Se connecter / S'enregistrer
Votre question

résolu

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Février 2009 16:51:23

J'ai installé Kaspersky internet secutity 2009 et depuis j'ai une fenêtre qui m'indique:
services.exe a rencontré un problème et doit fermer
Je clique sur OK et une autre fenêtre s'ouvre en faisant un décompte de 60 secondes avant un redémarrage de windows.
Je suis allé sur le forum de ce site et j'ai téléchargé hijackthis dont voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:53:34, on 08/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\windowsautomaticupdates.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\D-Tools\daemon.exe
C:\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Outlook Express\MSIMN.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\Video\AlbumDB2.exe
C:\Program Files\HijackThis\scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.club-internet.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: IEVkbdBHO - {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Click-to-Call BHO - {5c255c8a-e604-49b4-9d64-90988571cecb} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [mmtask] "C:\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_7 -reboot 1
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O4 - Startup: TransBar.lnk = C:\Documents and Settings\philippe\Bureau\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: Y'z Shadow.lnk = C:\Documents and Settings\philippe\Bureau\christo\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Statistiques de la protection du trafic Internet - {1f460357-8a94-4d71-9ca3-aa4acf32ed8e} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5d637fad-e202-48d1-8f18-5b9c459bd1e3} (Image Uploader Control) - http://copainsdavant.linternaute.com/framework/lib/obji...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.ca...
O16 - DPF: {867e13f2-7f31-44fb-ac97-cd38e0dc46ef} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools....
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{56DF133B-8A4B-4249-903F-66E59435892D}: NameServer = 85.255.116.83,85.255.112.127
O17 - HKLM\System\CCS\Services\Tcpip\..\{69742FBA-AB94-4A28-938E-D3D8FE9F75F4}: NameServer = 85.255.116.83,85.255.112.127
O17 - HKLM\System\CCS\Services\Tcpip\..\{877656E5-0759-48CD-BAC0-385C25A10131}: NameServer = 85.255.116.83,85.255.112.127
O17 - HKLM\System\CCS\Services\Tcpip\..\{D553D297-D15A-491C-BACF-46D0BD1B0750}: NameServer = 85.255.116.83,85.255.112.127
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA1930A6-FCCE-4C8A-9D55-4FABC6A72FA2}: NameServer = 85.255.116.83,85.255.112.127
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.83 85.255.112.127
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.83 85.255.112.127
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Service Bonjour (bonjour service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (ipod service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA (pnkbstra) - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 16858 bytes

Merci de m'aider à me sortir de cette galère

Autres pages sur : resolu

8 Février 2009 23:00:13

bonsoir
je suppose que ta version de kaspersky... tu ne l'as pas acheté... vire cette daube :o 


1


démarrer/executer, puis tu copies colles ce qui est en gras shutdown -a

2

Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :
ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer


ajoute un nouveau rapport Hijackthis.
9 Février 2009 20:00:03

Bonsoir,

Merci de me venir en aide !

Contrairement à ce que vous pensez ma version de Kaspersky n'est pas une version téléchargée piratement mais une version achetée.

Voici le rapport de ComboFix:

ComboFix 09-02-08.02 - philippe 2009-02-09 19:31:42.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.2047.1441 [GMT 1:00]
Lancé depuis: c:\documents and settings\philippe\Bureau\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Fichiers communs\{3012E~1
c:\program files\Fichiers communs\{3012E~1\UnInstall.exe
c:\program files\Fichiers communs\{B012E~1
C:\setup.exe
c:\windows\IE4 Error Log.txt
c:\windows\pack.epk
c:\windows\system32\drivers\c0ae4d84.sys
c:\windows\system32\IAjccN3U.exe.a_a
c:\windows\system32\tmp63.tmp
c:\windows\system32\tmp64.tmp

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_c0ae4d84


((((((((((((((((((((((((((((( Fichiers créés du 2009-01-09 au 2009-02-09 ))))))))))))))))))))))))))))))))))))
.

2009-02-08 12:41 . 2009-02-08 12:41 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-02-08 12:30 . 2009-02-08 13:06 101,287 --a------ c:\windows\system32\drivers\klin.dat
2009-02-08 12:30 . 2009-02-08 13:06 89,601 --a------ c:\windows\system32\drivers\klick.dat
2009-02-08 12:29 . 2009-02-09 19:35 32 --ahs---- c:\windows\system32\drivers\fidbox2.idx
2009-02-08 12:29 . 2009-02-09 19:35 32 --ahs---- c:\windows\system32\drivers\fidbox2.dat
2009-02-08 12:29 . 2009-02-09 19:35 32 --ahs---- c:\windows\system32\drivers\fidbox.idx
2009-02-08 12:29 . 2009-02-09 19:35 32 --ahs---- c:\windows\system32\drivers\fidbox.dat
2009-01-29 10:02 . 2009-01-29 10:02 <REP> d-------- c:\windows\system32\XPSViewer
2009-01-29 10:01 . 2009-01-29 10:01 <REP> d-------- c:\program files\Reference Assemblies
2009-01-29 10:00 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-01-29 09:59 . 2009-01-29 09:59 <REP> d-------- c:\windows\system32\xlive
2009-01-21 19:35 . 2009-01-21 19:35 <REP> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-19 17:45 . 2009-01-19 17:45 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-16 09:53 . 2009-01-16 11:02 <REP> d-------- c:\documents and settings\philippe\Application Data\La Bataille pour la Terre du Milieu

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-09 18:39 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-02-09 17:20 13,440 ----a-w c:\windows\system32\drivers\USBCRFT.SYS
2009-02-08 20:17 --------- d-----w c:\documents and settings\philippe\Application Data\Azureus
2009-02-08 20:05 --------- d-----w c:\documents and settings\philippe\Application Data\U3
2009-02-08 12:06 33,808 ----a-w c:\windows\system32\drivers\klbg.sys
2009-02-08 11:29 --------- d-----w c:\program files\Kaspersky Lab
2009-02-07 17:49 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-01-29 09:05 --------- d-----w c:\program files\MSBuild
2009-01-21 18:35 --------- d-----w c:\program files\iTunes
2009-01-21 18:35 --------- d-----w c:\program files\iPod
2009-01-21 18:35 --------- d-----w c:\program files\Fichiers communs\Apple
2009-01-21 18:23 --------- d-----w c:\program files\Bonjour
2009-01-19 16:45 --------- d-----w c:\program files\Java
2009-01-14 17:04 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-03 15:14 --------- d-----w c:\documents and settings\philippe\Application Data\Xfire
2009-01-03 11:45 139,280 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-01-01 21:10 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-01 21:10 --------- d-----w c:\program files\LGInternetKit
2008-12-30 21:50 --------- d-----w c:\documents and settings\philippe\Application Data\teamspeak2
2008-12-30 21:34 --------- d-----w c:\program files\Windows Live
2008-12-30 21:31 --------- d-----w c:\program files\Windows Live SkyDrive
2008-12-30 21:31 --------- d-----w c:\program files\Microsoft
2008-12-26 15:24 0 ----a-w c:\windows\system32\drivers\41402bc1.sys
2008-12-23 09:54 --------- d-----w c:\program files\Unlocker
2008-12-20 13:10 3,532 ----a-w C:\drmHeader.bin
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-04 23:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
2008-11-20 10:48 22,328 ----a-w c:\documents and settings\philippe\Application Data\PnkBstrK.sys
2008-11-17 07:06 622,592 ----a-w C:\mcrypt.dll
2008-11-17 07:06 401,408 ----a-w C:\nphardwaredetection.dll
2008-11-17 07:06 314,536 ----a-w C:\mcsettings.exe
2008-11-17 07:05 806,912 ----a-w C:\mcnoyau.dll
2008-11-17 07:05 195,752 ----a-w C:\maconfservice.exe
2005-10-26 09:56 57,288 ----a-w c:\documents and settings\philippe\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-19 67128]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2004-10-08 196608]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-12-02 3882312]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13672448]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-10-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-10-08 217088]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-09-12 196608]
"mmtask"="c:\musicmatch jukebox\mmtask.exe" [2005-05-09 53248]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"Cloneur Expert Monitor"="c:\cloneur expert\TrueImageMonitor.exe" [2006-02-26 437675]
"Acronis Scheduler2 Service"="c:\program files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-02-26 61440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-19 136600]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-10 1828136]
"razer"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-11-25 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992]
"ElbyCheckAnyDVD"="c:\program files\SlySoft\AnyDVD\ElbyCheck.exe" [2003-09-20 45056]
"NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"OmniPage"="c:\program files\Caere\OmniPagePro90\opware32.exe" [1998-10-28 44032]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-09-04 185896]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-12 86016]
"Copperhead"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-11-25 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2008-12-08 453984]
"QuickTime Task"="d:\quicktime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-08 206088]
"Dit"="Dit.exe" [2004-04-02 c:\windows\Dit.exe]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 c:\windows\system32\Hdaudpropshortcut.exe]
"nwiz"="nwiz.exe" [2008-11-12 c:\windows\system32\nwiz.exe]
"CHotkey"="mHotkey.exe" [2002-07-23 c:\windows\mHotkey.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 c:\windows\AGRSMMSG.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-21 45056]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-19 67128]
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2008-04-29 20:58 210168 d:\program files\AlienGUIse\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\kasperskyantivirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\eMule\\emule.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\jeux\\seigneur des anneaux\\game.dat"=
"d:\\jeux\\Xfire\\xfire.exe"=
"c:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Documents and Settings\\philippe\\Bureau\\jeux\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"d:\\jeux\\pes9\\pes2009.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"d:\\jeux\\Company Of Heroes Opposing Fronts\\RelicCOH.exe"=
"d:\\jeux\\call of duty at war\\CoDWaW.exe"=
"d:\\jeux\\call of duty at war\\CoDWaWmp.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10158:TCP"= 10158:TCP:BitComet 10158 TCP
"10158:UDP"= 10158:UDP:BitComet 10158 UDP
"7364:TCP"= 7364:TCP:BitComet 7364 TCP
"7364:UDP"= 7364:UDP:BitComet 7364 UDP
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 33808]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2008-12-30 55136]
R2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
R3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [2005-07-30 13440]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2005-01-07 1287296]
R3 klfltdev;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-04-30 24592]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [2005-07-30 24704]
S1 41402bc1;41402bc1;c:\windows\system32\drivers\41402bc1.sys [2008-11-16 0]
S3 IIUSBISP;USB Mass Storage for USB ISP;c:\windows\system32\Drivers\iiusbisp.sys --> c:\windows\system32\Drivers\iiusbisp.sys [?]
S3 maconfservice;Ma-Config Service;C:\maconfservice.exe [2008-11-17 195752]
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [2007-09-18 19020]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\shell\autorun\command - J:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1cdfb4bb-80a3-11dc-9026-000a9402468b}]
\shell\autorun\command - H:\start.exe
\shell\iledefrance\command - H:\start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{226fc19a-86b5-11dc-9037-000a9402468b}]
\Shell\AutoRun\command - RavMon.exe
\Shell\explore\Command - RavMon.exe
\Shell\open\Command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2de2d9f4-41a5-11db-b78e-0011097293ae}]
\Shell\AutoRun\command - RavMon.exe
\Shell\explore\Command - RavMon.exe
\Shell\open\Command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e23a2276-d832-11dd-9ac0-0011097293ae}]
\shell\autorun\command - J:\USBAutoRun.exe
.
Contenu du dossier 'Tâches planifiées'

2008-09-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-02-06 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\tuneup utilities 2006\SystemOptimizer.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
HKCU-Run-updateMgr - c:\acrobat 7.0\Acrobat\AdobeUpdateManager.exe
HKCU-Run-Uniblue RegistryBooster 2 - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
HKLM-Run-EoEngine - (no file)
HKLM-Run-EoWeather - (no file)
HKLM-Run-StandardInstall - (no file)


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://portail.club-internet.fr/
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;*.local
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {867e13f2-7f31-44fb-ac97-cd38e0dc46ef} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_4_0.cab
DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-09 19:37:27
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-73586283-764733703-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-73586283-764733703-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"="c:\\WINDOWS\\System32\\shell32.dll,15"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="c:\\WINDOWS\\system32\\SHELL32.dll,17"
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"="c:\\WINDOWS\\system32\\SHELL32.dll,17"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="c:\\WINDOWS\\system32\\shell32.dll,22"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="c:\\WINDOWS\\system32\\shell32.dll,23"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="c:\\WINDOWS\\system32\\shell32.dll,24"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="c:\\WINDOWS\\system32\\shell32.dll,-175"
"{21EC2020-3AEA-1069-A2DD-08002B30309D}"="c:\\WINDOWS\\System32\\shell32.dll,-137"
"{2227A280-3AEA-1069-A2DE-08002B30309D}"="c:\\WINDOWS\\System32\\shell32.dll,-138"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="c:\\WINDOWS\\system32\\shell32.dll,38"
"AudioCD"="c:\\WINDOWS\\System32\\shell32.dll,40"
"{FBF23B42-E3F0-101B-8488-00AA003E56F8}"="c:\\WINDOWS\\system32\\shell32.dll,220"
"{450D8FBA-AD25-11D0-98A8-0800361B1103}"="c:\\WINDOWS\\system32\\mydocs.dll,0"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="c:\\WINDOWS\\system32\\main.cpl,10"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="c:\\WINDOWS\\system32\\wiashext.dll,0"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="c:\\WINDOWS\\system32\\mstask.dll,-100"
"{88C6C381-2E85-11D0-94DE-444553540000}"="c:\\WINDOWS\\System32\\occache.dll,0"
"{BDEADF00-C265-11d0-BCED-00A0C90AB50F}"="c:\\Program Files\\COMMON~1\\MICROS~1\\WEBFOL~1\\MSONSEXT.DLL,0"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="c:\\WINDOWS\\System32\\shdocvw.dll,-20785"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="c:\\WINDOWS\\System32\\webcheck.dll,0"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="c:\\WINDOWS\\system32\\syncui.dll,0"

[HKEY_USERS\S-1-5-21-73586283-764733703-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e7,45,66,f0,e3,ee,b3,4d,19,ab,bb,7a,9e,4f,3a,5f,03,48,66,ce,b3,9b,4f,
f1,85,2e,47,da,f4,a7,a8,b3,4e,aa,38,43,11,db,37,76,c3,d8,f3,1d,00,20,0b,ec,\
"??"=hex:60,a1,dc,64,98,45,4c,41,bb,ef,5b,2c,ee,bc,02,4e

[HKEY_USERS\S-1-5-21-73586283-764733703-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:D 9,6e,35,44,14,d8,f0,76,93,50,c5,3a,33,41,8a,01,14,d7,42,a4,34,
61,81,7f,19,a0,66,5e,56,e6,79,ef,46,b5,10,ba,fa,47,c5,2d,70,27,ec,d2,f5,fe,\
"rkeysecu"=hex:65,28,89,97,4d,37,44,ed,f3,93,88,57,53,d6,da,54

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0A2C6EC6-E1BC-9BF5-B3F7D282645EFB0F}\{C08E0694-C5E1-48EE-3ACF6A24AC2BF796}\{A9549B8D-B7EF-15E1-4BD44DC35FFCD192}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,15,d7,75,
fe,0f,ba,82,df,84,c5,8c,18,4d,c8,94,53,81,a9,97,fa,3b,cd,90,01,c0,04,ad,ca,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{44034FD7-1AAB-56DE-05376226E3E18762}\{E5927D01-F17A-5508-2A74EFC6C5188D90}\{F4E471EB-CB8D-E257-550ABC7FEB789AD1}*]
"N3ON3SCQTOHKQM23SBHY163HKH1"=hex:01,00,01,00,00,00,00,00,fa,de,c6,7c,16,d0,d3,
6d,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{966E1176-98BD-E3A3-1649E4659438A716}\{7D188DDB-E560-5BB6-20EABCAAB28395D5}\{0998E78C-7C0A-2C8B-9F05FD29FB8035CC}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,15,d7,75,
fe,0f,ba,82,df,84,c5,8c,18,4d,c8,94,53,81,a9,97,fa,3b,cd,90,01,c0,04,ad,ca,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A211FD50-104A-552A-E783321B77B5C9DA}\{4E700FFC-D5B6-D24A-08D9C51A05E3FA14}\{72F82311-8741-4D82-9043D22F7FAD5282}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,15,d7,75,
fe,0f,ba,82,df,84,c5,8c,18,4d,c8,94,53,81,a9,97,fa,3b,cd,90,01,c0,04,ad,ca,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A72C365C-2B28-0978-52A59749C0ABC09D}\{2A6BE869-A5EF-247E-F6A7B01E97A485BF}\{3251E462-487B-7BE8-3B3E094BA2D6C7C9}*]
"N3ON3SCQTOHKQM23SBHY163HKH1"=hex:01,00,01,00,00,00,00,00,fa,de,c6,7c,16,d0,d3,
6d,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B2D6F484-260A-7B5D-9DECE03114A71318}\{16279713-416B-AABF-512733F99CDDA7F7}\{FB965560-4DCA-8EF0-2DC335C1EACB0D08}*]
"N3ON3SCQTOHKQM23SBHY163HKH1"=hex:01,00,01,00,00,00,00,00,fa,de,c6,7c,16,d0,d3,
6d,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B7C188CC-C656-22D1-E21234AD513F53A3}\{781F7726-F470-BDBE-E3632254F9ABE08C}\{D5A0EB3A-C033-B7E9-DCA15AB75FD5AB8C}*]
"N3ON3SCQTOHKQM23SBHY163HKH1"=hex:01,00,01,00,00,00,00,00,fa,de,c6,7c,16,d0,d3,
6d,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BF11F383-757D-CF48-6D213AC2BB6130AD}\{12507465-D6D8-AFB1-97ED5D21195D77D5}\{90E47118-DD98-E716-1AABCD138C042D55}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,15,d7,75,
fe,0f,ba,82,df,84,c5,8c,18,4d,c8,94,53,81,a9,97,fa,3b,cd,90,01,c0,04,ad,ca,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1180)
d:\program files\AlienGUIse\wbsrv.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Acronis\Schedule2\schedul2.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\MDM.EXE
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\windowsautomaticupdates.exe
c:\windows\system32\searchindexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\windows\system32\ntvdm.exe
c:\program files\Razer\Copperhead\razerofa.exe
c:\program files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\windows\system32\searchprotocolhost.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\AlienGUIse\AlienwareDock\ObjectDock.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
c:\windows\system32\searchfilterhost.exe
.
**************************************************************************
.
Heure de fin: 2009-02-09 19:45:36 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-02-09 18:45:32

Avant-CF: 27 548 028 928 octets libres
Après-CF: 51,045,052,416 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

344 --- E O F --- 2009-01-14 17:05:11


Et voici maintenant le nouveau rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:56:56, on 09/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\windowsautomaticupdates.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\D-Tools\daemon.exe
C:\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\Video\AlbumDB2.exe
C:\Program Files\HijackThis\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.club-internet.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: IEVkbdBHO - {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Click-to-Call BHO - {5c255c8a-e604-49b4-9d64-90988571cecb} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [mmtask] "C:\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O4 - Startup: TransBar.lnk = C:\Documents and Settings\philippe\Bureau\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: Y'z Shadow.lnk = C:\Documents and Settings\philippe\Bureau\christo\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Statistiques de la protection du trafic Internet - {1f460357-8a94-4d71-9ca3-aa4acf32ed8e} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5d637fad-e202-48d1-8f18-5b9c459bd1e3} (Image Uploader Control) - http://copainsdavant.linternaute.com/framework/lib/obji...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.ca...
O16 - DPF: {867e13f2-7f31-44fb-ac97-cd38e0dc46ef} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools....
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Service Bonjour (bonjour service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (ipod service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA (pnkbstra) - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 15180 bytes


Merci de m'indiquer la nouvelle marche à suivre.
Contenus similaires
9 Février 2009 21:01:12

re

1

Télécharge Flash Disinfector
Connecte tes supports amovibles sur ton PC. (lecteur mp3, DD externe, clé USB...)
Connecte tous les périphériques externes ( DD , USB , ..... )
Double clique sur Flash Disinfector et laisse toi guider

2


Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Fais redémarrer ton ordinateur en mode sans échec
    - Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
    -- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
    --- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
    ---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.

    ++++++++++++++++
    10 Février 2009 18:10:32

    Bonsoir,

    Voici les rapports de MalwareByte's car j'ai fait touner le logiciel hier soir, mais aux vues du temps à passer devant l'ordi, je l'ai relancé ce matin ce qui explique qu'il y ait 2 rapports.

    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1742
    Windows 5.1.2600 Service Pack 3

    09/02/2009 23:11:09
    mbam-log-2009-02-09 (23-11-09).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|J:\|L:\|)
    Eléments examinés: 43088
    Temps écoulé: 16 minute(s), 41 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\netpumpernnproxy.netscapeinterface (Trojan.Lop) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e0abbf96-17dc-44ca-96d0-6217064a97ba} (Trojan.Lop) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)

    et voici le 2ème rapport


    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1742
    Windows 5.1.2600 Service Pack 3

    10/02/2009 17:46:02
    mbam-log-2009-02-10 (17-46-02).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|J:\|L:\|)
    Eléments examinés: 273439
    Temps écoulé: 9 hour(s), 59 minute(s), 5 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 8
    Fichier(s) infecté(s): 20

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Netscape\Netscape Navigator\Automation Protocols\ftp (Adware.NetPumper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Netscape\Netscape Navigator\Automation Protocols\http (Adware.NetPumper) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
    C:\Program Files\BitDownload\ZM (Trojan.Lop) -> Quarantined and deleted successfully.
    C:\Program Files\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
    C:\Program Files\NetPumper\Anti-Leech (Adware.NetPumper) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.1 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.2 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Documents and Settings\philippe\Application Data\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\Adobe\Acrobat 8.0\Setup Files\{AC76BA86-1033-F400-7760-000000000003}\Adobe Acrobat 8 pro keygen.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    D:\Download\Adobe Acrobat 8.0\Adobe Acrobat 8 pro keygen.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    D:\Download\Adobe all keygen +activation\CAM\PhotoShop CS3 Extended Keygen + Activation.exe (Trojan.Horst) -> Quarantined and deleted successfully.
    D:\Download\Adobe all keygen +activation\SSG\Dreamweaver CS3 Keygen VLK.exe (Trojan.Crax) -> Quarantined and deleted successfully.
    D:\Download\Adobe all keygen +activation\ZWT\Adobe Acrobat Keygen + Activation ZWT.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Program Files\BitDownload\BitDownload.TRC (Trojan.Lop) -> Quarantined and deleted successfully.
    C:\Program Files\BitDownload\BitDownload_1.TRC (Trojan.Lop) -> Quarantined and deleted successfully.
    C:\Program Files\NetPumper\Anti-Leech\ALPlugin-setup.exe (Adware.NetPumper) -> Quarantined and deleted successfully.
    C:\Program Files\NetPumper\Anti-Leech\ALPluginIE-1.0.2.1-setup.exe (Adware.NetPumper) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.1\al2np.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.1\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.1\alie.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.1\alie.inf (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.1\iesetup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.2\al2np.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.2\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.2\alie.inf (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Program Files\Anti-Leech\ALIE_1.0.2.2\iesetup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
    C:\Documents and Settings\philippe\Application Data\NetPumper\philippe.1.ini (Adware.NetPumper) -> Quarantined and deleted successfully.
    C:\Documents and Settings\philippe\Application Data\NetPumper\philippe.ini (Adware.NetPumper) -> Quarantined and deleted successfully.

    Beaucoup de choses de trouvées que dois-je faire maintenant ?
    10 Février 2009 20:00:50

    Merci beaucoup pour votre aide, mon problème est résolu.
    Je n'ai plus le message d'erreur et j'ai réussi à installer Kaspersky sans problème de fonctionnement.
    Merci aussi au fondateur du site qui permet de se sortir de la galère grace à des personnes qui exelle en informatique.
    10 Février 2009 23:29:48

    re
    il faut encore qu'on vérifie deux ou trois trucs. ;) 

    Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.

  • Double-clique sur le raccourci de LopS&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré (C:\lopR.txt*)
    * le nom de la partition peut changer
    11 Février 2009 18:45:21

    Bonsoir,

    Voici le rapport Lop S&D demandé:


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : philippe ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Internet Security 8.0.0.506 (Activated)
    Firewall : Kaspersky Internet Security 8.0.0.506 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:115 Go (Free:46 Go)
    D:\ (Local Disk) - NTFS - Total:117 Go (Free:25 Go)
    E:\ (Local Disk) - NTFS - Total:244 Go (Free:53 Go)
    F:\ (CD or DVD)
    G:\ (CD or DVD)
    H:\ (USB)
    I:\ (USB)
    K:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
    L:\ (Local Disk) - NTFS - Total:35 Go (Free:6 Go)
    M:\ (USB)
    N:\ (CD or DVD)
    O:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 11/02/2009|18:32 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [16/07/2008|17:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [16/07/2008|17:54] C:\DOCUME~1\ADMINI~1.GIR\APPLIC~1\Microsoft

    [21/01/2009|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [24/11/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [04/10/2005|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [06/07/2007|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [27/11/2007|15:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [04/01/2007|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [26/10/2008|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [04/09/2008|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Codemasters
    [19/03/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [12/06/2007|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
    [23/02/2006|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eXPert PDF
    [07/02/2009|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
    [03/11/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [14/09/2005|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [11/02/2009|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [08/02/2009|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [23/10/2008|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\KONAMI
    [23/11/2008|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [09/02/2009|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [23/09/2008|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [02/12/2008|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [14/01/2009|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [06/04/2007|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [06/04/2007|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
    [27/03/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [30/07/2005|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [20/01/2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
    [04/11/2005|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
    [21/11/2005|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [12/06/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
    [06/01/2007|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania United
    [18/12/2005|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [08/06/2008|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TVU Networks
    [17/01/2006|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [23/09/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [30/07/2005|14:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [27/10/2007|12:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [19/09/2005|21:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
    [12/12/2007|19:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire

    [18/12/2008|20:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Adobe
    [27/10/2007|12:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities
    [19/12/2008|20:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia
    [18/12/2008|08:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [01/09/2007|09:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

    [09/09/2008|19:21] C:\DOCUME~1\philippe\APPLIC~1\Adobe
    [21/01/2007|17:38] C:\DOCUME~1\philippe\APPLIC~1\AdobeUM
    [09/08/2006|23:50] C:\DOCUME~1\philippe\APPLIC~1\Ahead
    [16/06/2008|16:33] C:\DOCUME~1\philippe\APPLIC~1\Apple Computer
    [08/08/2006|11:48] C:\DOCUME~1\philippe\APPLIC~1\AquaSoft
    [27/11/2006|21:04] C:\DOCUME~1\philippe\APPLIC~1\ArcSoft
    [09/02/2009|22:18] C:\DOCUME~1\philippe\APPLIC~1\Azureus
    [01/11/2007|14:35] C:\DOCUME~1\philippe\APPLIC~1\Bioshock
    [08/02/2007|14:25] C:\DOCUME~1\philippe\APPLIC~1\BitDownload
    [07/12/2008|16:33] C:\DOCUME~1\philippe\APPLIC~1\Canon
    [01/10/2005|13:22] C:\DOCUME~1\philippe\APPLIC~1\CyberLink
    [02/11/2007|19:25] C:\DOCUME~1\philippe\APPLIC~1\Delivery
    [29/12/2006|14:20] C:\DOCUME~1\philippe\APPLIC~1\DivX
    [12/09/2008|19:41] C:\DOCUME~1\philippe\APPLIC~1\dvdcss
    [21/05/2007|19:51] C:\DOCUME~1\philippe\APPLIC~1\EFF
    [06/07/2006|17:27] C:\DOCUME~1\philippe\APPLIC~1\EoRezo
    [30/07/2005|16:53] C:\DOCUME~1\philippe\APPLIC~1\FotoWire
    [15/03/2008|16:47] C:\DOCUME~1\philippe\APPLIC~1\Google
    [26/02/2006|17:09] C:\DOCUME~1\philippe\APPLIC~1\Help
    [09/03/2007|09:31] C:\DOCUME~1\philippe\APPLIC~1\HOLDTI~1
    [30/07/2005|14:25] C:\DOCUME~1\philippe\APPLIC~1\Identities
    [12/10/2007|18:09] C:\DOCUME~1\philippe\APPLIC~1\InstallShield
    [11/11/2008|19:43] C:\DOCUME~1\philippe\APPLIC~1\InstallShield Installation Information
    [16/06/2008|21:46] C:\DOCUME~1\philippe\APPLIC~1\InterTrust
    [14/09/2005|17:59] C:\DOCUME~1\philippe\APPLIC~1\Jasc Software Inc
    [16/01/2009|11:02] C:\DOCUME~1\philippe\APPLIC~1\La Bataille pour la Terre du Milieu
    [04/12/2008|21:19] C:\DOCUME~1\philippe\APPLIC~1\LG Electronics
    [11/01/2008|15:54] C:\DOCUME~1\philippe\APPLIC~1\Macromedia
    [09/02/2009|22:45] C:\DOCUME~1\philippe\APPLIC~1\Malwarebytes
    [29/08/2005|18:49] C:\DOCUME~1\philippe\APPLIC~1\Micro Application
    [13/01/2008|11:29] C:\DOCUME~1\philippe\APPLIC~1\Microsoft
    [14/01/2008|21:07] C:\DOCUME~1\philippe\APPLIC~1\mIRC
    [08/04/2007|20:17] C:\DOCUME~1\philippe\APPLIC~1\Motive
    [22/10/2007|19:03] C:\DOCUME~1\philippe\APPLIC~1\Mozilla
    [04/10/2005|17:23] C:\DOCUME~1\philippe\APPLIC~1\MSNInstaller
    [29/08/2005|18:25] C:\DOCUME~1\philippe\APPLIC~1\Musicmatch
    [16/09/2007|11:18] C:\DOCUME~1\philippe\APPLIC~1\Nero
    [04/10/2005|19:18] C:\DOCUME~1\philippe\APPLIC~1\Opera
    [31/08/2008|20:42] C:\DOCUME~1\philippe\APPLIC~1\Real
    [08/08/2006|16:52] C:\DOCUME~1\philippe\APPLIC~1\SecuROM
    [16/09/2007|11:18] C:\DOCUME~1\philippe\APPLIC~1\Simple Star
    [12/06/2007|19:44] C:\DOCUME~1\philippe\APPLIC~1\SlySoft
    [09/09/2008|19:00] C:\DOCUME~1\philippe\APPLIC~1\Spore
    [09/09/2008|18:06] C:\DOCUME~1\philippe\APPLIC~1\SporeCreatureCreator
    [19/03/2006|14:39] C:\DOCUME~1\philippe\APPLIC~1\Sun
    [09/10/2005|16:01] C:\DOCUME~1\philippe\APPLIC~1\SYSTRAN
    [10/06/2006|16:25] C:\DOCUME~1\philippe\APPLIC~1\TaoUSign
    [30/12/2008|22:50] C:\DOCUME~1\philippe\APPLIC~1\teamspeak2
    [18/12/2005|12:49] C:\DOCUME~1\philippe\APPLIC~1\TuneUp Software
    [08/06/2008|16:48] C:\DOCUME~1\philippe\APPLIC~1\TVU Networks
    [08/02/2009|21:05] C:\DOCUME~1\philippe\APPLIC~1\U3
    [16/06/2008|14:25] C:\DOCUME~1\philippe\APPLIC~1\Uniblue
    [19/12/2007|14:57] C:\DOCUME~1\philippe\APPLIC~1\vlc
    [07/12/2008|16:13] C:\DOCUME~1\philippe\APPLIC~1\Winamp
    [28/10/2007|09:11] C:\DOCUME~1\philippe\APPLIC~1\Windows Desktop Search
    [18/11/2005|20:32] C:\DOCUME~1\philippe\APPLIC~1\X10 Commander
    [03/01/2009|16:14] C:\DOCUME~1\philippe\APPLIC~1\Xfire

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [27/09/2008 18:39][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [06/02/2009 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [11/02/2009 18:07][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [29/10/2007|16:15] C:\Program Files\7-Zip
    [09/12/2007|19:59] C:\Program Files\Activision
    [24/11/2008|17:50] C:\Program Files\Adobe
    [19/11/2008|18:41] C:\Program Files\AGEIA Technologies
    [18/07/2008|21:44] C:\Program Files\AlienGUIse
    [03/10/2007|16:29] C:\Program Files\Allok 3GP PSP MP4 iPod Video Converter
    [27/09/2008|18:39] C:\Program Files\Apple Software Update
    [19/04/2008|16:56] C:\Program Files\ArcSoft
    [10/02/2007|12:06] C:\Program Files\AviSynth 2.5
    [08/12/2008|20:52] C:\Program Files\Belarc
    [22/11/2007|17:25] C:\Program Files\BitTorrent Fastest Tool
    [21/01/2009|19:23] C:\Program Files\Bonjour
    [06/04/2007|19:05] C:\Program Files\BroadJump
    [18/04/2008|16:54] C:\Program Files\Caere
    [19/04/2008|16:57] C:\Program Files\Canon
    [06/03/2007|08:04] C:\Program Files\CLOSEB~1
    [04/11/2008|22:14] C:\Program Files\Club-Internet
    [06/04/2007|19:09] C:\Program Files\Common Files
    [30/07/2005|14:17] C:\Program Files\ComPlus Applications
    [17/02/2008|14:10] C:\Program Files\CyberLink
    [02/01/2007|16:40] C:\Program Files\DirectVideo
    [16/06/2008|21:42] C:\Program Files\directx
    [07/10/2007|14:06] C:\Program Files\DivX
    [22/02/2006|16:52] C:\Program Files\D-Tools
    [17/02/2008|14:19] C:\Program Files\EA GAMES
    [10/10/2008|21:47] C:\Program Files\Electronic Arts
    [06/07/2006|17:27] C:\Program Files\eoRezo
    [30/11/2008|17:24] C:\Program Files\ffdshow
    [09/02/2009|19:32] C:\Program Files\Fichiers communs
    [06/01/2006|13:59] C:\Program Files\GameSpy Arcade
    [22/11/2007|17:00] C:\Program Files\Generalia Software
    [03/11/2008|20:01] C:\Program Files\Google
    [30/07/2005|17:07] C:\Program Files\Hewlett-Packard
    [17/01/2006|20:52] C:\Program Files\HighMAT CD Writing Wizard
    [09/02/2009|19:56] C:\Program Files\HijackThis
    [09/03/2007|09:31] C:\Program Files\HOLDTI~1
    [30/07/2005|17:08] C:\Program Files\hp deskjet 960c series
    [10/05/2006|17:47] C:\Program Files\iMesh
    [01/01/2009|22:10] C:\Program Files\InstallShield Installation Information
    [30/07/2005|14:53] C:\Program Files\Intel
    [11/12/2008|17:28] C:\Program Files\Internet Explorer
    [21/01/2009|19:35] C:\Program Files\iPod
    [21/01/2009|19:35] C:\Program Files\iTunes
    [19/01/2009|17:45] C:\Program Files\Java
    [10/02/2009|19:07] C:\Program Files\Kaspersky Lab
    [30/11/2008|13:13] C:\Program Files\LG Electronics
    [01/01/2009|22:10] C:\Program Files\LGInternetKit
    [30/07/2005|16:53] C:\Program Files\Logitech
    [08/03/2006|14:55] C:\Program Files\LucasArts
    [09/02/2009|22:45] C:\Program Files\Malwarebytes' Anti-Malware
    [25/11/2008|21:02] C:\Program Files\Messenger
    [25/11/2008|22:48] C:\Program Files\Messenger Plus! Live
    [18/04/2008|14:20] C:\Program Files\Micro Application
    [30/12/2008|22:31] C:\Program Files\Microsoft
    [28/10/2007|09:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [30/07/2005|14:20] C:\Program Files\microsoft frontpage
    [22/12/2007|13:13] C:\Program Files\Microsoft Office
    [27/10/2007|12:38] C:\Program Files\Microsoft SQL Server Compact Edition
    [03/08/2005|19:14] C:\Program Files\Microsoft Visual Studio
    [22/12/2007|13:10] C:\Program Files\Microsoft Visual Studio 8
    [22/12/2007|13:14] C:\Program Files\Microsoft Works
    [22/12/2007|13:12] C:\Program Files\Microsoft.NET
    [17/09/2008|17:06] C:\Program Files\Movie Maker
    [29/01/2009|10:05] C:\Program Files\MSBuild
    [04/10/2005|17:23] C:\Program Files\MSN
    [30/07/2005|14:17] C:\Program Files\MSN Gaming Zone
    [06/07/2007|19:00] C:\Program Files\MSXML 4.0
    [29/08/2005|18:31] C:\Program Files\Musicmatch
    [08/10/2007|12:29] C:\Program Files\Nero
    [24/03/2008|16:04] C:\Program Files\NeroInstall.bak
    [17/09/2008|17:04] C:\Program Files\NetMeeting
    [03/09/2007|09:36] C:\Program Files\Neuf
    [18/01/2006|19:13] C:\Program Files\OfficeUpdate11
    [30/07/2005|14:17] C:\Program Files\Online Services
    [24/06/2008|11:56] C:\Program Files\OpenAL
    [17/09/2008|17:30] C:\Program Files\Outlook Express
    [12/12/2007|16:06] C:\Program Files\Pro Imaging Powertoys
    [31/12/2007|15:14] C:\Program Files\Radical Games
    [18/09/2007|19:54] C:\Program Files\Razer
    [09/09/2005|09:53] C:\Program Files\Real
    [29/01/2009|10:01] C:\Program Files\Reference Assemblies
    [23/04/2007|14:50] C:\Program Files\Ripp-it_AM
    [30/07/2005|14:19] C:\Program Files\Services en ligne
    [12/10/2007|17:50] C:\Program Files\Sierra Entertainment
    [24/04/2006|20:17] C:\Program Files\SLD Codec Pack
    [23/02/2008|12:47] C:\Program Files\SlySoft
    [28/06/2008|12:00] C:\Program Files\SystemRequirementsLab
    [02/08/2005|18:10] C:\Program Files\TGTSoft
    [27/01/2007|18:27] C:\Program Files\The All-Seeing Eye
    [04/11/2006|22:21] C:\Program Files\THQ
    [03/02/2008|15:04] C:\Program Files\thriXXX
    [22/11/2007|17:25] C:\Program Files\torrent_search
    [27/12/2005|18:49] C:\Program Files\Toshiba
    [08/08/2006|16:48] C:\Program Files\Ubisoft
    [16/06/2008|15:30] C:\Program Files\Uniblue
    [18/04/2008|14:24] C:\Program Files\Uninstall Information
    [23/12/2008|10:54] C:\Program Files\Unlocker
    [19/12/2007|14:54] C:\Program Files\VideoLAN
    [10/02/2007|12:06] C:\Program Files\VideoraiPodConverter
    [12/09/2006|20:34] C:\Program Files\Virtools Web Player 3.0
    [23/02/2006|15:28] C:\Program Files\Visage
    [13/10/2006|13:54] C:\Program Files\Visiolite
    [26/10/2008|16:02] C:\Program Files\Vuze
    [09/08/2006|16:26] C:\Program Files\Winamp
    [27/10/2007|12:37] C:\Program Files\Windows Desktop Search
    [30/12/2008|22:34] C:\Program Files\Windows Live
    [30/12/2008|22:31] C:\Program Files\Windows Live SkyDrive
    [27/10/2007|19:27] C:\Program Files\Windows Live Toolbar
    [18/12/2006|22:37] C:\Program Files\Windows Media Connect 2
    [17/09/2008|17:04] C:\Program Files\Windows Media Player
    [17/09/2008|17:04] C:\Program Files\Windows NT
    [27/03/2008|19:02] C:\Program Files\Windows Sidebar
    [30/07/2005|14:19] C:\Program Files\WindowsUpdate
    [09/12/2007|13:09] C:\Program Files\World Of Elendil
    [18/04/2006|12:11] C:\Program Files\X10 Hardware
    [30/07/2005|14:20] C:\Program Files\xerox
    [29/12/2006|14:25] C:\Program Files\Xvid

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [26/02/2006|18:47] C:\Program Files\Fichiers communs\Acronis
    [25/09/2007|15:49] C:\Program Files\Fichiers communs\Adobe
    [04/10/2005|18:46] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [07/10/2007|16:02] C:\Program Files\Fichiers communs\Ahead
    [21/01/2009|19:35] C:\Program Files\Fichiers communs\Apple
    [29/03/2008|13:14] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [30/07/2005|15:51] C:\Program Files\Fichiers communs\Caere
    [22/12/2007|13:13] C:\Program Files\Fichiers communs\DESIGNER
    [30/07/2005|16:53] C:\Program Files\Fichiers communs\FotoWire
    [14/09/2005|17:59] C:\Program Files\Fichiers communs\InstallShield
    [14/09/2005|17:59] C:\Program Files\Fichiers communs\Jasc Software Inc
    [19/03/2006|14:37] C:\Program Files\Fichiers communs\Java
    [30/07/2005|16:47] C:\Program Files\Fichiers communs\Logitech
    [20/01/2008|16:27] C:\Program Files\Fichiers communs\Macrovision Shared
    [30/12/2008|22:31] C:\Program Files\Fichiers communs\Microsoft Shared
    [06/04/2007|19:09] C:\Program Files\Fichiers communs\Motive
    [30/07/2005|14:18] C:\Program Files\Fichiers communs\MSSoap
    [27/03/2008|19:07] C:\Program Files\Fichiers communs\Nero
    [12/12/2007|16:06] C:\Program Files\Fichiers communs\Nikon
    [30/07/2005|15:50] C:\Program Files\Fichiers communs\ODBC
    [04/09/2008|18:24] C:\Program Files\Fichiers communs\Real
    [30/07/2005|14:18] C:\Program Files\Fichiers communs\Services
    [30/07/2005|15:50] C:\Program Files\Fichiers communs\SpeechEngines
    [07/10/2007|18:44] C:\Program Files\Fichiers communs\Stardock
    [17/09/2008|17:30] C:\Program Files\Fichiers communs\System
    [25/11/2008|21:49] C:\Program Files\Fichiers communs\Windows Live
    [23/09/2008|19:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [19/11/2008|18:42] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [04/09/2008|18:24] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 67 Processes )

    IEXPLORE.EXE ~ [PID:2080]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\philippe\APPLIC~1\Bitdownload
    C:\DOCUME~1\philippe\APPLIC~1\BitDownload
    C:\DOCUME~1\philippe\APPLIC~1\BitDownload\Data
    C:\Program Files\BitTorrent Fastest Tool
    C:\Program Files\BitTorrent Fastest Tool\BitP.exe
    C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
    C:\Program Files\BitTorrent Fastest Tool\UNWISE.EXE
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\Anti-Leech
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\NetPumper Help.lnk
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\NetPumper.lnk
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\Readme.lnk
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\Shutdown NetPumper.lnk
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\Uninstall NetPumper.lnk
    C:\DOCUME~1\philippe\Cookies\philippe@advertstream[1].txt
    C:\DOCUME~1\philippe\Cookies\philippe@adultfriendfinder[1].txt
    C:\DOCUME~1\philippe\Cookies\philippe@advertising[1].txt
    C:\DOCUME~1\philippe\Cookies\philippe@ero-advertising[2].txt
    C:\DOCUME~1\philippe\Cookies\philippe@adin.bigpoint[2].txt
    C:\DOCUME~1\philippe\Cookies\philippe@bigpoint[2].txt
    C:\DOCUME~1\philippe\Cookies\philippe@fr.board.bigpoint[2].txt
    C:\DOCUME~1\philippe\Cookies\philippe@fr.thepimps.bigpoint[1].txt
    C:\DOCUME~1\philippe\Cookies\philippe@adopt.euroclick[1].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-11 18:35:28
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\philippe\Application Data\Real\RealPlayer\History\16-alpha_5.20-mon_crack_feat_iron_sy_....lnk
    C:\DOCUME~1\philippe\Recent\Instructions crack .lnk
    C:\DOCUME~1\philippe\Recent\serial.keygen.crack.generator. Spore.lnk


    [F:29][D:13]-> C:\DOCUME~1\philippe\LOCALS~1\Temp
    [F:852][D:0]-> C:\DOCUME~1\philippe\Cookies
    [F:1568][D:8]-> C:\DOCUME~1\philippe\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 11/02/2009|18:38 - Option : [1]

    --------------------\\ Fin du rapport a 18:38:09
    11 Février 2009 21:02:06

    re
    vire tes cracks :o 
    Bitdownload est un faux programme...
    Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.
    12 Février 2009 18:57:28

    Bonsoir,

    Voila la suite.


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : philippe ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Internet Security 8.0.0.506 (Activated)
    Firewall : Kaspersky Internet Security 8.0.0.506 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:115 Go (Free:48 Go)
    D:\ (Local Disk) - NTFS - Total:117 Go (Free:22 Go)
    E:\ (Local Disk) - NTFS - Total:244 Go (Free:50 Go)
    F:\ (CD or DVD)
    G:\ (CD or DVD)
    H:\ (USB)
    I:\ (USB)
    K:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
    L:\ (Local Disk) - NTFS - Total:35 Go (Free:6 Go)
    M:\ (USB)
    N:\ (CD or DVD)
    O:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 12/02/2009|18:45 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe
    Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
    Supprime! - C:\Program Files\BitTorrent Fastest Tool\UNWISE.EXE
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\Anti-Leech
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\NetPumper Help.lnk
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\NetPumper.lnk
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\Readme.lnk
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\Shutdown NetPumper.lnk
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper\Uninstall NetPumper.lnk
    Supprime! - C:\DOCUME~1\philippe\Cookies\philippe@advertstream[1].txt
    Supprime! - C:\DOCUME~1\philippe\Cookies\philippe@adultfriendfinder[1].txt
    Supprime! - C:\DOCUME~1\philippe\Cookies\philippe@advertising[1].txt
    Supprime! - C:\DOCUME~1\philippe\Cookies\philippe@ero-advertising[2].txt
    Supprime! - C:\DOCUME~1\philippe\Cookies\philippe@adin.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\philippe\Cookies\philippe@bigpoint[2].txt
    Supprime! - C:\DOCUME~1\philippe\Cookies\philippe@fr.board.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\philippe\Cookies\philippe@fr.thepimps.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\philippe\Cookies\philippe@adopt.euroclick[1].txt
    Supprime! - C:\Program Files\BitTorrent Fastest Tool
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\NetPumper

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [16/07/2008|17:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [16/07/2008|17:54] C:\DOCUME~1\ADMINI~1.GIR\APPLIC~1\Microsoft

    [21/01/2009|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [24/11/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [04/10/2005|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [06/07/2007|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [27/11/2007|15:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [04/01/2007|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [26/10/2008|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [04/09/2008|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Codemasters
    [19/03/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [12/06/2007|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
    [23/02/2006|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eXPert PDF
    [07/02/2009|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
    [03/11/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [14/09/2005|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [12/02/2009|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [08/02/2009|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [23/10/2008|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\KONAMI
    [23/11/2008|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [09/02/2009|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [23/09/2008|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [02/12/2008|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [11/02/2009|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [06/04/2007|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [06/04/2007|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
    [27/03/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [30/07/2005|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [20/01/2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
    [04/11/2005|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
    [21/11/2005|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [12/06/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
    [06/01/2007|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania United
    [18/12/2005|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [08/06/2008|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TVU Networks
    [17/01/2006|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [11/02/2009|20:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winter Sports 2009
    [23/09/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [30/07/2005|14:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [27/10/2007|12:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [19/09/2005|21:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
    [12/12/2007|19:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire

    [18/12/2008|20:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Adobe
    [27/10/2007|12:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities
    [19/12/2008|20:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia
    [18/12/2008|08:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [01/09/2007|09:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

    [09/09/2008|19:21] C:\DOCUME~1\philippe\APPLIC~1\Adobe
    [21/01/2007|17:38] C:\DOCUME~1\philippe\APPLIC~1\AdobeUM
    [09/08/2006|23:50] C:\DOCUME~1\philippe\APPLIC~1\Ahead
    [16/06/2008|16:33] C:\DOCUME~1\philippe\APPLIC~1\Apple Computer
    [08/08/2006|11:48] C:\DOCUME~1\philippe\APPLIC~1\AquaSoft
    [27/11/2006|21:04] C:\DOCUME~1\philippe\APPLIC~1\ArcSoft
    [12/02/2009|18:15] C:\DOCUME~1\philippe\APPLIC~1\Azureus
    [01/11/2007|14:35] C:\DOCUME~1\philippe\APPLIC~1\Bioshock
    [07/12/2008|16:33] C:\DOCUME~1\philippe\APPLIC~1\Canon
    [01/10/2005|13:22] C:\DOCUME~1\philippe\APPLIC~1\CyberLink
    [02/11/2007|19:25] C:\DOCUME~1\philippe\APPLIC~1\Delivery
    [29/12/2006|14:20] C:\DOCUME~1\philippe\APPLIC~1\DivX
    [12/09/2008|19:41] C:\DOCUME~1\philippe\APPLIC~1\dvdcss
    [21/05/2007|19:51] C:\DOCUME~1\philippe\APPLIC~1\EFF
    [06/07/2006|17:27] C:\DOCUME~1\philippe\APPLIC~1\EoRezo
    [30/07/2005|16:53] C:\DOCUME~1\philippe\APPLIC~1\FotoWire
    [15/03/2008|16:47] C:\DOCUME~1\philippe\APPLIC~1\Google
    [26/02/2006|17:09] C:\DOCUME~1\philippe\APPLIC~1\Help
    [09/03/2007|09:31] C:\DOCUME~1\philippe\APPLIC~1\HOLDTI~1
    [30/07/2005|14:25] C:\DOCUME~1\philippe\APPLIC~1\Identities
    [12/10/2007|18:09] C:\DOCUME~1\philippe\APPLIC~1\InstallShield
    [11/11/2008|19:43] C:\DOCUME~1\philippe\APPLIC~1\InstallShield Installation Information
    [16/06/2008|21:46] C:\DOCUME~1\philippe\APPLIC~1\InterTrust
    [14/09/2005|17:59] C:\DOCUME~1\philippe\APPLIC~1\Jasc Software Inc
    [16/01/2009|11:02] C:\DOCUME~1\philippe\APPLIC~1\La Bataille pour la Terre du Milieu
    [04/12/2008|21:19] C:\DOCUME~1\philippe\APPLIC~1\LG Electronics
    [11/01/2008|15:54] C:\DOCUME~1\philippe\APPLIC~1\Macromedia
    [09/02/2009|22:45] C:\DOCUME~1\philippe\APPLIC~1\Malwarebytes
    [29/08/2005|18:49] C:\DOCUME~1\philippe\APPLIC~1\Micro Application
    [13/01/2008|11:29] C:\DOCUME~1\philippe\APPLIC~1\Microsoft
    [14/01/2008|21:07] C:\DOCUME~1\philippe\APPLIC~1\mIRC
    [08/04/2007|20:17] C:\DOCUME~1\philippe\APPLIC~1\Motive
    [22/10/2007|19:03] C:\DOCUME~1\philippe\APPLIC~1\Mozilla
    [04/10/2005|17:23] C:\DOCUME~1\philippe\APPLIC~1\MSNInstaller
    [29/08/2005|18:25] C:\DOCUME~1\philippe\APPLIC~1\Musicmatch
    [16/09/2007|11:18] C:\DOCUME~1\philippe\APPLIC~1\Nero
    [04/10/2005|19:18] C:\DOCUME~1\philippe\APPLIC~1\Opera
    [31/08/2008|20:42] C:\DOCUME~1\philippe\APPLIC~1\Real
    [08/08/2006|16:52] C:\DOCUME~1\philippe\APPLIC~1\SecuROM
    [16/09/2007|11:18] C:\DOCUME~1\philippe\APPLIC~1\Simple Star
    [12/06/2007|19:44] C:\DOCUME~1\philippe\APPLIC~1\SlySoft
    [09/09/2008|19:00] C:\DOCUME~1\philippe\APPLIC~1\Spore
    [09/09/2008|18:06] C:\DOCUME~1\philippe\APPLIC~1\SporeCreatureCreator
    [19/03/2006|14:39] C:\DOCUME~1\philippe\APPLIC~1\Sun
    [09/10/2005|16:01] C:\DOCUME~1\philippe\APPLIC~1\SYSTRAN
    [10/06/2006|16:25] C:\DOCUME~1\philippe\APPLIC~1\TaoUSign
    [30/12/2008|22:50] C:\DOCUME~1\philippe\APPLIC~1\teamspeak2
    [18/12/2005|12:49] C:\DOCUME~1\philippe\APPLIC~1\TuneUp Software
    [08/06/2008|16:48] C:\DOCUME~1\philippe\APPLIC~1\TVU Networks
    [08/02/2009|21:05] C:\DOCUME~1\philippe\APPLIC~1\U3
    [16/06/2008|14:25] C:\DOCUME~1\philippe\APPLIC~1\Uniblue
    [19/12/2007|14:57] C:\DOCUME~1\philippe\APPLIC~1\vlc
    [07/12/2008|16:13] C:\DOCUME~1\philippe\APPLIC~1\Winamp
    [28/10/2007|09:11] C:\DOCUME~1\philippe\APPLIC~1\Windows Desktop Search
    [18/11/2005|20:32] C:\DOCUME~1\philippe\APPLIC~1\X10 Commander
    [03/01/2009|16:14] C:\DOCUME~1\philippe\APPLIC~1\Xfire

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [27/09/2008 18:39][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [06/02/2009 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [12/02/2009 09:19][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [29/10/2007|16:15] C:\Program Files\7-Zip
    [09/12/2007|19:59] C:\Program Files\Activision
    [24/11/2008|17:50] C:\Program Files\Adobe
    [19/11/2008|18:41] C:\Program Files\AGEIA Technologies
    [18/07/2008|21:44] C:\Program Files\AlienGUIse
    [03/10/2007|16:29] C:\Program Files\Allok 3GP PSP MP4 iPod Video Converter
    [27/09/2008|18:39] C:\Program Files\Apple Software Update
    [19/04/2008|16:56] C:\Program Files\ArcSoft
    [10/02/2007|12:06] C:\Program Files\AviSynth 2.5
    [08/12/2008|20:52] C:\Program Files\Belarc
    [21/01/2009|19:23] C:\Program Files\Bonjour
    [06/04/2007|19:05] C:\Program Files\BroadJump
    [18/04/2008|16:54] C:\Program Files\Caere
    [19/04/2008|16:57] C:\Program Files\Canon
    [06/03/2007|08:04] C:\Program Files\CLOSEB~1
    [04/11/2008|22:14] C:\Program Files\Club-Internet
    [06/04/2007|19:09] C:\Program Files\Common Files
    [30/07/2005|14:17] C:\Program Files\ComPlus Applications
    [17/02/2008|14:10] C:\Program Files\CyberLink
    [02/01/2007|16:40] C:\Program Files\DirectVideo
    [16/06/2008|21:42] C:\Program Files\directx
    [07/10/2007|14:06] C:\Program Files\DivX
    [22/02/2006|16:52] C:\Program Files\D-Tools
    [17/02/2008|14:19] C:\Program Files\EA GAMES
    [10/10/2008|21:47] C:\Program Files\Electronic Arts
    [06/07/2006|17:27] C:\Program Files\eoRezo
    [30/11/2008|17:24] C:\Program Files\ffdshow
    [09/02/2009|19:32] C:\Program Files\Fichiers communs
    [06/01/2006|13:59] C:\Program Files\GameSpy Arcade
    [22/11/2007|17:00] C:\Program Files\Generalia Software
    [03/11/2008|20:01] C:\Program Files\Google
    [30/07/2005|17:07] C:\Program Files\Hewlett-Packard
    [17/01/2006|20:52] C:\Program Files\HighMAT CD Writing Wizard
    [09/02/2009|19:56] C:\Program Files\HijackThis
    [09/03/2007|09:31] C:\Program Files\HOLDTI~1
    [30/07/2005|17:08] C:\Program Files\hp deskjet 960c series
    [10/05/2006|17:47] C:\Program Files\iMesh
    [01/01/2009|22:10] C:\Program Files\InstallShield Installation Information
    [30/07/2005|14:53] C:\Program Files\Intel
    [11/02/2009|23:01] C:\Program Files\Internet Explorer
    [21/01/2009|19:35] C:\Program Files\iPod
    [21/01/2009|19:35] C:\Program Files\iTunes
    [19/01/2009|17:45] C:\Program Files\Java
    [10/02/2009|19:07] C:\Program Files\Kaspersky Lab
    [30/11/2008|13:13] C:\Program Files\LG Electronics
    [01/01/2009|22:10] C:\Program Files\LGInternetKit
    [30/07/2005|16:53] C:\Program Files\Logitech
    [08/03/2006|14:55] C:\Program Files\LucasArts
    [09/02/2009|22:45] C:\Program Files\Malwarebytes' Anti-Malware
    [25/11/2008|21:02] C:\Program Files\Messenger
    [25/11/2008|22:48] C:\Program Files\Messenger Plus! Live
    [18/04/2008|14:20] C:\Program Files\Micro Application
    [30/12/2008|22:31] C:\Program Files\Microsoft
    [28/10/2007|09:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [30/07/2005|14:20] C:\Program Files\microsoft frontpage
    [22/12/2007|13:13] C:\Program Files\Microsoft Office
    [27/10/2007|12:38] C:\Program Files\Microsoft SQL Server Compact Edition
    [03/08/2005|19:14] C:\Program Files\Microsoft Visual Studio
    [22/12/2007|13:10] C:\Program Files\Microsoft Visual Studio 8
    [22/12/2007|13:14] C:\Program Files\Microsoft Works
    [22/12/2007|13:12] C:\Program Files\Microsoft.NET
    [17/09/2008|17:06] C:\Program Files\Movie Maker
    [29/01/2009|10:05] C:\Program Files\MSBuild
    [04/10/2005|17:23] C:\Program Files\MSN
    [30/07/2005|14:17] C:\Program Files\MSN Gaming Zone
    [06/07/2007|19:00] C:\Program Files\MSXML 4.0
    [29/08/2005|18:31] C:\Program Files\Musicmatch
    [08/10/2007|12:29] C:\Program Files\Nero
    [24/03/2008|16:04] C:\Program Files\NeroInstall.bak
    [17/09/2008|17:04] C:\Program Files\NetMeeting
    [03/09/2007|09:36] C:\Program Files\Neuf
    [18/01/2006|19:13] C:\Program Files\OfficeUpdate11
    [30/07/2005|14:17] C:\Program Files\Online Services
    [24/06/2008|11:56] C:\Program Files\OpenAL
    [17/09/2008|17:30] C:\Program Files\Outlook Express
    [12/12/2007|16:06] C:\Program Files\Pro Imaging Powertoys
    [31/12/2007|15:14] C:\Program Files\Radical Games
    [18/09/2007|19:54] C:\Program Files\Razer
    [09/09/2005|09:53] C:\Program Files\Real
    [29/01/2009|10:01] C:\Program Files\Reference Assemblies
    [23/04/2007|14:50] C:\Program Files\Ripp-it_AM
    [30/07/2005|14:19] C:\Program Files\Services en ligne
    [12/10/2007|17:50] C:\Program Files\Sierra Entertainment
    [24/04/2006|20:17] C:\Program Files\SLD Codec Pack
    [23/02/2008|12:47] C:\Program Files\SlySoft
    [28/06/2008|12:00] C:\Program Files\SystemRequirementsLab
    [02/08/2005|18:10] C:\Program Files\TGTSoft
    [27/01/2007|18:27] C:\Program Files\The All-Seeing Eye
    [04/11/2006|22:21] C:\Program Files\THQ
    [03/02/2008|15:04] C:\Program Files\thriXXX
    [22/11/2007|17:25] C:\Program Files\torrent_search
    [27/12/2005|18:49] C:\Program Files\Toshiba
    [08/08/2006|16:48] C:\Program Files\Ubisoft
    [16/06/2008|15:30] C:\Program Files\Uniblue
    [18/04/2008|14:24] C:\Program Files\Uninstall Information
    [23/12/2008|10:54] C:\Program Files\Unlocker
    [19/12/2007|14:54] C:\Program Files\VideoLAN
    [10/02/2007|12:06] C:\Program Files\VideoraiPodConverter
    [12/09/2006|20:34] C:\Program Files\Virtools Web Player 3.0
    [23/02/2006|15:28] C:\Program Files\Visage
    [13/10/2006|13:54] C:\Program Files\Visiolite
    [26/10/2008|16:02] C:\Program Files\Vuze
    [09/08/2006|16:26] C:\Program Files\Winamp
    [27/10/2007|12:37] C:\Program Files\Windows Desktop Search
    [30/12/2008|22:34] C:\Program Files\Windows Live
    [30/12/2008|22:31] C:\Program Files\Windows Live SkyDrive
    [27/10/2007|19:27] C:\Program Files\Windows Live Toolbar
    [18/12/2006|22:37] C:\Program Files\Windows Media Connect 2
    [17/09/2008|17:04] C:\Program Files\Windows Media Player
    [17/09/2008|17:04] C:\Program Files\Windows NT
    [27/03/2008|19:02] C:\Program Files\Windows Sidebar
    [30/07/2005|14:19] C:\Program Files\WindowsUpdate
    [09/12/2007|13:09] C:\Program Files\World Of Elendil
    [18/04/2006|12:11] C:\Program Files\X10 Hardware
    [30/07/2005|14:20] C:\Program Files\xerox
    [29/12/2006|14:25] C:\Program Files\Xvid

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [26/02/2006|18:47] C:\Program Files\Fichiers communs\Acronis
    [25/09/2007|15:49] C:\Program Files\Fichiers communs\Adobe
    [04/10/2005|18:46] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [07/10/2007|16:02] C:\Program Files\Fichiers communs\Ahead
    [21/01/2009|19:35] C:\Program Files\Fichiers communs\Apple
    [29/03/2008|13:14] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [30/07/2005|15:51] C:\Program Files\Fichiers communs\Caere
    [22/12/2007|13:13] C:\Program Files\Fichiers communs\DESIGNER
    [30/07/2005|16:53] C:\Program Files\Fichiers communs\FotoWire
    [14/09/2005|17:59] C:\Program Files\Fichiers communs\InstallShield
    [14/09/2005|17:59] C:\Program Files\Fichiers communs\Jasc Software Inc
    [19/03/2006|14:37] C:\Program Files\Fichiers communs\Java
    [30/07/2005|16:47] C:\Program Files\Fichiers communs\Logitech
    [20/01/2008|16:27] C:\Program Files\Fichiers communs\Macrovision Shared
    [30/12/2008|22:31] C:\Program Files\Fichiers communs\Microsoft Shared
    [06/04/2007|19:09] C:\Program Files\Fichiers communs\Motive
    [30/07/2005|14:18] C:\Program Files\Fichiers communs\MSSoap
    [27/03/2008|19:07] C:\Program Files\Fichiers communs\Nero
    [12/12/2007|16:06] C:\Program Files\Fichiers communs\Nikon
    [30/07/2005|15:50] C:\Program Files\Fichiers communs\ODBC
    [04/09/2008|18:24] C:\Program Files\Fichiers communs\Real
    [30/07/2005|14:18] C:\Program Files\Fichiers communs\Services
    [30/07/2005|15:50] C:\Program Files\Fichiers communs\SpeechEngines
    [07/10/2007|18:44] C:\Program Files\Fichiers communs\Stardock
    [17/09/2008|17:30] C:\Program Files\Fichiers communs\System
    [25/11/2008|21:49] C:\Program Files\Fichiers communs\Windows Live
    [23/09/2008|19:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [19/11/2008|18:42] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [04/09/2008|18:24] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 68 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-12 18:48:13
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:33][D:13]-> C:\DOCUME~1\philippe\LOCALS~1\Temp
    [F:847][D:0]-> C:\DOCUME~1\philippe\Cookies
    [F:2949][D:8]-> C:\DOCUME~1\philippe\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 11/02/2009|18:38 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 12/02/2009|18:50 - Option : [2]

    --------------------\\ Fin du rapport a 18:50:32
    12 Février 2009 19:47:38

    bonjour
    reposte un log hijackthis stp
    12 Février 2009 20:13:03

    Voici le LOG

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:10:55, on 12/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\windowsautomaticupdates.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\Dit.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\MUSICMATCH Jukebox\mmtask.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Cloneur Expert\TrueImageMonitor.exe
    C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Razer\Copperhead\razerhid.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\Program Files\Caere\OmniPagePro90\opware32.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\Razer\Copperhead\razerofa.exe
    C:\Program Files\Windows Live\Family Safety\fsui.exe
    C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\HijackThis\scanner.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.club-internet.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
    O2 - BHO: Click-to-Call BHO - {5c255c8a-e604-49b4-9d64-90988571cecb} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [Dit] Dit.exe
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [mmtask] "C:\MUSICMATCH Jukebox\mmtask.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Cloneur Expert\TrueImageMonitor.exe"
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
    O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
    O4 - Startup: TransBar.lnk = C:\Documents and Settings\philippe\Bureau\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: Y'z Shadow.lnk = C:\Documents and Settings\philippe\Bureau\christo\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [java_sun] Java (Sun)
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5d637fad-e202-48d1-8f18-5b9c459bd1e3} (Image Uploader Control) - http://copainsdavant.linternaute.com/framework/lib/obji...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.ca...
    O16 - DPF: {867e13f2-7f31-44fb-ac97-cd38e0dc46ef} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
    O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools....
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O23 - Service: Service Bonjour (bonjour service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (ipod service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\maconfservice.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA (pnkbstra) - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 15244 bytes
    13 Février 2009 21:04:23

    re

    Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer.

  • Autorise les Active x.
  • Clique sur Démarrer Online Scanner.
  • Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
  • Colle son rapport ici.
  • Poste un nouveau rapport Hijackthis.

    Aide : Comment faire un scan en ligne avec Kaspersky .
    13 Février 2009 22:25:46

    Bonsoir,

    Désolé, mais je prend la route à 3 heures demain matin pour aller faire du ski pendant une semaine, si cela ne vous dérange pas nous reprendrons les analyses du pc dans 8 jours.
    cordialement.
    14 Février 2009 18:38:35

    pas de soucis
    :hello: 
    22 Février 2009 20:17:02

    Bonsoir,

    Le rapport d'analyse de Kaspersky est vide. :bounce: 

    Voici celui de Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:13:22, on 22/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\windowsautomaticupdates.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\Dit.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\MUSICMATCH Jukebox\mmtask.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\Cloneur Expert\TrueImageMonitor.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\Program Files\Razer\Copperhead\razerhid.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\Program Files\Caere\OmniPagePro90\opware32.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Razer\Copperhead\razerofa.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Windows Live\Family Safety\fsui.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\HijackThis\scanner.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.club-internet.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
    O2 - BHO: Click-to-Call BHO - {5c255c8a-e604-49b4-9d64-90988571cecb} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [Dit] Dit.exe
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [mmtask] "C:\MUSICMATCH Jukebox\mmtask.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Cloneur Expert\TrueImageMonitor.exe"
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
    O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
    O4 - Startup: TransBar.lnk = C:\Documents and Settings\philippe\Bureau\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: Y'z Shadow.lnk = C:\Documents and Settings\philippe\Bureau\christo\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5d637fad-e202-48d1-8f18-5b9c459bd1e3} (Image Uploader Control) - http://copainsdavant.linternaute.com/framework/lib/obji...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.ca...
    O16 - DPF: {867e13f2-7f31-44fb-ac97-cd38e0dc46ef} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
    O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools....
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O23 - Service: Service Bonjour (bonjour service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (ipod service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\maconfservice.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA (pnkbstra) - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 15343 bytes
    23 Février 2009 17:47:17

    Bonsoir,

    ????????????????? c'est quoi ce programme
    24 Février 2009 15:05:08

    re

    Etape 1

    ~Lance Hijackthis “Do a system scan only”.
    Coche les lignes qui suivent si encore présentes et uniquement celles-là.

    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/671 [...] taller.exe
    O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe


    Clique sur Fix checked (en bas à gauche)


    Etape 2

    Tu cliques sur démarrer, tu cliques executer et tu tapes dans la boîte de dialogue: services.msc , tu recherches la ligne de service Windows Automatic Updates et tu fais" type de démarrage désactivé" puis "type de démarrage" sur arrêter.


    Etape 3


    Lance Hijackthis, choisir Open the Misc.Tools section
    la fenêtre "Configuration va s'ouvrir
    clique sur Delete a NT service...
    la fenêtre "Delete a Windows NT service" va s'ouvrir
    Entre dans la zone de dialogue :

    Windows Automatic Updates



    Note : assure-toi de ne pas mettre d'espace, ni avant, ni après !
    clique OK

    Une autre fenêtre devrait s'ouvrir, donnant des informations sur le service et demandant si tu souhaites re-démarrer.
    Clique NO



    Etape 4

    Ensuite tu n'a plus qu'à supprimer les fichiers et les dossiers. (si toujours présents)

    ~Supprime
    C:\WINDOWS\system32\windowsautomaticupdates.exe


    ~Supprime les dossiers en gras :

    C:\Program Files\eoRezo


    24 Février 2009 19:25:07

    Bonsoir,


    pour l'étape 1

    Après avoir lancé Hijackthis et coché les 3 lignes, il m'a été demandé de redémarer, ce que j'ai fais.
    J'espère ne pas avoir fair d'erreur !!!

    pour l'étape 2

    J'ai bien trouvé la ligne WAU qui était déjà désactivée, par contre je n'avais pas la possibilité de l'arrêter !!

    La suite s'est passée comme vous me l'indiquiez.

    Voici un nouveau rapport Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:24:46, on 24/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\Dit.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\MUSICMATCH Jukebox\mmtask.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\Cloneur Expert\TrueImageMonitor.exe
    C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Razer\Copperhead\razerhid.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\Program Files\Razer\Copperhead\razerofa.exe
    C:\Program Files\Caere\OmniPagePro90\opware32.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Windows Live\Family Safety\fsui.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Outlook Express\MSIMN.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\HijackThis\scanner.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.club-internet.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
    O2 - BHO: Click-to-Call BHO - {5c255c8a-e604-49b4-9d64-90988571cecb} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [Dit] Dit.exe
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [mmtask] "C:\MUSICMATCH Jukebox\mmtask.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Cloneur Expert\TrueImageMonitor.exe"
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
    O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
    O4 - Startup: TransBar.lnk = C:\Documents and Settings\philippe\Bureau\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: Y'z Shadow.lnk = C:\Documents and Settings\philippe\Bureau\christo\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5d637fad-e202-48d1-8f18-5b9c459bd1e3} (Image Uploader Control) - http://copainsdavant.linternaute.com/framework/lib/obji...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.ca...
    O16 - DPF: {867e13f2-7f31-44fb-ac97-cd38e0dc46ef} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
    O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O23 - Service: Service Bonjour (bonjour service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (ipod service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\maconfservice.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA (pnkbstra) - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 14839 bytes
    25 Février 2009 22:34:35

    re
    d'autres soucis?
    26 Février 2009 18:02:42

    Bonsoir,

    Aucun autre soucis. :bounce: 

    Encore un grand MERCI pour votre aide et votre temps perdu pour un inconnu.

    :sol: 

    Philippe
    27 Février 2009 17:27:10

    re

    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    ~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.
    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS