Pierre2.0

HJT en mode normal : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:28:26, on 16/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\WINDOWS\System32\FTRTSVC.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Iomega\AutoDisk\ADService.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Keyboard Driver\Keyboard Driver\ikeymain.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\a-squared Anti-Malware\a2guard.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Apps\EZHome\EZStatus.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\OPScan.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\j2re1.4.2_05\bin\ssv.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [Keyboard driver ] "C:\Program Files\Keyboard Driver\Keyboard Driver\ikeymain.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [EzStatus] C:\Apps\EZHome\EZStatus.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab55762.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BDA50872-4680-4ABE-A470-4CB41D13FEFE}: NameServer = 192.168.1.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe -- End of file - 13520 bytes Pour ce qui est de norton, je n'ai rien d'autre, je crois, et je n'aurai aucun mal à m'en débarasser vu que je ne paye plus l'abonnement. Penses-tu que antivir fera l'affaire ou y'en a-t-il de mieux parmi les gratuits? Pour les spywares, je n'ai acquitté aucun abonnement, je n'ai que du gratuit. Je ne sais pas quoi garder. Hitman me semblait bien car il en gérait plusieurs à la fois. Qu'en penses-tu? Que faudrait-il que je garde? Pour java : j'avais pas compris, et d'ailleurs, hum.... je ne sais pas restaurer...... hum......bon......en fait, depuis que j'ai cet ordi, j'ai jamais eu à le faire alors.... bon....hum...... Je vais essayer de désinstaller et réinstaller, on va voir ce que ca donne. Pour l'instant, je vais me coucher. J'attends ton avis final pour supprimer norton et le remplacer par antivir. (j'ai aussi a-squared en ce moment) A + Pi-R

Bon, j'ai essayé sécunia. Java n'a toujours pas l'air de marcher.... Ca ne donne rien.

Ca y est, démarche complètement effectuée! Pfiu ! Je n'ai pas pu lancer spysweeper : expired ! J'ai lancé à la place avgantispyware et ccleaner. J'ai bien supprimé antivir mais je me demandais : quid des fichiers mis en quarantaine par antivir lorsque je l'ai supprimé? Ensuite, antivir a l'air pas mal. Est-ce que je ne pourrais pas virer Norton et le reste pour le remplacer par antivir? Voici les rapports : Antivir : Avira AntiVir Personal Report file date: mercredi 16 avril 2008 13:55 Scanning for 1202761 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Save mode Username: Pieter Computer name: DESEUF Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 16/04/2008 08:26:11 AVSCAN.DLL : 8.1.1.0 53505 Bytes 16/04/2008 08:26:11 LUKE.DLL : 8.1.2.9 151809 Bytes 16/04/2008 08:26:11 LUKERES.DLL : 8.1.2.1 12033 Bytes 16/04/2008 08:26:11 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 08:26:12 ANTIVIR2.VDF : 7.0.3.156 795136 Bytes 11/04/2008 08:26:12 ANTIVIR3.VDF : 7.0.3.171 125440 Bytes 16/04/2008 08:26:12 Engineversion : 8.1.0.30 AEVDF.DLL : 8.1.0.5 102772 Bytes 16/04/2008 08:26:12 AESCRIPT.DLL : 8.1.0.23 233851 Bytes 16/04/2008 08:26:12 AESCN.DLL : 8.1.0.13 115061 Bytes 16/04/2008 08:26:12 AERDL.DLL : 8.1.0.19 418164 Bytes 16/04/2008 08:26:12 AEPACK.DLL : 8.1.1.1 364918 Bytes 16/04/2008 08:26:12 AEOFFICE.DLL : 8.1.0.17 192891 Bytes 16/04/2008 08:26:12 AEHEUR.DLL : 8.1.0.18 1167735 Bytes 16/04/2008 08:26:12 AEHELP.DLL : 8.1.0.12 115063 Bytes 16/04/2008 08:26:12 AEGEN.DLL : 8.1.0.15 299379 Bytes 16/04/2008 08:26:12 AEEMU.DLL : 8.1.0.5 430450 Bytes 16/04/2008 08:26:12 AECORE.DLL : 8.1.0.26 168311 Bytes 16/04/2008 08:26:12 AVWINLL.DLL : 1.0.0.7 14593 Bytes 16/04/2008 08:26:11 AVPREF.DLL : 8.0.0.1 25857 Bytes 16/04/2008 08:26:11 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24 AVREG.DLL : 8.0.0.0 30977 Bytes 16/04/2008 08:26:11 AVARKT.DLL : 1.0.0.23 307457 Bytes 16/04/2008 08:26:10 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 16/04/2008 08:26:10 SQLITE3.DLL : 3.3.17.1 339968 Bytes 16/04/2008 08:26:11 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 16/04/2008 08:26:11 NETNT.DLL : 8.0.0.1 7937 Bytes 16/04/2008 08:26:11 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 16/04/2008 08:26:07 RCTEXT.DLL : 8.0.32.0 86273 Bytes 16/04/2008 08:26:07 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Start of the scan: mercredi 16 avril 2008 13:55 Starting search for hidden objects. The driver could not be initialized. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'SpySweeper.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 14 processes with 14 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Master boot sector HD2 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Master boot sector HD3 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Master boot sector HD4 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '34' files ). Starting the file scan: Begin scan in 'C:\' <HDD> C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! End of the scan: mercredi 16 avril 2008 15:53 Used time: 1:57:34 min The scan has been done completely. 10200 Scanning directories 440624 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 440624 Files not concerned 8062 Archives were scanned 6 Warnings 0 Notes Hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:17:17, on 16/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\j2re1.4.2_05\bin\ssv.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [Keyboard driver ] "C:\Program Files\Keyboard Driver\Keyboard Driver\ikeymain.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [EzStatus] C:\Apps\EZHome\EZStatus.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab55762.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BDA50872-4680-4ABE-A470-4CB41D13FEFE}: NameServer = 192.168.1.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe -- End of file - 11586 bytes ccleaner ETTOYAGE COMPLET - (8,354 secs) ------------------------------------------------------------------------------------------ 7,39MB supprimés. ------------------------------------------------------------------------------------------ Détails des fichiers effacés ------------------------------------------------------------------------------------------ Fichiers Temporaires d'Internet Explorer (fichiers 233) 2,49MB Marqué pour l'effacement: C:\Documents and Settings\Pieter\Local Settings\Temporary Internet Files\Content.IE5\index.dat Marqué pour l'effacement: C:\Documents and Settings\Pieter\Cookies\index.dat C:\DOCUME~1\Pieter\LOCALS~1\Temp\setA.tmp 0,11MB C:\WINDOWS\MiniDump\Mini022108-01.dmp 96,00KB C:\WINDOWS\MiniDump\Mini022208-01.dmp 96,00KB C:\WINDOWS\MiniDump\Mini022208-02.dmp 96,00KB C:\WINDOWS\MiniDump\Mini030208-01.dmp 96,00KB C:\WINDOWS\MiniDump\Mini032008-01.dmp 96,00KB C:\WINDOWS\MiniDump\Mini032008-02.dmp 96,00KB C:\WINDOWS\MiniDump\Mini032008-03.dmp 96,00KB C:\WINDOWS\MiniDump\Mini032008-04.dmp 96,00KB C:\WINDOWS\MiniDump\Mini040508-01.dmp 96,00KB C:\WINDOWS\MiniDump\Mini040508-02.dmp 96,00KB C:\WINDOWS\MiniDump\Mini040508-03.dmp 96,00KB C:\WINDOWS\MiniDump\Mini041008-01.dmp 96,00KB C:\WINDOWS\MiniDump\Mini041208-01.dmp 96,00KB C:\WINDOWS\MiniDump\Mini041508-01.dmp 96,00KB C:\WINDOWS\system32\wbem\Logs\mofcomp.log 860 bytes C:\WINDOWS\system32\wbem\Logs\wbemess.log 7,36KB C:\WINDOWS\system32\wbem\Logs\wbemprox.log 27,93KB C:\WINDOWS\system32\wbem\Logs\wmiadap.log 165 bytes C:\WINDOWS\system32\wbem\Logs\wmiprov.log 60,16KB C:\WINDOWS\system32\wbem\Logs\wbemess.lo_ 64,09KB C:\WINDOWS\system32\wbem\Logs\wbemprox.lo_ 64,06KB C:\WINDOWS\0.log 0 bytes C:\WINDOWS\comsetup.log 10,15KB C:\WINDOWS\DirectX.log 155 bytes C:\WINDOWS\DPINST.LOG 6,16KB C:\WINDOWS\FaxSetup.log 30,19KB C:\WINDOWS\iis6.log 4,86KB C:\WINDOWS\imsins.log 1,34KB C:\WINDOWS\KB941693.log 19,73KB C:\WINDOWS\KB944533-IE7.log 10,17KB C:\WINDOWS\KB945553.log 12,88KB C:\WINDOWS\KB947864-IE7.log 38,28KB C:\WINDOWS\KB948590.log 12,25KB C:\WINDOWS\KB948881.log 14,84KB C:\WINDOWS\msgsocm.log 1,51KB C:\WINDOWS\ntdtcsetup.log 6,14KB C:\WINDOWS\ocgen.log 14,24KB C:\WINDOWS\ocmsn.log 1,67KB C:\WINDOWS\setupact.log 0 bytes C:\WINDOWS\setupapi.log 20,94KB C:\WINDOWS\setuperr.log 0 bytes C:\WINDOWS\Sti_Trace.log 0 bytes C:\WINDOWS\tsoc.log 11,52KB C:\WINDOWS\updspapi.log 6,63KB C:\WINDOWS\wiadebug.log 275 bytes C:\WINDOWS\wiaservc.log 50 bytes C:\WINDOWS\WindowsUpdate.log 1,79MB C:\WINDOWS\wmsetup.log 8,41KB C:\WINDOWS\imsins.BAK 1,34KB C:\WINDOWS\ntbtlog.txt 0,30MB C:\WINDOWS\Debug\mrt.log 0,11MB C:\WINDOWS\Debug\mrteng.log 1,52KB C:\WINDOWS\Debug\TSCDebug.log 27 bytes C:\WINDOWS\SchedLgU.Txt 31,81KB C:\Documents and Settings\Pieter\Application Data\Real\RealPlayer\realplayer.ste 0 bytes C:\Documents and Settings\Pieter\Application Data\Real\RealPlayer\History\Vidéo - www.real.com.lnk 1,74KB C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\ads1.msn.com\_msn_buick.sol 50 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\ads1.msn.com\_msn_dodge_040708.sol 57 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\alice.dailymotion.com\flash\dmplayer\dmplayer.swf\dmplayer.sol 89 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\fr.youtube.com\soundData.sol 58 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\fr.youtube.com\videostats.sol 199 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\jp.youtube.com\soundData.sol 58 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\jp.youtube.com\videostats.sol 85 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\media.free-homemade-porn.com\com.jeroenwijering.players.sol 66 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\preprod.dailymotion.com\flash\dmplayer\dmplayer.swf\dmplayer.sol 89 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\skype.com\#ui\preferences.sol 259 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\startrek.com\html\images\site\navigation_4.2.swf\menucookie.sol 5,83KB C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\store.nike.com\emeastore\siteshell\shell.swf\nikedev.framfab.dk.sol 383 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\video.google.com\googleplayer.swf\mediaPlayerUserSettings.sol 94 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\video.google.com\videostats.sol 123 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\video.google.fr\googleplayer.swf\mediaPlayerUserSettings.sol 94 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\video.google.fr\videostats.sol 85 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\videos.leparisien.fr\swf\p.swf\userPrefs.sol 54 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\wat.tv\images\v2.5\flash\player.swf\watPlayer.sol 70 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\wat.tv\images\v2.5\flash\player.swf\watPlayerOAS.sol 65 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.arte.tv\ap7_muteCheck.sol 50 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.dailymotion.com\flash\dmplayer\dmplayer-fr.swf\dmplayer.sol 89 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.dailymotion.com\flash\dmplayer\dmplayer.swf\dmplayer.sol 89 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.deezer.com\deezer.swf\deezer.sol 101 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.deezer.com\player.swf\deezer.sol 46 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.prizee.com\coffreZeratrum.sol 61 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.prizee.com\swf\archekoulapic.fr.swf\#Koulapic2\opt.sol 145 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.skype.com\download.sol 46 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.team4f1.com\home.swf\visiteur.sol 50 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.team4f1.com\map.swf\map2_Alaris37.sol 566 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.tfou.fr\tfou.sol 100 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.wideo.fr\swf\p.swf\userPrefs.sol 54 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.youtube.com\soundData.sol 58 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.youtube.com\soundData_level0.loadClip.sol 74 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www.youtube.com\timeDisplayConfig.sol 81 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\#SharedObjects\5MZZJ3SE\www8.agame.com\games\flash\b\burger_restaurant\burger_restaurant_jeux_fr.swf\Burger_Restaurant2.sol 1,38KB C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#ads1.msn.com\settings.sol 82 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#alice.dailymotion.com\settings.sol 91 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#fr.youtube.com\settings.sol 84 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#img2.kult-mag.com\settings.sol 87 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#jp.youtube.com\settings.sol 84 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#local\settings.sol 75 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.free-homemade-porn.com\settings.sol 98 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#preprod.dailymotion.com\settings.sol 93 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#skype.com\settings.sol 79 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#startrek.com\settings.sol 82 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#store.nike.com\settings.sol 84 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#video.google.com\settings.sol 86 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#video.google.fr\settings.sol 85 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#videos.leparisien.fr\settings.sol 90 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#wat.tv\settings.sol 76 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.arte.tv\settings.sol 81 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.dailymotion.com\settings.sol 89 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.deezer.com\settings.sol 84 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.prizee.com\settings.sol 84 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.skype.com\settings.sol 83 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.team4f1.com\settings.sol 85 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.tfou.fr\settings.sol 81 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.wideo.fr\settings.sol 82 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.youtube.com\settings.sol 85 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www8.agame.com\settings.sol 84 bytes C:\Documents and Settings\Pieter\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 843 bytes C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080330-1707.log 241 bytes C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080330-1744.txt 1,39KB C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Update downloads.log 2,54KB C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Statistics.ini 0 bytes C:\Program Files\eMule\config\AC_SearchStrings.dat 804 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\0\6535dc40-319e9c5c 15,70KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\0\6535dc40-319e9c5c.idx 116 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\19\25e00cd3-720e6c4f 0,14MB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\19\25e00cd3-720e6c4f.idx 259 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\19\364412d3-32b80436 7,55KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\19\364412d3-32b80436.idx 117 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\20\53332394-742105b7 5,40KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\20\53332394-742105b7.idx 118 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\22\63a37696-6c9e7173 2,59KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\22\63a37696-6c9e7173.idx 116 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\24\714bdb98-36123099 0,17MB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\24\714bdb98-36123099.idx 6,39KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\25\53a6d3d9-562aa40b 1,31KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\25\53a6d3d9-562aa40b.idx 116 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\28\2b1d885c-7faae0a3 759 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\28\2b1d885c-7faae0a3.idx 115 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\29\353f961d-1fd89da1 81,13KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\29\353f961d-1fd89da1.idx 126 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\3\28beda03-522f229d 12,62KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\3\28beda03-522f229d.idx 116 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\3\4e6905c3-7fd01a75 14,32KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\3\4e6905c3-7fd01a75.idx 115 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\30\3a1b6f9e-587c3784 1,53KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\30\3a1b6f9e-587c3784.idx 515 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\31\2bbad05f-11eb44de 8,63KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\31\2bbad05f-11eb44de.idx 116 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\34\17f5f6a2-2c1d1302 1,73KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\34\17f5f6a2-2c1d1302.idx 116 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\35\4466bce3-44930ec8 12,33KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\35\4466bce3-44930ec8.idx 118 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\44\b1e51ec-1d65a0a9 7,10KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\44\b1e51ec-1d65a0a9.idx 117 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\48\b68d2b0-154a2627 1,02KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\48\b68d2b0-154a2627.idx 281 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\58\560a537a-77ffe2c9 0,27MB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\58\560a537a-77ffe2c9.idx 6,16KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\6\2829a146-67570ef6 2,76KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\6\2829a146-67570ef6.idx 117 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\62\fbbbd7e-70c52009 2,97KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\62\fbbbd7e-70c52009.idx 114 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\63\bc829bf-4ce68e2b 3,70KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\63\bc829bf-4ce68e2b.idx 116 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\7\206a4d47-4747ad83 6,82KB C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\7\206a4d47-4747ad83.idx 115 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\host\12006d6d-7c2f6f7c.hst 11 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\host\63b72174-44d1b41b.hst 14 bytes C:\Documents and Settings\Pieter\Application Data\Sun\Java\Deployment\cache\6.0\lastAccessed 1 bytes ------------------------------------------------------------------------------------------ --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 17:15:17 16/04/2008 + Résultat de l'analyse: Rien à signaler. Fin du rapport

Bien, pour l'instant, j'ai fait 1,2 et 3. J'arrive au 4. Tout s'est passé comme prévu. Antivir a détecté le fameux dll, mais n'a pas ni le supprimer, ni le mettre en quarantaine pour l'instant. En revanche, il a redétecté tous ceux que Norton avait mis en quarantaine et les a remis dans SA quarantaine... Voici le rapport pour l'instant : Avira AntiVir Personal Report file date: mercredi 16 avril 2008 10:30 Scanning for 1202761 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: DESEUF Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 16/04/2008 08:26:11 AVSCAN.DLL : 8.1.1.0 53505 Bytes 16/04/2008 08:26:11 LUKE.DLL : 8.1.2.9 151809 Bytes 16/04/2008 08:26:11 LUKERES.DLL : 8.1.2.1 12033 Bytes 16/04/2008 08:26:11 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 08:26:12 ANTIVIR2.VDF : 7.0.3.156 795136 Bytes 11/04/2008 08:26:12 ANTIVIR3.VDF : 7.0.3.171 125440 Bytes 16/04/2008 08:26:12 Engineversion : 8.1.0.30 AEVDF.DLL : 8.1.0.5 102772 Bytes 16/04/2008 08:26:12 AESCRIPT.DLL : 8.1.0.23 233851 Bytes 16/04/2008 08:26:12 AESCN.DLL : 8.1.0.13 115061 Bytes 16/04/2008 08:26:12 AERDL.DLL : 8.1.0.19 418164 Bytes 16/04/2008 08:26:12 AEPACK.DLL : 8.1.1.1 364918 Bytes 16/04/2008 08:26:12 AEOFFICE.DLL : 8.1.0.17 192891 Bytes 16/04/2008 08:26:12 AEHEUR.DLL : 8.1.0.18 1167735 Bytes 16/04/2008 08:26:12 AEHELP.DLL : 8.1.0.12 115063 Bytes 16/04/2008 08:26:12 AEGEN.DLL : 8.1.0.15 299379 Bytes 16/04/2008 08:26:12 AEEMU.DLL : 8.1.0.5 430450 Bytes 16/04/2008 08:26:12 AECORE.DLL : 8.1.0.26 168311 Bytes 16/04/2008 08:26:12 AVWINLL.DLL : 1.0.0.7 14593 Bytes 16/04/2008 08:26:11 AVPREF.DLL : 8.0.0.1 25857 Bytes 16/04/2008 08:26:11 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24 AVREG.DLL : 8.0.0.0 30977 Bytes 16/04/2008 08:26:11 AVARKT.DLL : 1.0.0.23 307457 Bytes 16/04/2008 08:26:10 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 16/04/2008 08:26:10 SQLITE3.DLL : 3.3.17.1 339968 Bytes 16/04/2008 08:26:11 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 16/04/2008 08:26:11 NETNT.DLL : 8.0.0.1 7937 Bytes 16/04/2008 08:26:11 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 16/04/2008 08:26:07 RCTEXT.DLL : 8.0.32.0 86273 Bytes 16/04/2008 08:26:07 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Start of the scan: mercredi 16 avril 2008 10:30 Starting search for hidden objects. The driver could not be initialized. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'symwscno.exe' - '1' Module(s) have been scanned Scan process 'Watch.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'symwsc.exe' - '1' Module(s) have been scanned Scan process 'ADService.exe' - '1' Module(s) have been scanned Scan process 'SpySweeper.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'slserv.exe' - '1' Module(s) have been scanned Scan process 'SAVSCAN.EXE' - '1' Module(s) have been scanned Scan process 'NAVAPSVC.EXE' - '1' Module(s) have been scanned Scan process 'MDM.EXE' - '1' Module(s) have been scanned Scan process 'AppServices.exe' - '1' Module(s) have been scanned Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned Scan process 'CCPROXY.EXE' - '1' Module(s) have been scanned Scan process 'guard.exe' - '1' Module(s) have been scanned Scan process 'a2service.exe' - '1' Module(s) have been scanned Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned Scan process 'PollingModule.exe' - '1' Module(s) have been scanned Scan process 'Inactivity.exe' - '1' Module(s) have been scanned Scan process 'Toaster.exe' - '1' Module(s) have been scanned Scan process 'ComComp.exe' - '1' Module(s) have been scanned Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'EZStatus.exe' - '1' Module(s) have been scanned Scan process 'realsched.exe' - '1' Module(s) have been scanned Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned Scan process 'vcsplay.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'Ikeymain.exe' - '1' Module(s) have been scanned Scan process 'CCAPP.EXE' - '1' Module(s) have been scanned Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned Scan process 'ALCWZRD.EXE' - '1' Module(s) have been scanned Scan process 'SoundMan.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'CCEVTMGR.EXE' - '1' Module(s) have been scanned Scan process 'SNDSrvc.exe' - '1' Module(s) have been scanned Scan process 'CCSETMGR.EXE' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 55 processes with 55 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Master boot sector HD2 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Master boot sector HD3 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Master boot sector HD4 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. C:\WINDOWS\system32\ufat32.dll [DETECTION] Is the Trojan horse TR/Hijacker.Gen [WARNING] The file could not be deleted! The registry was scanned ( '30' files ). Starting the file scan: Begin scan in 'C:\' <HDD> C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0207604D.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0207604D.exe [DETECTION] Is the Trojan horse TR/Favadd.AN.3 [NOTE] The file was moved to '4835d0cc.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\05A15D5F [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\05A15D5F [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4846d0d9.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\05B80345 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\05B80345 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4847d0dd.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06264A40 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06264A40 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4837d0e1.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\09754E9D [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\09754E9D [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '483cd0ed.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0B7234D6 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0B7234D6 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '483cd0fa.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0DEB61C4 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0DEB61C4 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '484ad0fc.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\10845603 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\10845603 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '483dd0e9.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\13E31C8F.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\13E31C8F.exe [DETECTION] Is the Trojan horse TR/Drop.Small.act [NOTE] The file was moved to '484ad0ec.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\14980DEA [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\14980DEA [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '483ed0ee.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\15BD7169 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\15BD7169 [DETECTION] Is the Trojan horse TR/PSW.Small.bs [NOTE] The file was moved to '4847d0ef.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1E55154C [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1E55154C [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '483ad100.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1E65673B [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1E65673B [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '483bd100.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\235C65D0 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\235C65D0 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '483ad0ee.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\23730BB7 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\23730BB7 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '483cd0ef.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\26EC1BFF [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\26EC1BFF [DETECTION] Contains detection pattern of the worm WORM/Eyeveg.I [NOTE] The file was moved to '484ad0f2.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\26EE4D22 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\26EE4D22 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '49fcf23b.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3DC74342 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3DC74342 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4848d101.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\400002E1 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\400002E1 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4835d0ed.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\41ED17E9.zip [DETECTION] Contains detection pattern of the Java virus JAVA/OpenConne.AA [NOTE] The file was moved to '484ad0ee.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\475D799D [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\475D799D [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '483ad0f5.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\47C3028B [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\47C3028B [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4848d0f5.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\48BD7BDA.part [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\48BD7BDA.part [DETECTION] Contains detection pattern of the worm WORM/Backterra.D [NOTE] The file was moved to '4847d0f6.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\493A61E2 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\493A61E2 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4838d0f7.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\494A33D0 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\494A33D0 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4839d0f8.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4B716D55 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4B716D55 [DETECTION] Contains detection pattern of the worm WORM/Klez.E [NOTE] The file was moved to '483cd101.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4CB87AFC [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4CB87AFC [DETECTION] Contains detection pattern of the worm WORM/Sober.Y [NOTE] The file was moved to '4847d102.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4F2F0C1E [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4F2F0C1E [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4837d106.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\50E900B6 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\50E900B6 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '484ad0f0.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\51D41B07 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\51D41B07 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4849d0f1.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\520B723D [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\520B723D [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4835d0f3.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\59CA62C1 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\59CA62C1 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4848d0fa.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5AD22B9D [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5AD22B9D [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4849d102.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\69DB408A [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\69DB408A [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4849d0fb.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6E401243 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6E401243 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4839d107.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\73127A7A [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\73127A7A [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4836d0f5.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C413C45 [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C413C45 [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '4839d105.qua'! C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7CE0706B [0] Archive type: HIDDEN --> FIL\\\?\C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7CE0706B [DETECTION] Contains detection pattern of the worm WORM/Mytob.IN.2 [NOTE] The file was moved to '484ad106.qua'! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP816\A0585372.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP816\A0585372.exe [DETECTION] Is the Trojan horse TR/Dldr.Zlob.DQ [NOTE] The file was moved to '483ad308.qua'! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP816\A0585373.pif [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP816\A0585373.pif [DETECTION] Is the Trojan horse TR/Agent.24772 [NOTE] The file was moved to '498fc821.qua'! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP816\A0585374.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP816\A0585374.exe [DETECTION] Is the Trojan horse TR/Small.FB.38 [NOTE] The file was moved to '483ad30a.qua'! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP821\A0588412.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP821\A0588412.exe [DETECTION] Is the Trojan horse TR/Favadd.AN.3 [NOTE] The file was moved to '483ad328.qua'! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP821\A0588413.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP821\A0588413.exe [DETECTION] Is the Trojan horse TR/Drop.Small.act [NOTE] The file was moved to '483ad329.qua'! C:\WINDOWS\system32\ufat32.dll [DETECTION] Is the Trojan horse TR/Hijacker.Gen [WARNING] An error has occurred and the file was not deleted. ErrorID: 26003 [WARNING] C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! End of the scan: mercredi 16 avril 2008 12:32 Used time: 2:01:55 min The scan has been done completely. 10401 Scanning directories 453267 Files were scanned 45 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 43 files were moved to quarantine 0 files were renamed 3 Files cannot be scanned 453222 Files not concerned 8126 Archives were scanned 9 Warnings 43 Notes J'attaque le 4.

Bon, apparement, gros crash. J'ai réussi à réinstaller java via téléchargement manuel mais ca n'a rien changé. Et je ne peux plus ouvrir Ajout/suppression de programme depuis le panneau de configuration. J'arrête là....

Je ne peux plus réinstaller java.... Et j'ai ça qui est apparu sur le bureau : # # An unexpected error has been detected by Java Runtime Environment: # # EXCEPTION_ILLEGAL_INSTRUCTION (0xc000001d) at pc=0x6d575ca2, pid=952, tid=2828 # # Java VM: Java HotSpot Client VM (10.0-b19 mixed mode windows-x86) # Problematic frame: # C 0x6d575ca2 # # If you would like to submit a bug report, please visit: # http://java.sun.com/webapps/bugreport/crash.jsp # The crash happened outside the Java Virtual Machine in native code. # See problematic frame for where to report the bug. # --------------- T H R E A D --------------- Current thread (0x0d444c00): JavaThread "Thread-702" [_thread_in_native, id=2828, stack(0x09370000,0x09470000)] siginfo: ExceptionCode=0xc000001d Registers: EAX=0x6d575ca2, EBX=0x38d954b0, ECX=0x0d444cf4, EDX=0x38d97bb0 ESP=0x0946f45c, EBP=0x0946f490, ESI=0x38d954a8, EDI=0x0d444c00 EIP=0x6d575ca2, EFLAGS=0x00010206 Top of Stack: (sp=0x0946f45c) 0x0946f45c: 0a849c71 0d444cf4 0946f4a4 00000001 0x0946f46c: ffffffff 0946f470 00000000 0946f4a4 0x0946f47c: 38d97bb0 00000000 38d954b0 00000000 0x0946f48c: 0946f4a0 0946f4d0 0a842cb1 00000000 0x0946f49c: 0a848089 00000001 3267b010 00000005 0x0946f4ac: 3267b010 0946f4a8 38d93980 0946f4dc 0x0946f4bc: 38d97bb0 00000000 38d939a8 0946f4a0 0x0946f4cc: 0946f4d8 0946f500 0a842cb1 00000001 Instructions: (pc=0x6d575ca2) 0x6d575c92: 74 06 8b 08 50 ff 51 08 8b 45 ec c7 45 fc ff ff 0x6d575ca2: ff ff 85 c0 74 06 8b 10 50 ff 52 08 b8 05 00 07 Stack: [0x09370000,0x09470000], sp=0x0946f45c, free space=1021k Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code) C 0x6d575ca2 v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::StubRoutines (1) Java frames: (J=compiled Java code, j=interpreted, Vv=VM code) v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::StubRoutines (1) J java.security.AccessController.doPrivileged(Ljava/security/PrivilegedAction;)Ljava/lang/Object; v ~BufferBlob::Interpreter v ~BufferBlob::Interpreter v ~BufferBlob::StubRoutines (1) --------------- P R O C E S S --------------- Java Threads: ( => current thread ) =>0x0d444c00 JavaThread "Thread-702" [_thread_in_native, id=2828, stack(0x09370000,0x09470000)] 0x0d39d400 JavaThread "Timer-2" [_thread_blocked, id=2568, stack(0x05a10000,0x05b10000)] 0x0d444400 JavaThread "Thread-699" [_thread_blocked, id=3232, stack(0x09df0000,0x09ef0000)] 0x0dbc1400 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=1384, stack(0x0e180000,0x0e280000)] 0x0315a400 JavaThread "thread applet-com.secunia.SoftwareInspector.SIApplet" [_thread_blocked, id=3720, stack(0x0a200000,0x0a300000)] 0x0db88400 JavaThread "AWT-EventQueue-5" [_thread_blocked, id=1708, stack(0x0a100000,0x0a200000)] 0x0ca77c00 JavaThread "Thread-695" [_thread_in_native, id=3048, stack(0x05e70000,0x05f70000)] 0x0db9a400 JavaThread "AWT-Shutdown" [_thread_blocked, id=800, stack(0x09ef0000,0x09ff0000)] 0x0d2de000 JavaThread "CacheCleanUpThread" daemon [_thread_blocked, id=2652, stack(0x0d880000,0x0d980000)] 0x0d2d1c00 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=2928, stack(0x0d780000,0x0d880000)] 0x0d2bec00 JavaThread "AWT-Windows" daemon [_thread_in_native, id=3768, stack(0x0d680000,0x0d780000)] 0x0d2bb800 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=3628, stack(0x0d480000,0x0d580000)] 0x0ca1b400 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=3772, stack(0x0d080000,0x0d180000)] 0x0ca0d800 JavaThread "CompilerThread0" daemon [_thread_blocked, id=240, stack(0x0cf80000,0x0d080000)] 0x0ca0c400 JavaThread "Attach Listener" daemon [_thread_blocked, id=2656, stack(0x0ce80000,0x0cf80000)] 0x0ca0b400 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=3452, stack(0x0cd80000,0x0ce80000)] 0x0c9fa400 JavaThread "Finalizer" daemon [_thread_blocked, id=3428, stack(0x0cc80000,0x0cd80000)] 0x0c9f9400 JavaThread "Reference Handler" daemon [_thread_blocked, id=2500, stack(0x0cb80000,0x0cc80000)] Other Threads: 0x0c9f4c00 VMThread [stack: 0x0ca80000,0x0cb80000] [id=1608] 0x0ca36800 WatcherThread [stack: 0x0d180000,0x0d280000] [id=3876] VM state:at safepoint (normal execution) VM Mutex/Monitor currently owned by a thread: ([mutex/lock_event]) [0x03159c08/0x00001004] Safepoint_lock - owner thread: 0x0c9f4c00 [0x03159c68/0x00001014] Threads_lock - owner thread: 0x0c9f4c00 [0x03159e08/0x00001054] Heap_lock - owner thread: 0x0d444400 Heap def new generation total 960K, used 959K [0x325e0000, 0x326e0000, 0x32d40000) eden space 896K, 100% used [0x325e0000, 0x326c0000, 0x326c0000) from space 64K, 99% used [0x326c0000, 0x326cfff8, 0x326d0000) to space 64K, 0% used [0x326d0000, 0x326d0000, 0x326e0000) tenured generation total 6540K, used 6202K [0x32d40000, 0x333a3000, 0x385e0000) the space 6540K, 94% used [0x32d40000, 0x3334e960, 0x3334ea00, 0x333a3000) compacting perm gen total 12288K, used 11763K [0x385e0000, 0x391e0000, 0x3c5e0000) the space 12288K, 95% used [0x385e0000, 0x3915ce30, 0x3915d000, 0x391e0000) No shared spaces configured. Dynamic libraries: 0x00400000 - 0x0049b000 C:\Program Files\Internet Explorer\IEXPLORE.EXE 0x7c910000 - 0x7c9c7000 C:\WINDOWS\system32\ntdll.dll 0x7c800000 - 0x7c905000 C:\WINDOWS\system32\kernel32.dll 0x77da0000 - 0x77e4c000 C:\WINDOWS\system32\ADVAPI32.dll 0x77e50000 - 0x77ee2000 C:\WINDOWS\system32\RPCRT4.dll 0x77fc0000 - 0x77fd1000 C:\WINDOWS\system32\Secur32.dll 0x77ef0000 - 0x77f37000 C:\WINDOWS\system32\GDI32.dll 0x7e390000 - 0x7e420000 C:\WINDOWS\system32\USER32.dll 0x77be0000 - 0x77c38000 C:\WINDOWS\system32\msvcrt.dll 0x77f40000 - 0x77fb6000 C:\WINDOWS\system32\SHLWAPI.dll 0x7c9d0000 - 0x7d1f4000 C:\WINDOWS\system32\SHELL32.dll 0x774a0000 - 0x775dd000 C:\WINDOWS\system32\ole32.dll 0x44160000 - 0x44287000 C:\WINDOWS\system32\urlmon.dll 0x770e0000 - 0x7716b000 C:\WINDOWS\system32\OLEAUT32.dll 0x43e00000 - 0x43e45000 C:\WINDOWS\system32\iertutil.dll 0x77bd0000 - 0x77bd8000 C:\WINDOWS\system32\VERSION.dll 0x76320000 - 0x7633d000 C:\WINDOWS\system32\IMM32.DLL 0x62dc0000 - 0x62dc9000 C:\WINDOWS\system32\LPK.DLL 0x753c0000 - 0x7542b000 C:\WINDOWS\system32\USP10.dll 0x77390000 - 0x77493000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 0x58b50000 - 0x58bea000 C:\WINDOWS\system32\comctl32.dll 0x67800000 - 0x6783b000 C:\Program Files\a-squared Anti-Malware\a2handler.dll 0x44360000 - 0x4492d000 C:\WINDOWS\system32\IEFRAME.dll 0x76ba0000 - 0x76bab000 C:\WINDOWS\system32\PSAPI.DLL 0x5b090000 - 0x5b0c8000 C:\WINDOWS\system32\UxTheme.dll 0x10000000 - 0x10030000 C:\PROGRA~1\FICHIE~1\SYMANT~1\ANTISPAM\asOEHook.dll 0x7c000000 - 0x7c054000 C:\WINDOWS\system32\MSVCR70.dll 0x74690000 - 0x746db000 C:\WINDOWS\system32\MSCTF.dll 0x20000000 - 0x202da000 C:\WINDOWS\system32\xpsp2res.dll 0x75140000 - 0x7516e000 C:\WINDOWS\system32\msctfime.ime 0x5dff0000 - 0x5e01f000 C:\WINDOWS\system32\IEUI.dll 0x76310000 - 0x76315000 C:\WINDOWS\system32\MSIMG32.dll 0x4eb80000 - 0x4ed23000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll 0x47060000 - 0x47081000 C:\WINDOWS\system32\xmllite.dll 0x77b50000 - 0x77b72000 C:\WINDOWS\system32\apphelp.dll 0x76f80000 - 0x76fff000 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 - 0x770d4000 C:\WINDOWS\system32\COMRes.dll 0x74660000 - 0x7468a000 C:\WINDOWS\system32\msimtf.dll 0x765b0000 - 0x76606000 C:\WINDOWS\System32\cscui.dll 0x76590000 - 0x765ad000 C:\WINDOWS\System32\CSCDLL.dll 0x778e0000 - 0x779d8000 C:\WINDOWS\system32\SETUPAPI.dll 0x325c0000 - 0x325d2000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll 0x61930000 - 0x6197a000 C:\Program Files\Internet Explorer\ieproxy.dll 0x44080000 - 0x44150000 C:\WINDOWS\system32\WININET.dll 0x01a90000 - 0x01a99000 C:\WINDOWS\system32\Normaliz.dll 0x75d30000 - 0x75dc1000 C:\WINDOWS\system32\MLANG.dll 0x719f0000 - 0x71a07000 C:\WINDOWS\system32\ws2_32.dll 0x719e0000 - 0x719e8000 C:\WINDOWS\system32\WS2HELP.dll 0x472b0000 - 0x47337000 C:\Program Files\Windows Live Toolbar\msntb.dll 0x779e0000 - 0x77a76000 C:\WINDOWS\system32\CRYPT32.dll 0x77a80000 - 0x77a92000 C:\WINDOWS\system32\MSASN1.dll 0x76960000 - 0x76a15000 C:\WINDOWS\system32\USERENV.dll 0x76be0000 - 0x76c0e000 C:\WINDOWS\system32\WINTRUST.dll 0x76c40000 - 0x76c68000 C:\WINDOWS\system32\IMAGEHLP.dll 0x748f0000 - 0x74a03000 C:\WINDOWS\system32\msxml3.dll 0x02b60000 - 0x02b67000 C:\Program Files\Windows Live Toolbar\fr-fr\mtbres.dll.mui 0x02b70000 - 0x02b7a000 C:\Program Files\Windows Live Toolbar\mtbres.dll 0x47190000 - 0x47201000 C:\Program Files\Windows Live Toolbar\Tem.dll 0x02ba0000 - 0x02ba3000 C:\Program Files\Windows Live Toolbar\fr-fr\searchboxRes.dll.mui 0x02bb0000 - 0x02bba000 C:\Program Files\Windows Live Toolbar\searchboxRes.dll 0x02bc0000 - 0x02bd1000 C:\Program Files\Windows Live Toolbar\Components\fr-fr\hvres.dll.mui 0x02be0000 - 0x02bea000 C:\Program Files\Windows Live Toolbar\Components\hvres.dll 0x02c00000 - 0x02c3b000 C:\Program Files\Windows Live Toolbar\fr-fr\CMRes.dll.mui 0x02c40000 - 0x02c44000 C:\Program Files\Windows Live Toolbar\CMRes.dll 0x46ce0000 - 0x46d35000 C:\Program Files\Windows Live Favorites\wlfext.dll 0x02c60000 - 0x02c62000 C:\Program Files\Windows Live Toolbar\fr-fr\msn_slrs.DLL.mui 0x473a0000 - 0x473a3000 C:\Program Files\Windows Live Toolbar\msn_slrs.DLL 0x02c70000 - 0x02c72000 C:\Program Files\Windows Live Toolbar\Components\fr-fr\MSNExtensionRes.dll.mui 0x02c80000 - 0x02c84000 C:\Program Files\Windows Live Toolbar\Components\MSNExtensionRes.dll 0x02c90000 - 0x02c92000 C:\Program Files\Windows Live Toolbar\Components\fr-fr\SmaMenRes.dll.mui 0x02ca0000 - 0x02ca2000 C:\Program Files\Windows Live Toolbar\Components\SmaMenRes.dll 0x02cb0000 - 0x02cb3000 C:\Program Files\Windows Live Toolbar\fr-fr\CBRes.dll.mui 0x02cc0000 - 0x02cc3000 C:\Program Files\Windows Live Toolbar\CBRes.dll 0x47490000 - 0x474fb000 C:\Program Files\Windows Live Toolbar\Components\msnHiliteViewer.dll 0x02cf0000 - 0x02d00000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 0x78130000 - 0x781cb000 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x02f40000 - 0x03015000 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 0x03130000 - 0x03147000 C:\WINDOWS\system32\olepro32.dll 0x6d7c0000 - 0x6d83b000 C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll 0x7c340000 - 0x7c396000 C:\Program Files\Java\jre1.6.0_05\bin\MSVCR71.dll 0x29500000 - 0x29552000 C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 0x0ffd0000 - 0x0fff8000 C:\WINDOWS\system32\rsaenh.dll 0x27500000 - 0x275e1000 C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\msidcrl40.dll 0x74bf0000 - 0x74c1c000 C:\WINDOWS\system32\OLEACC.dll 0x76010000 - 0x76075000 C:\WINDOWS\system32\MSVCP60.dll 0x72220000 - 0x72225000 C:\WINDOWS\system32\SensApi.dll 0x03390000 - 0x033b1000 C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll 0x034d0000 - 0x035f1000 c:\program files\google\googletoolbar2.dll 0x71a10000 - 0x71a1a000 C:\WINDOWS\system32\WSOCK32.dll 0x76ae0000 - 0x76b0f000 C:\WINDOWS\system32\WINMM.dll 0x46e90000 - 0x46eea000 C:\Program Files\Windows Live Toolbar\searchbox.dll 0x47370000 - 0x47398000 C:\Program Files\Windows Live Toolbar\stmain.dll 0x470b0000 - 0x4710a000 C:\Program Files\Windows Live Toolbar\cm.dll 0x7d200000 - 0x7d4be000 C:\WINDOWS\system32\msi.dll 0x473b0000 - 0x473e7000 C:\Program Files\Windows Live Toolbar\msn_slps.dll 0x46d50000 - 0x46d8a000 C:\Program Files\Windows Live Toolbar\Components\WLExtension.dll 0x46de0000 - 0x46e62000 C:\Program Files\Windows Live Toolbar\Components\smamen.dll 0x47130000 - 0x47171000 C:\Program Files\Windows Live Toolbar\CB.dll 0x77210000 - 0x772c1000 C:\WINDOWS\system32\SXS.DLL 0x03f40000 - 0x03f44000 C:\Program Files\Windows Live Favorites\WLFExtRes.dll 0x46da0000 - 0x46dbc000 C:\Program Files\Windows Live Favorites\TBIDCRL.dll 0x6fee0000 - 0x6ff34000 C:\WINDOWS\system32\netapi32.dll 0x75ed0000 - 0x75ee3000 C:\WINDOWS\system32\cryptnet.dll 0x76f10000 - 0x76f3d000 C:\WINDOWS\system32\WLDAP32.dll 0x4d5e0000 - 0x4d638000 C:\WINDOWS\system32\WINHTTP.dll 0x76e90000 - 0x76ecc000 C:\WINDOWS\system32\RASAPI32.dll 0x76e40000 - 0x76e52000 C:\WINDOWS\system32\rasman.dll 0x76e60000 - 0x76e8f000 C:\WINDOWS\system32\TAPI32.dll 0x76e30000 - 0x76e3e000 C:\WINDOWS\system32\rtutils.dll 0x04dc0000 - 0x04dcb000 C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL 0x77c40000 - 0x77c63000 C:\WINDOWS\system32\msv1_0.dll 0x76d10000 - 0x76d29000 C:\WINDOWS\system32\iphlpapi.dll 0x04e00000 - 0x04e18000 C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll 0x76ac0000 - 0x76ad1000 C:\WINDOWS\system32\ATL.DLL 0x7c080000 - 0x7c0f7000 C:\WINDOWS\system32\MSVCP70.dll 0x71990000 - 0x719d0000 C:\WINDOWS\system32\mswsock.dll 0x62e40000 - 0x62e99000 C:\WINDOWS\system32\hnetcfg.dll 0x719d0000 - 0x719d8000 C:\WINDOWS\System32\wshtcpip.dll 0x79000000 - 0x79046000 C:\WINDOWS\system32\mscoree.dll 0x63f00000 - 0x63f0c000 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll 0x71ca0000 - 0x71cbc000 C:\WINDOWS\system32\actxprxy.dll 0x050c0000 - 0x050e6000 C:\Program Files\Windows Live Toolbar\Components\COMCRF\COMCRF.dll 0x05380000 - 0x05387000 C:\PROGRA~1\Wanadoo\Inactivity.dll 0x76f70000 - 0x76f76000 C:\WINDOWS\system32\rasadhlp.dll 0x76ed0000 - 0x76ef7000 C:\WINDOWS\system32\DNSAPI.dll 0x44a40000 - 0x44db4000 C:\WINDOWS\system32\mshtml.dll 0x052c0000 - 0x052e9000 C:\WINDOWS\system32\msls31.dll 0x449d0000 - 0x44a30000 C:\WINDOWS\system32\ieapfltr.dll VM Arguments: jvm_args: -Xbootclasspath/a:C:\PROGRA~1\Java\JRE16~1.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE16~1.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.6.0_05 -Djavaplugin.nodotversion=160_05 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE16~1.0_0 -Djavaplugin.vm.options=-Djava.class.path=C:\PROGRA~1\Java\JRE16~1.0_0\classes -Xbootclasspath/a:C:\PROGRA~1\Java\JRE16~1.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE16~1.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.6.0_05 -Djavaplugin.nodotversion=160_05 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE16~1.0_0 java_command: <unknown> Launcher Type: generic Environment Variables: CLASSPATH=.;C:\IS;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip PATH=C:\PROGRA~1\Java\JRE16~1.0_0\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\ATI Technologies\ATI Control Panel;C:\PROGRA~1\FICHIE~1\SONICS~1\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Satsuki Decoder Pack\filtres\divers;C:\Program Files\Satsuki Decoder Pack\filtres;. USERNAME=Pieter OS=Windows_NT PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel --------------- S Y S T E M --------------- OS: Windows XP Build 2600 Service Pack 2 CPU:total 1 (1 cores per cpu, 1 threads per core) family 15 model 3 stepping 4, cmov, cx8, fxsr, mmx, sse, sse2, sse3 Memory: 4k page, physical 1048048k(385368k free), swap 2520452k(1770908k free) vm_info: Java HotSpot Client VM (10.0-b19) for windows-x86 JRE (1.6.0_05-b13), built on Feb 22 2008 01:16:53 by "java_re" with MS VC++ 7.1 time: Tue Apr 15 13:09:25 2008 elapsed time: 7666 seconds

Bon : - mise à jour de Skype - mise à jour de Win Amp Mais soudain, secunia s'est mis à ne plus fonctionner, et l'ouverture des fenêtres internet prend de plus en plus de temps... Faut-il réinstaller java?

Merci pour cette aide : - version de HJT mise à jour - version de java changée et mise à jour - secunia appliquée et donc : > mise à jour de la version de acrobat reader >mise à jour de realplayer > mise à jour de quick time. Je continue cette après-midi, ouf !!!! Pierre, de Tours.

Bonjour, je suis nouveau sur le forum, suite à un message de Ivy du forum Tric Trac qui m'a conseillé de venir ici. Il y a quelques jours, j'ai constaté que des mails partaient tout seuls de mon pc, grâce à un Norton non actualisé qui ouvrait une fenêtre d'analyse de mail sortant sans que j'ai rien fait. J'ai installé divers logiciels sur mon ordi, j'ai scanné, retiré 136 traces par l'intermédiaire de a2antimalware, mais Ivy m'a conseillé de vous transmettre un rapport Hijackthis. Voici donc : Logfile of HijackThis v1.99.1 Scan saved at 00:28:19, on 15/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Keyboard Driver\Keyboard Driver\ikeymain.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\a-squared Anti-Malware\a2guard.exe C:\Apps\EZHome\EZStatus.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\WINDOWS\System32\FTRTSVC.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Iomega\AutoDisk\ADService.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\System32\alg.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSCNo.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\OPScan.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Documents and Settings\Pieter\Bureau\Nettoyage\hijackthis\scanner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [Keyboard driver ] "C:\Program Files\Keyboard Driver\Keyboard Driver\ikeymain.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60 O4 - HKCU\..\Run: [EzStatus] C:\Apps\EZHome\EZStatus.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O11 - Options group: [iNTERNATIONAL] International* O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .mp4: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab55762.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BDA50872-4680-4ABE-A470-4CB41D13FEFE}: NameServer = 192.168.1.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O20 - Winlogon Notify: ufat32 - C:\WINDOWS\SYSTEM32\ufat32.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe Evidemment, j'y comprends rien. Des motifs d'être inquiet? Merci d'avance, Pierre, de Tours.