infecté : Trojan-Downloader.Win32.Delf.euc ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP480\A0112983.exe Infecté : Trojan-Downloader.Win32.Small.irm ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0122023.exe Infecté : Trojan-Downloader.Win32.Small.irm ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0122024.exe Infecté : Trojan-Downloader.Win32.Small.irm ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0122025.exe Infecté : Trojan-Downloader.Win32.Small.irm ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0122058.exe Infecté : Trojan-Downloader.Win32.Small.irm ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0133219.exe Infecté : Trojan-Downloader.Win32.Agent.krh ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP481\A0133234.exe Infecté : Trojan-Downloader.Win32.Small.irm ignoré C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP482\change.log L'objet est verrouillé ignoré D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré D:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP480\A0112988.com Infecté : Trojan.Win32.DNSChanger.azo ignoré D:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP482\change.log L'objet est verrouillé ignoré Analyse terminée. Sachant que j'ai déjà viré les éléments (infecté) en rouge du pc merci par avance pour votre aide PS: on ma conseillé de passé un coup de combofix sur mon pc