Se connecter / S'enregistrer
Votre question

un virus sûr, mais comment l'enlever [Resolu ]

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
28 Octobre 2008 19:00:24

Salut voila je suis en plein réparation d'un pc viruser seulement je ne vois pas quoi y faire car je suis que novice dans cette discipline voilà un rapport hijackthis qui pourras certainement vous aider ( j'ai passer un coup de CCcleaner avant le rappor) .

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:05:20, on 28/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Labtec\Keyboard\V5.1\kbdap32a.exe
C:\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\lphcjcnj0e1e7.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Documents and Settings\BARRIE\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [OFFICEKB] C:\Labtec\Keyboard\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [RemoteControl] C:\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Frag Ooze Cash Scr] C:\Documents and Settings\All Users\Application Data\close poke frag ooze\play drive.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [lphcjcnj0e1e7] C:\WINDOWS\system32\lphcjcnj0e1e7.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 9931 bytes


_____________________________________________________


S'il vous plait aidez moi merci

Autres pages sur : virus enlever resolu

a b 8 Sécurité
28 Octobre 2008 19:13:41

Bonjour,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    28 Octobre 2008 19:47:48

    ComboFix 08-10-28.01 - BARRIE 2008-10-28 19:43:14.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.475 [GMT 1:00]
    Lancé depuis: C:\Documents and Settings\BARRIE\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\blphcjcnj0e1e7.scr
    C:\WINDOWS\system32\lphcjcnj0e1e7.exe
    C:\WINDOWS\system32\phcjcnj0e1e7.bmp

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-28 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-28 19:04 . 2008-10-28 19:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-10-28 19:01 . 2008-10-28 19:01 <REP> d-------- C:\Program Files\Yahoo!
    2008-10-28 19:01 . 2008-10-28 19:01 <REP> d-------- C:\Program Files\CCleaner
    2008-10-28 18:46 . 2008-10-28 18:46 <REP> d-------- C:\WINDOWS\system32\AlertModule
    2008-10-28 18:46 . 2003-08-04 14:22 94,208 --a------ C:\WINDOWS\system32\W32n50.dll
    2008-10-28 18:46 . 2004-08-23 14:49 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
    2008-10-28 18:46 . 2005-10-06 14:55 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
    2008-10-28 18:46 . 2004-08-23 14:50 32,768 --a------ C:\WINDOWS\system32\WooDial2000.dll
    2008-10-28 18:46 . 2003-08-04 14:22 16,128 --------- C:\WINDOWS\system32\PCANDIS5.SYS
    2008-10-28 18:45 . 2008-10-28 18:50 <REP> d-------- C:\Program Files\Wanadoo
    2008-10-28 18:43 . 2008-10-28 18:43 <REP> d-------- C:\Program Files\Securitoo
    2008-10-28 18:43 . 2008-10-28 18:43 <REP> d-------- C:\Program Files\Inventel
    2008-10-25 12:09 . 2008-10-28 09:36 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-10-25 12:09 . 2008-10-25 12:09 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-09-28 15:20 . 2004-08-03 22:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
    2008-09-28 15:20 . 2004-08-03 22:08 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
    2008-09-28 14:34 . 2008-09-28 14:34 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2008-09-28 14:34 . 2008-09-28 14:34 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-14 17:08 --------- d-----w C:\Documents and Settings\BARRIE\Application Data\cashuploadpoll
    2008-10-08 16:00 --------- d-----w C:\Documents and Settings\BARRIE\Application Data\U3
    2008-09-14 12:07 --------- d-----w C:\Program Files\eMule
    2001-03-28 11:02 122,880 ----a-w C:\WINDOWS\inf\Agfa\message.exe
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-16 68856]
    "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-02-08 95800]
    "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "OFFICEKB"="C:\Labtec\Keyboard\V5.1\kbdap32a.exe" [2008-02-11 387584]
    "RemoteControl"="C:\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
    "LanguageShortcut"="C:\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 282624]
    "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
    "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
    "Frag Ooze Cash Scr"="C:\Documents and Settings\All Users\Application Data\close poke frag ooze\play drive.exe" [2008-10-28 9882112]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 266497]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2006-04-20 421888]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
    "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
    "RTHDCPL"="RTHDCPL.EXE" [2006-12-19 C:\WINDOWS\RTHDCPL.exe]
    "SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Lancement rapide d'Adobe Reader.lnk - C:\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
    Microsoft Office.lnk - C:\Microsoft Office\Office\OSA9.EXE [2000-01-21 65588]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18aa8764-ea97-11dc-9e47-001a9272adb0}]
    \shell\Setup\command - setup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18aa8765-ea97-11dc-9e47-001a9272adb0}]
    \Shell\AutoRun\command - I:\start.exe
    \Shell\FramaKey\command - I:\start.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{61525d4a-8245-11dd-9f0e-001a9272adb0}]
    \Shell\AutoRun\command - I:\start.exe
    \Shell\FramaKey\command - I:\start.exe

    *Newly Created Service* - PROCEXP90
    *Newly Created Service* - RASAUTO

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
    msiexec /fums {AF4B5161-1572-D354-812F-9B3D64DA203F} /qb
    .
    Contenu du dossier 'Tâches planifiées'

    2008-10-28 C:\WINDOWS\Tasks\A7F69587919909B7.job
    - c:\docume~1\barrie\applic~1\cashup~1\bendthirdbat.exe []
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKLM-Run-lphcjcnj0e1e7 - C:\WINDOWS\system32\lphcjcnj0e1e7.exe


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Documents and Settings\BARRIE\Application Data\Mozilla\Firefox\Profiles\8n4kr8tt.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.orange.fr
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-28 19:44:05
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-10-28 19:44:45
    ComboFix-quarantined-files.txt 2008-10-28 18:44:42

    Avant-CF: 50,047,467,520 octets libres
    Après-CF: 50,176,815,104 octets libres

    120




    Je suis rassurer il n'y a plus le probleme que sa leur faisais (un fond d'écran izard) a toi de me dire si c'est fini :)  merci pour les réponses aussi rapide c'est super cool
    Contenus similaires
    a b 8 Sécurité
    28 Octobre 2008 20:40:11

    Reposte un rapport Hijackthis.
    28 Octobre 2008 23:18:32

    yeah j'aime bien ça en principe c'est que sa sent la fin je te fait sa sur le pc qui déconne et je te l'envoie merci encore


    *****************************************************

    Voilà le raport :


    ********************************************************

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:18:23, on 28/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0013)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Labtec\Keyboard\V5.1\kbdap32a.exe
    C:\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\BARRIE\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [OFFICEKB] C:\Labtec\Keyboard\V5.1\kbdap32a.exe
    O4 - HKLM\..\Run: [RemoteControl] C:\CyberLink\PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [LanguageShortcut] C:\CyberLink\PowerDVD\Language\Language.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [Frag Ooze Cash Scr] C:\Documents and Settings\All Users\Application Data\close poke frag ooze\play drive.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
    O17 - HKLM\System\CS1\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
    O17 - HKLM\System\CS2\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    --
    End of file - 9728 bytes
    a b 8 Sécurité
    29 Octobre 2008 11:48:05

    Encore des soucis ?
    29 Octobre 2008 11:54:09

    non sa a pas l'aire
    a b 8 Sécurité
    29 Octobre 2008 11:57:53

    Des questions ?
    29 Octobre 2008 11:59:36

    tu pense que je devrais faire un scan en mode sans echec avec antivir ou est ce inutile??
    a b 8 Sécurité
    29 Octobre 2008 12:05:30

    Pas utile :) 
    29 Octobre 2008 12:11:51

    donc j'ai fini ok merci mec !!!!!!!!!!!!!!

    toolcleaner pourrais servir a supprimer hijack et combofix ou inutile?? (c'est pas mon pc alors je veux leur rendre comme il été)
    a b 8 Sécurité
    29 Octobre 2008 12:17:35

    Ouaip c'est utile là.
    29 Octobre 2008 12:55:41

    je suis têtu et j'ai quand même fait un scan et antivir ma trouver un autre virus est ce grave??
    a b 8 Sécurité
    29 Octobre 2008 13:02:56

    Rapport ?
    29 Octobre 2008 13:40:14

    tu veux un autre rapport hijack


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:47:52, on 29/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0013)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Labtec\Keyboard\V5.1\kbdap32a.exe
    C:\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\BARRIE\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [OFFICEKB] C:\Labtec\Keyboard\V5.1\kbdap32a.exe
    O4 - HKLM\..\Run: [RemoteControl] C:\CyberLink\PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [LanguageShortcut] C:\CyberLink\PowerDVD\Language\Language.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [Frag Ooze Cash Scr] C:\Documents and Settings\All Users\Application Data\close poke frag ooze\play drive.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
    O17 - HKLM\System\CS1\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
    O17 - HKLM\System\CS2\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    --
    End of file - 9698 bytes
    a b 8 Sécurité
    29 Octobre 2008 14:34:26

    Non le rapport AntiVir.
    29 Octobre 2008 15:32:52

    ok je l'ai pas grarde mais pas grave sa le fait plus par contre ma cousqine son pc rame voila un rapport hijack si tu peu m'aider

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:29:59, on 29/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Fichiers communs\Motive\McciCMService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\keyhook.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\WhenUSearch\Search.exe
    C:\Program Files\WhenUSearch\whse.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\Orange\LiveAssistant.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\journal\Bureau\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/quicktime/buy/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
    O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
    O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
    O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [Orange_McciTrayApp] C:\Program Files\Orange\LiveAssistant.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
    O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
    O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
    O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O15 - Trusted Zone: http://*.orange.fr
    O15 - Trusted Zone: http://rw.search.ke.voila.fr
    O15 - Trusted Zone: http://orange.weborama.fr
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 11821 bytes
    a b 8 Sécurité
    29 Octobre 2008 17:29:32

    Re,

    Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de LopS&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré (C:\lopR.txt*)
    29 Octobre 2008 17:44:17

    ok je te ferais sa la prochaine foi
    24 Novembre 2008 18:40:34


    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
    BIOS : Rev. 3.11
    USER : journal ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.7.1098 [VPS 081031-1] 4.7.1098 (Not Activated)
    C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
    D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [1] ( 24/11/2008|18:22 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [28/10/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [08/08/2007|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [01/01/2004|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [31/08/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [20/07/2008|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
    [23/11/2008|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [01/01/2004|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [01/01/2004|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [29/03/2008|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [08/08/2007|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [27/02/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [22/04/2008|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [12/12/2004|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [17/05/2005|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [01/01/2004|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [27/02/2005|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
    [08/08/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [18/06/2005|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [21/03/2007|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [09/08/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [27/02/2008|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller




    [01/01/2004|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
    [11/08/2008|09:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [01/01/2004|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [01/01/2004|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [05/12/2004|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
    [09/02/2005|14:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
    [07/05/2007|14:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
    [08/12/2004|17:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
    [01/01/2004|14:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
    [20/02/2005|15:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
    [16/12/2004|18:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
    [28/11/2004|10:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
    [30/07/2006|12:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
    [27/02/2005|18:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
    [05/12/2004|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
    [01/01/2004|18:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
    [16/12/2004|18:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
    [01/01/2004|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
    [17/01/2005|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
    [18/06/2005|13:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems

    [06/09/2008|16:50] C:\DOCUME~1\journal\APPLIC~1\Adobe
    [25/12/2006|01:36] C:\DOCUME~1\journal\APPLIC~1\AdobeUM
    [09/11/2005|12:47] C:\DOCUME~1\journal\APPLIC~1\Alive! Jigsaw
    [25/02/2007|14:18] C:\DOCUME~1\journal\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\journal\APPLIC~1\Apple Computer
    [21/03/2008|21:05] C:\DOCUME~1\journal\APPLIC~1\Google
    [24/08/2005|09:44] C:\DOCUME~1\journal\APPLIC~1\Help
    [01/01/2004|14:06] C:\DOCUME~1\journal\APPLIC~1\Identities
    [06/11/2005|10:36] C:\DOCUME~1\journal\APPLIC~1\InstallShield
    [20/08/2005|11:19] C:\DOCUME~1\journal\APPLIC~1\Intervideo
    [11/10/2006|20:48] C:\DOCUME~1\journal\APPLIC~1\Leadertech
    [15/11/2008|12:22] C:\DOCUME~1\journal\APPLIC~1\LimeWire
    [14/01/2007|11:55] C:\DOCUME~1\journal\APPLIC~1\Macromedia
    [08/08/2007|13:01] C:\DOCUME~1\journal\APPLIC~1\Microsoft
    [22/04/2008|17:36] C:\DOCUME~1\journal\APPLIC~1\Motive
    [30/08/2008|10:50] C:\DOCUME~1\journal\APPLIC~1\Mozilla
    [23/11/2008|14:50] C:\DOCUME~1\journal\APPLIC~1\OpenOffice.org2
    [18/11/2007|19:19] C:\DOCUME~1\journal\APPLIC~1\Real
    [01/01/2004|18:12] C:\DOCUME~1\journal\APPLIC~1\SampleView
    [18/09/2005|18:39] C:\DOCUME~1\journal\APPLIC~1\Sonic
    [01/01/2004|15:07] C:\DOCUME~1\journal\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\journal\APPLIC~1\Symantec
    [20/07/2008|21:30] C:\DOCUME~1\journal\APPLIC~1\the send type
    [07/11/2006|18:41] C:\DOCUME~1\journal\APPLIC~1\Ulead Systems
    [17/02/2008|15:39] C:\DOCUME~1\journal\APPLIC~1\vlc
    [21/03/2007|14:47] C:\DOCUME~1\journal\APPLIC~1\You've Got Pictures Screensaver

    [09/08/2007|10:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [01/01/2004|14:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [31/08/2008|15:51] C:\DOCUME~1\SANDRI~1\APPLIC~1\Adobe
    [01/04/2007|09:40] C:\DOCUME~1\SANDRI~1\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\SANDRI~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\SANDRI~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\SANDRI~1\APPLIC~1\Intervideo
    [13/08/2007|11:33] C:\DOCUME~1\SANDRI~1\APPLIC~1\Macromedia
    [17/04/2008|11:27] C:\DOCUME~1\SANDRI~1\APPLIC~1\Microsoft
    [17/06/2008|15:54] C:\DOCUME~1\SANDRI~1\APPLIC~1\Motive
    [13/08/2007|11:28] C:\DOCUME~1\SANDRI~1\APPLIC~1\Mozilla
    [01/01/2004|18:12] C:\DOCUME~1\SANDRI~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\SANDRI~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\SANDRI~1\APPLIC~1\Symantec
    [31/08/2008|15:00] C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [23/11/2008 18:44][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1102268630.job
    [05/08/2004 11:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
    [01/01/2004 21:08][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
    [24/11/2008 17:56][--ah-----] C:\WINDOWS\tasks\SA.DAT

    --------------------\\ Listing des dossiers dans C:\Program Files

    [06/11/2005|11:55] C:\Program Files\123 Free Puzzle
    [28/10/2008|19:08] C:\Program Files\Adobe
    [18/11/2007|19:20] C:\Program Files\AirStrike3D DEMO
    [09/11/2005|12:48] C:\Program Files\All Ages Software
    [08/08/2007|13:50] C:\Program Files\Alwil Software
    [29/01/2006|18:10] C:\Program Files\Anuman Interactive
    [18/11/2007|19:18] C:\Program Files\AOL 9.0
    [18/11/2007|19:18] C:\Program Files\Blastorama Demo
    [18/11/2007|11:16] C:\Program Files\BoundAround_Demo
    [09/07/2007|20:19] C:\Program Files\Boxen 2 DEMO
    [18/11/2007|11:16] C:\Program Files\BrickShooter Jr
    [18/11/2007|19:19] C:\Program Files\Brossard
    [26/11/2006|15:52] C:\Program Files\Bubble Frenzy
    [25/12/2004|13:50] C:\Program Files\Canon
    [18/11/2007|19:18] C:\Program Files\Car Thief
    [18/11/2007|19:20] C:\Program Files\Controle Parental
    [18/11/2007|19:16] C:\Program Files\Controle Parental(3)
    [18/11/2007|19:03] C:\Program Files\Controle Parental(4)
    [18/11/2007|11:16] C:\Program Files\cw3d
    [28/11/2006|19:35] C:\Program Files\DigiFUN
    [25/08/2008|11:35] C:\Program Files\directx
    [18/11/2007|19:18] C:\Program Files\DreamQuest
    [06/11/2005|19:08] C:\Program Files\EA GAMES
    [08/08/2007|15:55] C:\Program Files\Easy Internet signup
    [09/07/2007|20:11] C:\Program Files\EduProfix
    [18/11/2007|19:18] C:\Program Files\ElastoMania111
    [18/11/2007|19:17] C:\Program Files\Fashion Cents
    [31/08/2006|12:56] C:\Program Files\FaxTools
    [25/08/2008|11:37] C:\Program Files\Fichiers communs
    [31/01/2006|19:20] C:\Program Files\Firaxis Games
    [18/11/2007|19:20] C:\Program Files\GALLIMARD
    [28/10/2008|19:11] C:\Program Files\Google
    [11/11/2007|11:30] C:\Program Files\GrayMatter Innovations
    [01/01/2004|17:57] C:\Program Files\Help and Support Additions
    [01/01/2004|15:51] C:\Program Files\Hewlett-Packard
    [25/01/2006|14:12] C:\Program Files\Homebrew Software
    [01/01/2004|17:25] C:\Program Files\HP
    [21/02/2008|15:11] C:\Program Files\id Software
    [23/03/2008|12:37] C:\Program Files\IncrediMail
    [18/11/2007|19:21] C:\Program Files\InetGet2
    [19/01/2008|11:33] C:\Program Files\Insider
    [28/10/2008|19:15] C:\Program Files\InstallShield Installation Information
    [28/10/2008|19:14] C:\Program Files\InterActual
    [02/09/2008|11:28] C:\Program Files\Internet Explorer
    [07/08/2007|19:50] C:\Program Files\Inventel
    [02/09/2008|11:07] C:\Program Files\Java
    [23/03/2008|12:35] C:\Program Files\Jeune Styliste
    [23/03/2008|12:36] C:\Program Files\Jeune Styliste 2
    [18/11/2007|19:18] C:\Program Files\Jollyware
    [18/11/2007|19:19] C:\Program Files\JrVetDemo
    [23/03/2008|12:36] C:\Program Files\JS FashionMaker
    [25/11/2006|14:55] C:\Program Files\Leeds Learning Color and Shapes
    [22/11/2008|11:06] C:\Program Files\Lexmark X1100 Series
    [19/09/2008|19:03] C:\Program Files\LimeWire
    [29/03/2008|13:56] C:\Program Files\Logitech
    [19/08/2007|20:40] C:\Program Files\Macrogaming
    [06/11/2005|13:36] C:\Program Files\Maxis
    [02/09/2008|11:35] C:\Program Files\Messenger
    [22/12/2007|11:57] C:\Program Files\Messenger Plus! Live
    [06/11/2005|19:28] C:\Program Files\Micro Application
    [31/12/2004|15:23] C:\Program Files\Microsoft AutoRoute
    [28/02/2008|13:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [18/11/2007|19:16] C:\Program Files\Microsoft Encarta
    [01/01/2004|14:06] C:\Program Files\microsoft frontpage
    [31/12/2004|15:22] C:\Program Files\Microsoft Money
    [27/02/2005|18:41] C:\Program Files\Microsoft Office
    [23/08/2007|22:03] C:\Program Files\Microsoft Picture It! 9
    [31/12/2004|15:18] C:\Program Files\Microsoft Works
    [28/12/2004|20:20] C:\Program Files\Microsoft Works Suite 2004
    [02/09/2008|11:28] C:\Program Files\Movie Maker
    [24/11/2008|18:16] C:\Program Files\Mozilla Firefox
    [30/07/2006|12:54] C:\Program Files\MP3 Player Utilities
    [25/11/2006|18:41] C:\Program Files\mpegable AVI
    [26/08/2005|17:52] C:\Program Files\MSN
    [01/01/2004|14:03] C:\Program Files\MSN Gaming Zone
    [27/02/2008|11:15] C:\Program Files\MSN Messenger
    [18/11/2007|19:19] C:\Program Files\MSXML 4.0
    [23/03/2008|12:32] C:\Program Files\Musicmatch
    [28/11/2006|19:32] C:\Program Files\MyABCD
    [02/09/2008|11:24] C:\Program Files\NetMeeting
    [01/01/2004|14:03] C:\Program Files\Online Services
    [25/08/2007|13:40] C:\Program Files\OpenOffice.org 2.0
    [22/04/2008|17:35] C:\Program Files\Orange
    [22/04/2008|17:29] C:\Program Files\OrangeHSS
    [03/09/2008|10:24] C:\Program Files\Outlook Express
    [01/01/2004|17:58] C:\Program Files\PC-Doctor for Windows
    [10/02/2007|17:31] C:\Program Files\Personal Strip Poker
    [18/11/2007|19:16] C:\Program Files\QuickTime
    [18/11/2007|19:19] C:\Program Files\Quiz
    [21/03/2007|14:44] C:\Program Files\Real
    [25/01/2006|14:15] C:\Program Files\Realore
    [18/11/2007|19:18] C:\Program Files\Save
    [18/11/2007|20:30] C:\Program Files\Securitoo
    [01/01/2004|18:06] C:\Program Files\Services en ligne
    [02/01/2004|06:00] C:\Program Files\SiS VGA Utilities V3.59e
    [27/02/2005|18:41] C:\Program Files\Snapshot Viewer
    [18/11/2007|19:15] C:\Program Files\Solsoft
    [08/08/2007|13:29] C:\Program Files\Symantec
    [18/11/2007|19:21] C:\Program Files\Temporary
    [29/06/2008|20:38] C:\Program Files\the send type
    [25/12/2006|01:33] C:\Program Files\Thomson
    [18/11/2007|19:18] C:\Program Files\TikGames
    [26/03/2005|19:16] C:\Program Files\TLC-Edusoft
    [04/01/2007|19:52] C:\Program Files\TLKGAMES
    [18/11/2007|11:16] C:\Program Files\Tomato Catcher
    [04/01/2007|19:57] C:\Program Files\Trymedia
    [18/11/2007|19:20] C:\Program Files\Ulead Systems
    [17/02/2008|15:27] C:\Program Files\VideoLAN
    [21/03/2007|14:47] C:\Program Files\Viewpoint
    [24/11/2008|18:16] C:\Program Files\Wanadoo
    [23/07/2008|13:40] C:\Program Files\WhenUSearch
    [18/11/2007|19:21] C:\Program Files\WinAble
    [27/02/2008|11:11] C:\Program Files\Windows Live
    [08/08/2007|20:58] C:\Program Files\Windows Media Connect 2
    [02/09/2008|11:23] C:\Program Files\Windows Media Player
    [02/09/2008|11:23] C:\Program Files\Windows NT
    [01/01/2004|14:06] C:\Program Files\xerox
    [28/11/2006|19:37] C:\Program Files\zippy

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [28/10/2008|19:08] C:\Program Files\Fichiers communs\Adobe
    [08/08/2007|09:52] C:\Program Files\Fichiers communs\AOL
    [21/03/2007|14:52] C:\Program Files\Fichiers communs\aolback
    [10/11/2007|19:01] C:\Program Files\Fichiers communs\Carlson
    [31/12/2004|15:17] C:\Program Files\Fichiers communs\Designer
    [25/08/2008|11:37] C:\Program Files\Fichiers communs\DirectX
    [22/04/2008|17:25] C:\Program Files\Fichiers communs\France Telecom
    [01/01/2004|15:41] C:\Program Files\Fichiers communs\Hewlett-Packard
    [02/01/2004|05:59] C:\Program Files\Fichiers communs\InstallShield
    [24/03/2008|13:42] C:\Program Files\Fichiers communs\Java
    [29/03/2008|14:11] C:\Program Files\Fichiers communs\LogiShrd
    [27/02/2008|11:13] C:\Program Files\Fichiers communs\Microsoft Shared
    [22/04/2008|17:34] C:\Program Files\Fichiers communs\Motive
    [01/01/2004|14:04] C:\Program Files\Fichiers communs\MSSoap
    [21/03/2007|14:45] C:\Program Files\Fichiers communs\Nullsoft
    [18/11/2007|19:19] C:\Program Files\Fichiers communs\Real
    [31/12/2004|19:32] C:\Program Files\Fichiers communs\Services
    [01/01/2004|14:59] C:\Program Files\Fichiers communs\SpeechEngines
    [02/09/2008|11:23] C:\Program Files\Fichiers communs\System
    [18/06/2005|13:30] C:\Program Files\Fichiers communs\Ulead Systems
    [27/02/2008|11:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 58 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    C:\DOCUME~1\journal\LOCALS~1\Temp\bis3E5.exe

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Boob Byte.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\For Cake.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Ooze slow.exe
    C:\DOCUME~1\journal\LOCALS~1\Temp\nsd314.tmp
    C:\DOCUME~1\journal\LOCALS~1\Temp\nse40E.tmp
    C:\DOCUME~1\journal\LOCALS~1\Temp\nsf31D.tmp
    C:\DOCUME~1\journal\LOCALS~1\Temp\nsi53E.tmp
    C:\DOCUME~1\journal\LOCALS~1\Temp\nsp320.tmp
    C:\DOCUME~1\journal\LOCALS~1\Temp\nss32E.tmp
    C:\DOCUME~1\journal\Cookies\journal@advertstream[1].txt
    C:\DOCUME~1\journal\Cookies\journal@www.adserver5[2].txt
    C:\DOCUME~1\journal\Cookies\journal@adultfriendfinder[1].txt
    C:\DOCUME~1\journal\Cookies\journal@advertising[2].txt
    C:\DOCUME~1\journal\Cookies\journal@adin.bigpoint[2].txt
    C:\DOCUME~1\journal\Cookies\journal@bigpoint[1].txt
    C:\DOCUME~1\journal\Cookies\journal@fr1.seafight.bigpoint[1].txt
    C:\DOCUME~1\journal\Cookies\journal@banner.casinoking[2].txt
    C:\DOCUME~1\journal\Cookies\journal@casinoking[1].txt
    C:\DOCUME~1\journal\Cookies\journal@cotedazurpalace[1].txt
    C:\DOCUME~1\journal\Cookies\journal@adopt.euroclick[2].txt
    C:\DOCUME~1\journal\Cookies\journal@pacificpoker[2].txt
    C:\DOCUME~1\journal\Cookies\journal@partygaming.122.2o7[1].txt
    C:\DOCUME~1\journal\Cookies\journal@partypoker[1].txt
    C:\DOCUME~1\journal\Cookies\journal@fr1.seafight.bigpoint[1].txt
    C:\DOCUME~1\journal\Cookies\journal@vegas-millions[1].txt
    C:\DOCUME~1\journal\Cookies\journal@www.lop[2].txt
    C:\DOCUME~1\journal\Cookies\journal@www.2xmoinscher[1].txt
    C:\DOCUME~1\journal\Cookies\journal@888[1].txt
    C:\DOCUME~1\journal\Cookies\journal@888[3].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 [ 70 ## added by CiD ]

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-24 18:23:37
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 525

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:9388][D:1833]-> C:\DOCUME~1\journal\LOCALS~1\Temp
    [F:351][D:0]-> C:\DOCUME~1\journal\Cookies
    [F:627][D:4]-> C:\DOCUME~1\journal\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 24/11/2008|18:27 - Option : [1]

    --------------------\\ Fin du rapport a 18:27:34



    voila dsl du retard
    a b 8 Sécurité
    24 Novembre 2008 19:01:30

    C'est un autre pc ?

    Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.
    24 Novembre 2008 20:17:17

    OUI ENFIN NON EN FAI C'EST LE PC DE MA COUSINE


    Citation :
    "ok je l'ai pas grarde mais pas grave sa le fait plus par contre ma cousqine son pc rame voila un rapport hijack si tu peu m'aider"



    ************************************************************



    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
    BIOS : Rev. 3.11
    USER : journal ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
    D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [2] ( 24/11/2008|20:07 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Boob Byte.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\For Cake.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Ooze slow.exe
    Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nsd314.tmp
    Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nse40E.tmp
    Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nsf31D.tmp
    Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nsi53E.tmp
    Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nsp320.tmp
    Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nss32E.tmp
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@advertstream[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@www.adserver5[2].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@adultfriendfinder[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@advertising[2].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@adin.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@bigpoint[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@fr1.seafight.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@banner.casinoking[2].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@casinoking[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@adopt.euroclick[2].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@pacificpoker[2].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@partygaming.122.2o7[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@partypoker[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@vegas-millions[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@www.lop[2].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@www.2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@888[1].txt
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@888[3].txt
    Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\bis3E5.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\Program Files\Viewpoint
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [28/10/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [08/08/2007|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [01/01/2004|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [31/08/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [24/11/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [01/01/2004|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [01/01/2004|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [29/03/2008|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [08/08/2007|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [27/02/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [22/04/2008|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [12/12/2004|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [17/05/2005|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [01/01/2004|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [27/02/2005|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
    [08/08/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [18/06/2005|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [09/08/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [27/02/2008|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller




    [01/01/2004|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
    [11/08/2008|09:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [01/01/2004|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [01/01/2004|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [05/12/2004|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
    [09/02/2005|14:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
    [07/05/2007|14:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
    [08/12/2004|17:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
    [01/01/2004|14:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
    [20/02/2005|15:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
    [16/12/2004|18:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
    [28/11/2004|10:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
    [30/07/2006|12:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
    [27/02/2005|18:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
    [05/12/2004|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
    [01/01/2004|18:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
    [16/12/2004|18:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
    [01/01/2004|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
    [17/01/2005|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
    [18/06/2005|13:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems

    [06/09/2008|16:50] C:\DOCUME~1\journal\APPLIC~1\Adobe
    [25/12/2006|01:36] C:\DOCUME~1\journal\APPLIC~1\AdobeUM
    [09/11/2005|12:47] C:\DOCUME~1\journal\APPLIC~1\Alive! Jigsaw
    [25/02/2007|14:18] C:\DOCUME~1\journal\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\journal\APPLIC~1\Apple Computer
    [21/03/2008|21:05] C:\DOCUME~1\journal\APPLIC~1\Google
    [24/08/2005|09:44] C:\DOCUME~1\journal\APPLIC~1\Help
    [01/01/2004|14:06] C:\DOCUME~1\journal\APPLIC~1\Identities
    [06/11/2005|10:36] C:\DOCUME~1\journal\APPLIC~1\InstallShield
    [20/08/2005|11:19] C:\DOCUME~1\journal\APPLIC~1\Intervideo
    [11/10/2006|20:48] C:\DOCUME~1\journal\APPLIC~1\Leadertech
    [15/11/2008|12:22] C:\DOCUME~1\journal\APPLIC~1\LimeWire
    [14/01/2007|11:55] C:\DOCUME~1\journal\APPLIC~1\Macromedia
    [08/08/2007|13:01] C:\DOCUME~1\journal\APPLIC~1\Microsoft
    [22/04/2008|17:36] C:\DOCUME~1\journal\APPLIC~1\Motive
    [30/08/2008|10:50] C:\DOCUME~1\journal\APPLIC~1\Mozilla
    [23/11/2008|15:13] C:\DOCUME~1\journal\APPLIC~1\OpenOffice.org2
    [18/11/2007|19:19] C:\DOCUME~1\journal\APPLIC~1\Real
    [01/01/2004|18:12] C:\DOCUME~1\journal\APPLIC~1\SampleView
    [18/09/2005|18:39] C:\DOCUME~1\journal\APPLIC~1\Sonic
    [01/01/2004|15:07] C:\DOCUME~1\journal\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\journal\APPLIC~1\Symantec
    [20/07/2008|21:30] C:\DOCUME~1\journal\APPLIC~1\the send type
    [07/11/2006|18:41] C:\DOCUME~1\journal\APPLIC~1\Ulead Systems
    [17/02/2008|15:39] C:\DOCUME~1\journal\APPLIC~1\vlc
    [21/03/2007|14:47] C:\DOCUME~1\journal\APPLIC~1\You've Got Pictures Screensaver

    [09/08/2007|10:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [01/01/2004|14:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [31/08/2008|15:51] C:\DOCUME~1\SANDRI~1\APPLIC~1\Adobe
    [01/04/2007|09:40] C:\DOCUME~1\SANDRI~1\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\SANDRI~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\SANDRI~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\SANDRI~1\APPLIC~1\Intervideo
    [13/08/2007|11:33] C:\DOCUME~1\SANDRI~1\APPLIC~1\Macromedia
    [17/04/2008|11:27] C:\DOCUME~1\SANDRI~1\APPLIC~1\Microsoft
    [17/06/2008|15:54] C:\DOCUME~1\SANDRI~1\APPLIC~1\Motive
    [13/08/2007|11:28] C:\DOCUME~1\SANDRI~1\APPLIC~1\Mozilla
    [01/01/2004|18:12] C:\DOCUME~1\SANDRI~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\SANDRI~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\SANDRI~1\APPLIC~1\Symantec
    [31/08/2008|15:00] C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [24/11/2008 18:44][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1102268630.job
    [05/08/2004 11:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
    [01/01/2004 21:08][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
    [24/11/2008 18:33][--ah-----] C:\WINDOWS\tasks\SA.DAT

    --------------------\\ Listing des dossiers dans C:\Program Files

    [06/11/2005|11:55] C:\Program Files\123 Free Puzzle
    [28/10/2008|19:08] C:\Program Files\Adobe
    [18/11/2007|19:20] C:\Program Files\AirStrike3D DEMO
    [09/11/2005|12:48] C:\Program Files\All Ages Software
    [08/08/2007|13:50] C:\Program Files\Alwil Software
    [29/01/2006|18:10] C:\Program Files\Anuman Interactive
    [18/11/2007|19:18] C:\Program Files\AOL 9.0
    [18/11/2007|19:18] C:\Program Files\Blastorama Demo
    [18/11/2007|11:16] C:\Program Files\BoundAround_Demo
    [09/07/2007|20:19] C:\Program Files\Boxen 2 DEMO
    [18/11/2007|11:16] C:\Program Files\BrickShooter Jr
    [18/11/2007|19:19] C:\Program Files\Brossard
    [26/11/2006|15:52] C:\Program Files\Bubble Frenzy
    [25/12/2004|13:50] C:\Program Files\Canon
    [18/11/2007|19:18] C:\Program Files\Car Thief
    [18/11/2007|19:20] C:\Program Files\Controle Parental
    [18/11/2007|19:16] C:\Program Files\Controle Parental(3)
    [18/11/2007|19:03] C:\Program Files\Controle Parental(4)
    [18/11/2007|11:16] C:\Program Files\cw3d
    [28/11/2006|19:35] C:\Program Files\DigiFUN
    [25/08/2008|11:35] C:\Program Files\directx
    [18/11/2007|19:18] C:\Program Files\DreamQuest
    [06/11/2005|19:08] C:\Program Files\EA GAMES
    [08/08/2007|15:55] C:\Program Files\Easy Internet signup
    [09/07/2007|20:11] C:\Program Files\EduProfix
    [18/11/2007|19:18] C:\Program Files\ElastoMania111
    [18/11/2007|19:17] C:\Program Files\Fashion Cents
    [31/08/2006|12:56] C:\Program Files\FaxTools
    [25/08/2008|11:37] C:\Program Files\Fichiers communs
    [31/01/2006|19:20] C:\Program Files\Firaxis Games
    [18/11/2007|19:20] C:\Program Files\GALLIMARD
    [28/10/2008|19:11] C:\Program Files\Google
    [11/11/2007|11:30] C:\Program Files\GrayMatter Innovations
    [01/01/2004|17:57] C:\Program Files\Help and Support Additions
    [01/01/2004|15:51] C:\Program Files\Hewlett-Packard
    [25/01/2006|14:12] C:\Program Files\Homebrew Software
    [01/01/2004|17:25] C:\Program Files\HP
    [21/02/2008|15:11] C:\Program Files\id Software
    [23/03/2008|12:37] C:\Program Files\IncrediMail
    [18/11/2007|19:21] C:\Program Files\InetGet2
    [19/01/2008|11:33] C:\Program Files\Insider
    [28/10/2008|19:15] C:\Program Files\InstallShield Installation Information
    [28/10/2008|19:14] C:\Program Files\InterActual
    [02/09/2008|11:28] C:\Program Files\Internet Explorer
    [07/08/2007|19:50] C:\Program Files\Inventel
    [02/09/2008|11:07] C:\Program Files\Java
    [23/03/2008|12:35] C:\Program Files\Jeune Styliste
    [23/03/2008|12:36] C:\Program Files\Jeune Styliste 2
    [18/11/2007|19:18] C:\Program Files\Jollyware
    [18/11/2007|19:19] C:\Program Files\JrVetDemo
    [23/03/2008|12:36] C:\Program Files\JS FashionMaker
    [25/11/2006|14:55] C:\Program Files\Leeds Learning Color and Shapes
    [22/11/2008|11:06] C:\Program Files\Lexmark X1100 Series
    [19/09/2008|19:03] C:\Program Files\LimeWire
    [29/03/2008|13:56] C:\Program Files\Logitech
    [19/08/2007|20:40] C:\Program Files\Macrogaming
    [06/11/2005|13:36] C:\Program Files\Maxis
    [02/09/2008|11:35] C:\Program Files\Messenger
    [22/12/2007|11:57] C:\Program Files\Messenger Plus! Live
    [06/11/2005|19:28] C:\Program Files\Micro Application
    [31/12/2004|15:23] C:\Program Files\Microsoft AutoRoute
    [28/02/2008|13:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [18/11/2007|19:16] C:\Program Files\Microsoft Encarta
    [01/01/2004|14:06] C:\Program Files\microsoft frontpage
    [31/12/2004|15:22] C:\Program Files\Microsoft Money
    [27/02/2005|18:41] C:\Program Files\Microsoft Office
    [23/08/2007|22:03] C:\Program Files\Microsoft Picture It! 9
    [31/12/2004|15:18] C:\Program Files\Microsoft Works
    [28/12/2004|20:20] C:\Program Files\Microsoft Works Suite 2004
    [02/09/2008|11:28] C:\Program Files\Movie Maker
    [24/11/2008|18:39] C:\Program Files\Mozilla Firefox
    [30/07/2006|12:54] C:\Program Files\MP3 Player Utilities
    [25/11/2006|18:41] C:\Program Files\mpegable AVI
    [26/08/2005|17:52] C:\Program Files\MSN
    [01/01/2004|14:03] C:\Program Files\MSN Gaming Zone
    [27/02/2008|11:15] C:\Program Files\MSN Messenger
    [18/11/2007|19:19] C:\Program Files\MSXML 4.0
    [23/03/2008|12:32] C:\Program Files\Musicmatch
    [28/11/2006|19:32] C:\Program Files\MyABCD
    [02/09/2008|11:24] C:\Program Files\NetMeeting
    [01/01/2004|14:03] C:\Program Files\Online Services
    [25/08/2007|13:40] C:\Program Files\OpenOffice.org 2.0
    [22/04/2008|17:35] C:\Program Files\Orange
    [22/04/2008|17:29] C:\Program Files\OrangeHSS
    [03/09/2008|10:24] C:\Program Files\Outlook Express
    [01/01/2004|17:58] C:\Program Files\PC-Doctor for Windows
    [10/02/2007|17:31] C:\Program Files\Personal Strip Poker
    [18/11/2007|19:16] C:\Program Files\QuickTime
    [18/11/2007|19:19] C:\Program Files\Quiz
    [21/03/2007|14:44] C:\Program Files\Real
    [25/01/2006|14:15] C:\Program Files\Realore
    [18/11/2007|19:18] C:\Program Files\Save
    [18/11/2007|20:30] C:\Program Files\Securitoo
    [01/01/2004|18:06] C:\Program Files\Services en ligne
    [02/01/2004|06:00] C:\Program Files\SiS VGA Utilities V3.59e
    [27/02/2005|18:41] C:\Program Files\Snapshot Viewer
    [18/11/2007|19:15] C:\Program Files\Solsoft
    [08/08/2007|13:29] C:\Program Files\Symantec
    [18/11/2007|19:21] C:\Program Files\Temporary
    [29/06/2008|20:38] C:\Program Files\the send type
    [25/12/2006|01:33] C:\Program Files\Thomson
    [18/11/2007|19:18] C:\Program Files\TikGames
    [26/03/2005|19:16] C:\Program Files\TLC-Edusoft
    [04/01/2007|19:52] C:\Program Files\TLKGAMES
    [18/11/2007|11:16] C:\Program Files\Tomato Catcher
    [04/01/2007|19:57] C:\Program Files\Trymedia
    [18/11/2007|19:20] C:\Program Files\Ulead Systems
    [17/02/2008|15:27] C:\Program Files\VideoLAN
    [24/11/2008|18:16] C:\Program Files\Wanadoo
    [23/07/2008|13:40] C:\Program Files\WhenUSearch
    [18/11/2007|19:21] C:\Program Files\WinAble
    [27/02/2008|11:11] C:\Program Files\Windows Live
    [08/08/2007|20:58] C:\Program Files\Windows Media Connect 2
    [02/09/2008|11:23] C:\Program Files\Windows Media Player
    [02/09/2008|11:23] C:\Program Files\Windows NT
    [01/01/2004|14:06] C:\Program Files\xerox
    [28/11/2006|19:37] C:\Program Files\zippy

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [28/10/2008|19:08] C:\Program Files\Fichiers communs\Adobe
    [08/08/2007|09:52] C:\Program Files\Fichiers communs\AOL
    [21/03/2007|14:52] C:\Program Files\Fichiers communs\aolback
    [10/11/2007|19:01] C:\Program Files\Fichiers communs\Carlson
    [31/12/2004|15:17] C:\Program Files\Fichiers communs\Designer
    [25/08/2008|11:37] C:\Program Files\Fichiers communs\DirectX
    [22/04/2008|17:25] C:\Program Files\Fichiers communs\France Telecom
    [01/01/2004|15:41] C:\Program Files\Fichiers communs\Hewlett-Packard
    [02/01/2004|05:59] C:\Program Files\Fichiers communs\InstallShield
    [24/03/2008|13:42] C:\Program Files\Fichiers communs\Java
    [29/03/2008|14:11] C:\Program Files\Fichiers communs\LogiShrd
    [27/02/2008|11:13] C:\Program Files\Fichiers communs\Microsoft Shared
    [22/04/2008|17:34] C:\Program Files\Fichiers communs\Motive
    [01/01/2004|14:04] C:\Program Files\Fichiers communs\MSSoap
    [21/03/2007|14:45] C:\Program Files\Fichiers communs\Nullsoft
    [18/11/2007|19:19] C:\Program Files\Fichiers communs\Real
    [31/12/2004|19:32] C:\Program Files\Fichiers communs\Services
    [01/01/2004|14:59] C:\Program Files\Fichiers communs\SpeechEngines
    [02/09/2008|11:23] C:\Program Files\Fichiers communs\System
    [18/06/2005|13:30] C:\Program Files\Fichiers communs\Ulead Systems
    [27/02/2008|11:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 54 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-24 20:09:40
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 525

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:9383][D:1828]-> C:\DOCUME~1\journal\LOCALS~1\Temp
    [F:332][D:0]-> C:\DOCUME~1\journal\Cookies
    [F:627][D:4]-> C:\DOCUME~1\journal\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 24/11/2008|18:27 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 24/11/2008|20:11 - Option : [2]

    --------------------\\ Fin du rapport a 20:11:38
    a b 8 Sécurité
    25 Novembre 2008 12:45:32

    Reposte un rapport Hijackthis.
    25 Novembre 2008 13:02:42

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:01:18, on 25/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Fichiers communs\Motive\McciCMService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\keyhook.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\WhenUSearch\Search.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\WhenUSearch\whse.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Orange\LiveAssistant.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Documents and Settings\journal\Bureau\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/quicktime/buy/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
    O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
    O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
    O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [Orange_McciTrayApp] C:\Program Files\Orange\LiveAssistant.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
    O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
    O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
    O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O15 - Trusted Zone: http://pfttbc.ft.motive.com
    O15 - Trusted Zone: http://*.orange.fr
    O15 - Trusted Zone: http://rw.search.ke.voila.fr
    O15 - Trusted Zone: http://orange.weborama.fr
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 10779 bytes
    a b 8 Sécurité
    25 Novembre 2008 17:17:41

    Re,

    Télécharge Toolbar-S&D ([#ff0000]Team IDN[/#ff]) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    25 Novembre 2008 19:00:38



    -----------\\ ToolBar S&D 1.2.5 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
    BIOS : Rev. 3.11
    USER : journal ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
    D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
    Option : [1] ( 25/11/2008|18:54 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\WinAble
    C:\WINDOWS\iun6002.exe

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="http://www.google.com"
    "Search Bar"="http://www.google.com/ie"
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca..."
    "Default_Search_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."
    "Search Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."
    "Start Page"="http://home.sweetim.com"
    "Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !


    1 - "C:\ToolBar SD\TB_1.txt" - 25/11/2008|19:00 - Option : [1]

    -----------\\ Fin du rapport a 19:00:18,14

    25 Novembre 2008 19:03:30

    Citation :
    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\WinAble
    C:\WINDOWS\iun6002.exe

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="http://www.google.com"
    "Search Bar"="http://www.google.com/ie"
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca..."
    "Default_Search_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."
    "Search Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."
    "Start Page"="http://home.sweetim.com"
    "Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."



    tous sa c'est des infections?
    a b 8 Sécurité
    26 Novembre 2008 12:25:20

    Pas tout.

    Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.
    26 Novembre 2008 21:45:08


    -----------\\ ToolBar S&D 1.2.5 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
    BIOS : Rev. 3.11
    USER : journal ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
    D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
    Option : [2] ( 26/11/2008|21:40 )

    -----------\\ SUPPRESSION

    Supprime! - C:\WINDOWS\iun6002.exe
    Supprime! - C:\Program Files\WinAble

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="http://www.google.com"
    "Search Bar"="http://www.google.com/ie"
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca..."
    "Default_Search_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."
    "Search Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."
    "Start Page"="http://www.msn.com/"
    "Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !


    1 - "C:\ToolBar SD\TB_1.txt" - 25/11/2008|19:00 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 26/11/2008|21:44 - Option : [2]

    -----------\\ Fin du rapport a 21:44:11,14

    a b 8 Sécurité
    27 Novembre 2008 18:20:31

    Reposte un rapport Hijackthis.
    27 Novembre 2008 18:56:48

    Je remplace avast par antivir avant (j'esper que sa va pas tout faussé)
    27 Novembre 2008 19:07:10

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:06:46, on 27/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Fichiers communs\Motive\McciCMService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\keyhook.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\WhenUSearch\Search.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\WhenUSearch\whse.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Orange\LiveAssistant.exe
    C:\WINDOWS\system32\lexpps.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe
    C:\Documents and Settings\journal\Bureau\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/quicktime/buy/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
    O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
    O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
    O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [Orange_McciTrayApp] C:\Program Files\Orange\LiveAssistant.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
    O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
    O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
    O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O15 - Trusted Zone: http://pfttbc.ft.motive.com
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 10844 bytes
    a b 8 Sécurité
    27 Novembre 2008 19:31:08

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    27 Novembre 2008 20:03:26

    Bon il est a un objet infecté pour le moment bizarement je m'en douter bon je te post dés que c'est fini
    a b 8 Sécurité
    27 Novembre 2008 21:28:43

    Ok ;) 
    27 Novembre 2008 22:41:17

    Malwarebytes' Anti-Malware 1.30
    Database version: 1430
    Windows 5.1.2600 Service Pack 3

    27/11/2008 22:26:56
    mbam-log-2008-11-27 (22-26-56).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 181449
    Time elapsed: 2 hour(s), 9 minute(s), 4 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 5
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 5
    Files Infected: 17

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Carlson (Dialer) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
    C:\Program Files\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully.
    C:\Program Files\Fichiers communs\Carlson (Dialer) -> Quarantined and deleted successfully.
    C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.

    Files Infected:
    C:\Documents and Settings\journal\Local Settings\Temp\camg-77798.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\journal\Local Settings\Temp\MBDownloader_876923.exe (Adware.Mirar) -> Quarantined and deleted successfully.
    C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
    C:\WINDOWS\b147.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\WINDOWS\mrofinu1148.exe.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files\InetGet2\emg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files\Save\ReadMe.txt (Adware.WhenUSave) -> Quarantined and deleted successfully.
    C:\Program Files\Save\save.htm (Adware.WhenUSave) -> Quarantined and deleted successfully.
    C:\Program Files\Save\SaveUninst.exe (Adware.WhenUSave) -> Quarantined and deleted successfully.
    C:\Program Files\Fichiers communs\Carlson\carlton (Dialer) -> Quarantined and deleted successfully.
    C:\Program Files\Temporary\wininstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
    C:\WINDOWS\b111.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\WINDOWS\b122.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\WINDOWS\b128.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ossproxy.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Menu Démarrer\carlton (Dialer) -> Quarantined and deleted successfully.



    je l'ai fait via l'administrateur c'est pas grave? en tout cas il a trouver 27 objet infecté enfin a toi de me dire merci encore
    a b 8 Sécurité
    28 Novembre 2008 17:48:53

    Reposte un rapport Hijackthis.
    1 Décembre 2008 17:51:52

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:49:45, on 01/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Fichiers communs\Motive\McciCMService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\WhenUSearch\Search.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\WhenUSearch\whse.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Orange\LiveAssistant.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Documents and Settings\journal\Bureau\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/quicktime/buy/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
    O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
    O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
    O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [Orange_McciTrayApp] C:\Program Files\Orange\LiveAssistant.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
    O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
    O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
    O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O15 - Trusted Zone: http://pfttbc.ft.motive.com
    O15 - Trusted Zone: http://*.orange.fr
    O15 - Trusted Zone: http://rw.search.ke.voila.fr
    O15 - Trusted Zone: http://orange.weborama.fr
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 11108 bytes
    a b 8 Sécurité
    2 Décembre 2008 12:49:01

    Refais un scan Lop-SD option 1, on va terminer.
    2 Décembre 2008 13:09:51

    euh on va terminer? mais il est toujours aussi lent bon je t'envoie sa merci beaucoup


    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
    BIOS : Rev. 3.11
    USER : journal ( Administrator )
    BOOT : Normal boot
    Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
    C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
    D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [1] ( 02/12/2008|13:10 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [01/01/2004|17:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intervideo
    [11/08/2008|09:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
    [27/11/2008|20:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
    [01/01/2004|14:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [01/01/2004|18:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

    [28/10/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [08/08/2007|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [01/01/2004|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [27/11/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [31/08/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [30/11/2008|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [01/01/2004|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [01/01/2004|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [29/03/2008|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [27/11/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [08/08/2007|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [27/02/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [22/04/2008|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [12/12/2004|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [17/05/2005|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [01/01/2004|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [27/02/2005|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
    [08/08/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [18/06/2005|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [09/08/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [27/02/2008|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller




    [01/01/2004|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
    [11/08/2008|09:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [01/01/2004|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [01/01/2004|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [05/12/2004|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
    [09/02/2005|14:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
    [07/05/2007|14:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
    [08/12/2004|17:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
    [01/01/2004|14:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
    [20/02/2005|15:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
    [16/12/2004|18:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
    [28/11/2004|10:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
    [30/07/2006|12:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
    [27/02/2005|18:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
    [05/12/2004|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
    [01/01/2004|18:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
    [16/12/2004|18:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
    [01/01/2004|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
    [17/01/2005|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
    [18/06/2005|13:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems

    [06/09/2008|16:50] C:\DOCUME~1\journal\APPLIC~1\Adobe
    [25/12/2006|01:36] C:\DOCUME~1\journal\APPLIC~1\AdobeUM
    [09/11/2005|12:47] C:\DOCUME~1\journal\APPLIC~1\Alive! Jigsaw
    [25/02/2007|14:18] C:\DOCUME~1\journal\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\journal\APPLIC~1\Apple Computer
    [21/03/2008|21:05] C:\DOCUME~1\journal\APPLIC~1\Google
    [24/08/2005|09:44] C:\DOCUME~1\journal\APPLIC~1\Help
    [01/01/2004|14:06] C:\DOCUME~1\journal\APPLIC~1\Identities
    [06/11/2005|10:36] C:\DOCUME~1\journal\APPLIC~1\InstallShield
    [20/08/2005|11:19] C:\DOCUME~1\journal\APPLIC~1\Intervideo
    [11/10/2006|20:48] C:\DOCUME~1\journal\APPLIC~1\Leadertech
    [15/11/2008|12:22] C:\DOCUME~1\journal\APPLIC~1\LimeWire
    [14/01/2007|11:55] C:\DOCUME~1\journal\APPLIC~1\Macromedia
    [27/11/2008|19:49] C:\DOCUME~1\journal\APPLIC~1\Malwarebytes
    [08/08/2007|13:01] C:\DOCUME~1\journal\APPLIC~1\Microsoft
    [22/04/2008|17:36] C:\DOCUME~1\journal\APPLIC~1\Motive
    [30/08/2008|10:50] C:\DOCUME~1\journal\APPLIC~1\Mozilla
    [23/11/2008|15:13] C:\DOCUME~1\journal\APPLIC~1\OpenOffice.org2
    [18/11/2007|19:19] C:\DOCUME~1\journal\APPLIC~1\Real
    [01/01/2004|18:12] C:\DOCUME~1\journal\APPLIC~1\SampleView
    [18/09/2005|18:39] C:\DOCUME~1\journal\APPLIC~1\Sonic
    [01/01/2004|15:07] C:\DOCUME~1\journal\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\journal\APPLIC~1\Symantec
    [20/07/2008|21:30] C:\DOCUME~1\journal\APPLIC~1\the send type
    [07/11/2006|18:41] C:\DOCUME~1\journal\APPLIC~1\Ulead Systems
    [17/02/2008|15:39] C:\DOCUME~1\journal\APPLIC~1\vlc
    [21/03/2007|14:47] C:\DOCUME~1\journal\APPLIC~1\You've Got Pictures Screensaver

    [09/08/2007|10:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [01/01/2004|14:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [31/08/2008|15:51] C:\DOCUME~1\SANDRI~1\APPLIC~1\Adobe
    [01/04/2007|09:40] C:\DOCUME~1\SANDRI~1\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\SANDRI~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\SANDRI~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\SANDRI~1\APPLIC~1\Intervideo
    [13/08/2007|11:33] C:\DOCUME~1\SANDRI~1\APPLIC~1\Macromedia
    [17/04/2008|11:27] C:\DOCUME~1\SANDRI~1\APPLIC~1\Microsoft
    [17/06/2008|15:54] C:\DOCUME~1\SANDRI~1\APPLIC~1\Motive
    [13/08/2007|11:28] C:\DOCUME~1\SANDRI~1\APPLIC~1\Mozilla
    [01/01/2004|18:12] C:\DOCUME~1\SANDRI~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\SANDRI~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\SANDRI~1\APPLIC~1\Symantec
    [31/08/2008|15:00] C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [01/12/2008 18:44][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1102268630.job
    [05/08/2004 11:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
    [01/01/2004 21:08][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
    [02/12/2008 10:53][--ah-----] C:\WINDOWS\tasks\SA.DAT

    --------------------\\ Listing des dossiers dans C:\Program Files

    [06/11/2005|11:55] C:\Program Files\123 Free Puzzle
    [28/10/2008|19:08] C:\Program Files\Adobe
    [18/11/2007|19:20] C:\Program Files\AirStrike3D DEMO
    [09/11/2005|12:48] C:\Program Files\All Ages Software
    [08/08/2007|13:50] C:\Program Files\Alwil Software
    [29/01/2006|18:10] C:\Program Files\Anuman Interactive
    [18/11/2007|19:18] C:\Program Files\AOL 9.0
    [27/11/2008|19:02] C:\Program Files\Avira
    [18/11/2007|19:18] C:\Program Files\Blastorama Demo
    [18/11/2007|11:16] C:\Program Files\BoundAround_Demo
    [09/07/2007|20:19] C:\Program Files\Boxen 2 DEMO
    [18/11/2007|11:16] C:\Program Files\BrickShooter Jr
    [18/11/2007|19:19] C:\Program Files\Brossard
    [26/11/2006|15:52] C:\Program Files\Bubble Frenzy
    [25/12/2004|13:50] C:\Program Files\Canon
    [18/11/2007|19:18] C:\Program Files\Car Thief
    [18/11/2007|19:20] C:\Program Files\Controle Parental
    [18/11/2007|19:16] C:\Program Files\Controle Parental(3)
    [18/11/2007|19:03] C:\Program Files\Controle Parental(4)
    [18/11/2007|11:16] C:\Program Files\cw3d
    [28/11/2006|19:35] C:\Program Files\DigiFUN
    [25/08/2008|11:35] C:\Program Files\directx
    [18/11/2007|19:18] C:\Program Files\DreamQuest
    [06/11/2005|19:08] C:\Program Files\EA GAMES
    [08/08/2007|15:55] C:\Program Files\Easy Internet signup
    [09/07/2007|20:11] C:\Program Files\EduProfix
    [18/11/2007|19:18] C:\Program Files\ElastoMania111
    [18/11/2007|19:17] C:\Program Files\Fashion Cents
    [31/08/2006|12:56] C:\Program Files\FaxTools
    [27/11/2008|22:26] C:\Program Files\Fichiers communs
    [31/01/2006|19:20] C:\Program Files\Firaxis Games
    [18/11/2007|19:20] C:\Program Files\GALLIMARD
    [28/10/2008|19:11] C:\Program Files\Google
    [11/11/2007|11:30] C:\Program Files\GrayMatter Innovations
    [01/01/2004|17:57] C:\Program Files\Help and Support Additions
    [01/01/2004|15:51] C:\Program Files\Hewlett-Packard
    [25/01/2006|14:12] C:\Program Files\Homebrew Software
    [01/01/2004|17:25] C:\Program Files\HP
    [21/02/2008|15:11] C:\Program Files\id Software
    [23/03/2008|12:37] C:\Program Files\IncrediMail
    [28/10/2008|19:15] C:\Program Files\InstallShield Installation Information
    [28/10/2008|19:14] C:\Program Files\InterActual
    [02/09/2008|11:28] C:\Program Files\Internet Explorer
    [07/08/2007|19:50] C:\Program Files\Inventel
    [02/09/2008|11:07] C:\Program Files\Java
    [23/03/2008|12:35] C:\Program Files\Jeune Styliste
    [23/03/2008|12:36] C:\Program Files\Jeune Styliste 2
    [18/11/2007|19:18] C:\Program Files\Jollyware
    [18/11/2007|19:19] C:\Program Files\JrVetDemo
    [23/03/2008|12:36] C:\Program Files\JS FashionMaker
    [25/11/2006|14:55] C:\Program Files\Leeds Learning Color and Shapes
    [22/11/2008|11:06] C:\Program Files\Lexmark X1100 Series
    [19/09/2008|19:03] C:\Program Files\LimeWire
    [29/03/2008|13:56] C:\Program Files\Logitech
    [19/08/2007|20:40] C:\Program Files\Macrogaming
    [27/11/2008|19:49] C:\Program Files\Malwarebytes' Anti-Malware
    [06/11/2005|13:36] C:\Program Files\Maxis
    [02/09/2008|11:35] C:\Program Files\Messenger
    [22/12/2007|11:57] C:\Program Files\Messenger Plus! Live
    [06/11/2005|19:28] C:\Program Files\Micro Application
    [31/12/2004|15:23] C:\Program Files\Microsoft AutoRoute
    [28/02/2008|13:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [18/11/2007|19:16] C:\Program Files\Microsoft Encarta
    [01/01/2004|14:06] C:\Program Files\microsoft frontpage
    [31/12/2004|15:22] C:\Program Files\Microsoft Money
    [27/02/2005|18:41] C:\Program Files\Microsoft Office
    [23/08/2007|22:03] C:\Program Files\Microsoft Picture It! 9
    [31/12/2004|15:18] C:\Program Files\Microsoft Works
    [28/12/2004|20:20] C:\Program Files\Microsoft Works Suite 2004
    [02/09/2008|11:28] C:\Program Files\Movie Maker
    [01/12/2008|17:50] C:\Program Files\Mozilla Firefox
    [30/07/2006|12:54] C:\Program Files\MP3 Player Utilities
    [25/11/2006|18:41] C:\Program Files\mpegable AVI
    [26/08/2005|17:52] C:\Program Files\MSN
    [01/01/2004|14:03] C:\Program Files\MSN Gaming Zone
    [27/02/2008|11:15] C:\Program Files\MSN Messenger
    [18/11/2007|19:19] C:\Program Files\MSXML 4.0
    [23/03/2008|12:32] C:\Program Files\Musicmatch
    [28/11/2006|19:32] C:\Program Files\MyABCD
    [02/09/2008|11:24] C:\Program Files\NetMeeting
    [01/01/2004|14:03] C:\Program Files\Online Services
    [25/08/2007|13:40] C:\Program Files\OpenOffice.org 2.0
    [27/11/2008|22:41] C:\Program Files\Orange
    [22/04/2008|17:29] C:\Program Files\OrangeHSS
    [03/09/2008|10:24] C:\Program Files\Outlook Express
    [01/01/2004|17:58] C:\Program Files\PC-Doctor for Windows
    [10/02/2007|17:31] C:\Program Files\Personal Strip Poker
    [18/11/2007|19:16] C:\Program Files\QuickTime
    [18/11/2007|19:19] C:\Program Files\Quiz
    [21/03/2007|14:44] C:\Program Files\Real
    [25/01/2006|14:15] C:\Program Files\Realore
    [18/11/2007|20:30] C:\Program Files\Securitoo
    [01/01/2004|18:06] C:\Program Files\Services en ligne
    [02/01/2004|06:00] C:\Program Files\SiS VGA Utilities V3.59e
    [27/02/2005|18:41] C:\Program Files\Snapshot Viewer
    [18/11/2007|19:15] C:\Program Files\Solsoft
    [08/08/2007|13:29] C:\Program Files\Symantec
    [29/06/2008|20:38] C:\Program Files\the send type
    [25/12/2006|01:33] C:\Program Files\Thomson
    [18/11/2007|19:18] C:\Program Files\TikGames
    [26/03/2005|19:16] C:\Program Files\TLC-Edusoft
    [04/01/2007|19:52] C:\Program Files\TLKGAMES
    [18/11/2007|11:16] C:\Program Files\Tomato Catcher
    [04/01/2007|19:57] C:\Program Files\Trymedia
    [18/11/2007|19:20] C:\Program Files\Ulead Systems
    [17/02/2008|15:27] C:\Program Files\VideoLAN
    [24/11/2008|18:16] C:\Program Files\Wanadoo
    [23/07/2008|13:40] C:\Program Files\WhenUSearch
    [27/02/2008|11:11] C:\Program Files\Windows Live
    [08/08/2007|20:58] C:\Program Files\Windows Media Connect 2
    [02/09/2008|11:23] C:\Program Files\Windows Media Player
    [02/09/2008|11:23] C:\Program Files\Windows NT
    [01/01/2004|14:06] C:\Program Files\xerox
    [28/11/2006|19:37] C:\Program Files\zippy

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [28/10/2008|19:08] C:\Program Files\Fichiers communs\Adobe
    [08/08/2007|09:52] C:\Program Files\Fichiers communs\AOL
    [21/03/2007|14:52] C:\Program Files\Fichiers communs\aolback
    [31/12/2004|15:17] C:\Program Files\Fichiers communs\Designer
    [25/08/2008|11:37] C:\Program Files\Fichiers communs\DirectX
    [22/04/2008|17:25] C:\Program Files\Fichiers communs\France Telecom
    [01/01/2004|15:41] C:\Program Files\Fichiers communs\Hewlett-Packard
    [02/01/2004|05:59] C:\Program Files\Fichiers communs\InstallShield
    [24/03/2008|13:42] C:\Program Files\Fichiers communs\Java
    [29/03/2008|14:11] C:\Program Files\Fichiers communs\LogiShrd
    [27/02/2008|11:13] C:\Program Files\Fichiers communs\Microsoft Shared
    [22/04/2008|17:34] C:\Program Files\Fichiers communs\Motive
    [01/01/2004|14:04] C:\Program Files\Fichiers communs\MSSoap
    [21/03/2007|14:45] C:\Program Files\Fichiers communs\Nullsoft
    [18/11/2007|19:19] C:\Program Files\Fichiers communs\Real
    [31/12/2004|19:32] C:\Program Files\Fichiers communs\Services
    [01/01/2004|14:59] C:\Program Files\Fichiers communs\SpeechEngines
    [02/09/2008|11:23] C:\Program Files\Fichiers communs\System
    [18/06/2005|13:30] C:\Program Files\Fichiers communs\Ulead Systems
    [27/02/2008|11:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 57 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\journal\Cookies\journal@advertising[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-02 13:12:11
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 525

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:9429][D:1841]-> C:\DOCUME~1\journal\LOCALS~1\Temp
    [F:334][D:0]-> C:\DOCUME~1\journal\Cookies
    [F:713][D:4]-> C:\DOCUME~1\journal\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 24/11/2008|18:27 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 24/11/2008|20:11 - Option : [2]
    3 - "C:\Lop SD\LopR_3.txt" - 02/12/2008|13:15 - Option : [1]

    --------------------\\ Fin du rapport a 13:15:22
    a b 8 Sécurité
    2 Décembre 2008 18:23:34

    Re,

    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    C:\Program Files\the send type
    C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type
    C:\DOCUME~1\journal\APPLIC~1\the send type


  • Relance Lop S&D.
  • Choisis cette fois-ci l'option 4 (LopScript). Une page blanche va s'ouvrir, colle (Ctrl+V) le texte précedemment copié.
  • Ferme cette page, il te sera demandé de l'enregistrer, accepte.
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ![/#f]
  • Poste le rapport généré (C:\lopR.txt*)

    (Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    * le nom de la partition peut changer
    3 Décembre 2008 10:03:39


    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
    BIOS : Rev. 3.11
    USER : journal ( Administrator )
    BOOT : Normal boot
    Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
    C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
    D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [4] ( 03/12/2008| 9:51 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

    C:\Program Files\the send type
    C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type
    C:\DOCUME~1\journal\APPLIC~1\the send type


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\Program Files\the send type
    Supprime! - C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type
    Supprime! - C:\DOCUME~1\journal\APPLIC~1\the send type
    Supprime! - C:\DOCUME~1\journal\Cookies\journal@advertising[2].txt

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [01/01/2004|17:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intervideo
    [11/08/2008|09:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
    [27/11/2008|20:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
    [01/01/2004|14:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [01/01/2004|18:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

    [28/10/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [08/08/2007|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [01/01/2004|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [27/11/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [31/08/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [01/12/2008|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [01/01/2004|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [01/01/2004|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [29/03/2008|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [27/11/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [08/08/2007|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [27/02/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [22/04/2008|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [12/12/2004|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [17/05/2005|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [01/01/2004|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [27/02/2005|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
    [08/08/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [18/06/2005|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [09/08/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [27/02/2008|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller




    [01/01/2004|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
    [11/08/2008|09:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [01/01/2004|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [01/01/2004|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [05/12/2004|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
    [09/02/2005|14:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
    [07/05/2007|14:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
    [08/12/2004|17:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
    [01/01/2004|14:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
    [20/02/2005|15:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
    [16/12/2004|18:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
    [28/11/2004|10:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
    [30/07/2006|12:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
    [27/02/2005|18:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
    [05/12/2004|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
    [01/01/2004|18:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
    [16/12/2004|18:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
    [01/01/2004|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
    [17/01/2005|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
    [18/06/2005|13:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems

    [06/09/2008|16:50] C:\DOCUME~1\journal\APPLIC~1\Adobe
    [25/12/2006|01:36] C:\DOCUME~1\journal\APPLIC~1\AdobeUM
    [09/11/2005|12:47] C:\DOCUME~1\journal\APPLIC~1\Alive! Jigsaw
    [25/02/2007|14:18] C:\DOCUME~1\journal\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\journal\APPLIC~1\Apple Computer
    [21/03/2008|21:05] C:\DOCUME~1\journal\APPLIC~1\Google
    [24/08/2005|09:44] C:\DOCUME~1\journal\APPLIC~1\Help
    [01/01/2004|14:06] C:\DOCUME~1\journal\APPLIC~1\Identities
    [06/11/2005|10:36] C:\DOCUME~1\journal\APPLIC~1\InstallShield
    [20/08/2005|11:19] C:\DOCUME~1\journal\APPLIC~1\Intervideo
    [11/10/2006|20:48] C:\DOCUME~1\journal\APPLIC~1\Leadertech
    [15/11/2008|12:22] C:\DOCUME~1\journal\APPLIC~1\LimeWire
    [14/01/2007|11:55] C:\DOCUME~1\journal\APPLIC~1\Macromedia
    [27/11/2008|19:49] C:\DOCUME~1\journal\APPLIC~1\Malwarebytes
    [08/08/2007|13:01] C:\DOCUME~1\journal\APPLIC~1\Microsoft
    [22/04/2008|17:36] C:\DOCUME~1\journal\APPLIC~1\Motive
    [30/08/2008|10:50] C:\DOCUME~1\journal\APPLIC~1\Mozilla
    [23/11/2008|15:13] C:\DOCUME~1\journal\APPLIC~1\OpenOffice.org2
    [18/11/2007|19:19] C:\DOCUME~1\journal\APPLIC~1\Real
    [01/01/2004|18:12] C:\DOCUME~1\journal\APPLIC~1\SampleView
    [18/09/2005|18:39] C:\DOCUME~1\journal\APPLIC~1\Sonic
    [01/01/2004|15:07] C:\DOCUME~1\journal\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\journal\APPLIC~1\Symantec
    [07/11/2006|18:41] C:\DOCUME~1\journal\APPLIC~1\Ulead Systems
    [17/02/2008|15:39] C:\DOCUME~1\journal\APPLIC~1\vlc
    [21/03/2007|14:47] C:\DOCUME~1\journal\APPLIC~1\You've Got Pictures Screensaver

    [09/08/2007|10:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [01/01/2004|14:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [31/08/2008|15:51] C:\DOCUME~1\SANDRI~1\APPLIC~1\Adobe
    [01/04/2007|09:40] C:\DOCUME~1\SANDRI~1\APPLIC~1\AOL
    [01/01/2004|17:45] C:\DOCUME~1\SANDRI~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\SANDRI~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\SANDRI~1\APPLIC~1\Intervideo
    [13/08/2007|11:33] C:\DOCUME~1\SANDRI~1\APPLIC~1\Macromedia
    [17/04/2008|11:27] C:\DOCUME~1\SANDRI~1\APPLIC~1\Microsoft
    [17/06/2008|15:54] C:\DOCUME~1\SANDRI~1\APPLIC~1\Motive
    [13/08/2007|11:28] C:\DOCUME~1\SANDRI~1\APPLIC~1\Mozilla
    [01/01/2004|18:12] C:\DOCUME~1\SANDRI~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\SANDRI~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\SANDRI~1\APPLIC~1\Symantec

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [02/12/2008 18:44][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1102268630.job
    [05/08/2004 11:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
    [01/01/2004 21:08][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
    [03/12/2008 09:40][--ah-----] C:\WINDOWS\tasks\SA.DAT

    --------------------\\ Listing des dossiers dans C:\Program Files

    [06/11/2005|11:55] C:\Program Files\123 Free Puzzle
    [28/10/2008|19:08] C:\Program Files\Adobe
    [18/11/2007|19:20] C:\Program Files\AirStrike3D DEMO
    [09/11/2005|12:48] C:\Program Files\All Ages Software
    [08/08/2007|13:50] C:\Program Files\Alwil Software
    [29/01/2006|18:10] C:\Program Files\Anuman Interactive
    [18/11/2007|19:18] C:\Program Files\AOL 9.0
    [27/11/2008|19:02] C:\Program Files\Avira
    [18/11/2007|19:18] C:\Program Files\Blastorama Demo
    [18/11/2007|11:16] C:\Program Files\BoundAround_Demo
    [09/07/2007|20:19] C:\Program Files\Boxen 2 DEMO
    [18/11/2007|11:16] C:\Program Files\BrickShooter Jr
    [18/11/2007|19:19] C:\Program Files\Brossard
    [26/11/2006|15:52] C:\Program Files\Bubble Frenzy
    [25/12/2004|13:50] C:\Program Files\Canon
    [18/11/2007|19:18] C:\Program Files\Car Thief
    [18/11/2007|19:20] C:\Program Files\Controle Parental
    [18/11/2007|19:16] C:\Program Files\Controle Parental(3)
    [18/11/2007|19:03] C:\Program Files\Controle Parental(4)
    [18/11/2007|11:16] C:\Program Files\cw3d
    [28/11/2006|19:35] C:\Program Files\DigiFUN
    [25/08/2008|11:35] C:\Program Files\directx
    [18/11/2007|19:18] C:\Program Files\DreamQuest
    [06/11/2005|19:08] C:\Program Files\EA GAMES
    [08/08/2007|15:55] C:\Program Files\Easy Internet signup
    [09/07/2007|20:11] C:\Program Files\EduProfix
    [18/11/2007|19:18] C:\Program Files\ElastoMania111
    [18/11/2007|19:17] C:\Program Files\Fashion Cents
    [31/08/2006|12:56] C:\Program Files\FaxTools
    [27/11/2008|22:26] C:\Program Files\Fichiers communs
    [31/01/2006|19:20] C:\Program Files\Firaxis Games
    [18/11/2007|19:20] C:\Program Files\GALLIMARD
    [28/10/2008|19:11] C:\Program Files\Google
    [11/11/2007|11:30] C:\Program Files\GrayMatter Innovations
    [01/01/2004|17:57] C:\Program Files\Help and Support Additions
    [01/01/2004|15:51] C:\Program Files\Hewlett-Packard
    [25/01/2006|14:12] C:\Program Files\Homebrew Software
    [01/01/2004|17:25] C:\Program Files\HP
    [21/02/2008|15:11] C:\Program Files\id Software
    [23/03/2008|12:37] C:\Program Files\IncrediMail
    [28/10/2008|19:15] C:\Program Files\InstallShield Installation Information
    [28/10/2008|19:14] C:\Program Files\InterActual
    [02/09/2008|11:28] C:\Program Files\Internet Explorer
    [07/08/2007|19:50] C:\Program Files\Inventel
    [02/09/2008|11:07] C:\Program Files\Java
    [23/03/2008|12:35] C:\Program Files\Jeune Styliste
    [23/03/2008|12:36] C:\Program Files\Jeune Styliste 2
    [18/11/2007|19:18] C:\Program Files\Jollyware
    [18/11/2007|19:19] C:\Program Files\JrVetDemo
    [23/03/2008|12:36] C:\Program Files\JS FashionMaker
    [25/11/2006|14:55] C:\Program Files\Leeds Learning Color and Shapes
    [22/11/2008|11:06] C:\Program Files\Lexmark X1100 Series
    [19/09/2008|19:03] C:\Program Files\LimeWire
    [29/03/2008|13:56] C:\Program Files\Logitech
    [19/08/2007|20:40] C:\Program Files\Macrogaming
    [27/11/2008|19:49] C:\Program Files\Malwarebytes' Anti-Malware
    [06/11/2005|13:36] C:\Program Files\Maxis
    [02/09/2008|11:35] C:\Program Files\Messenger
    [22/12/2007|11:57] C:\Program Files\Messenger Plus! Live
    [06/11/2005|19:28] C:\Program Files\Micro Application
    [31/12/2004|15:23] C:\Program Files\Microsoft AutoRoute
    [28/02/2008|13:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [18/11/2007|19:16] C:\Program Files\Microsoft Encarta
    [01/01/2004|14:06] C:\Program Files\microsoft frontpage
    [31/12/2004|15:22] C:\Program Files\Microsoft Money
    [27/02/2005|18:41] C:\Program Files\Microsoft Office
    [23/08/2007|22:03] C:\Program Files\Microsoft Picture It! 9
    [31/12/2004|15:18] C:\Program Files\Microsoft Works
    [28/12/2004|20:20] C:\Program Files\Microsoft Works Suite 2004
    [02/09/2008|11:28] C:\Program Files\Movie Maker
    [03/12/2008|09:45] C:\Program Files\Mozilla Firefox
    [30/07/2006|12:54] C:\Program Files\MP3 Player Utilities
    [25/11/2006|18:41] C:\Program Files\mpegable AVI
    [26/08/2005|17:52] C:\Program Files\MSN
    [01/01/2004|14:03] C:\Program Files\MSN Gaming Zone
    [27/02/2008|11:15] C:\Program Files\MSN Messenger
    [18/11/2007|19:19] C:\Program Files\MSXML 4.0
    [23/03/2008|12:32] C:\Program Files\Musicmatch
    [28/11/2006|19:32] C:\Program Files\MyABCD
    [02/09/2008|11:24] C:\Program Files\NetMeeting
    [01/01/2004|14:03] C:\Program Files\Online Services
    [25/08/2007|13:40] C:\Program Files\OpenOffice.org 2.0
    [27/11/2008|22:41] C:\Program Files\Orange
    [22/04/2008|17:29] C:\Program Files\OrangeHSS
    [03/09/2008|10:24] C:\Program Files\Outlook Express
    [01/01/2004|17:58] C:\Program Files\PC-Doctor for Windows
    [10/02/2007|17:31] C:\Program Files\Personal Strip Poker
    [18/11/2007|19:16] C:\Program Files\QuickTime
    [18/11/2007|19:19] C:\Program Files\Quiz
    [21/03/2007|14:44] C:\Program Files\Real
    [25/01/2006|14:15] C:\Program Files\Realore
    [18/11/2007|20:30] C:\Program Files\Securitoo
    [01/01/2004|18:06] C:\Program Files\Services en ligne
    [02/01/2004|06:00] C:\Program Files\SiS VGA Utilities V3.59e
    [27/02/2005|18:41] C:\Program Files\Snapshot Viewer
    [18/11/2007|19:15] C:\Program Files\Solsoft
    [08/08/2007|13:29] C:\Program Files\Symantec
    [25/12/2006|01:33] C:\Program Files\Thomson
    [18/11/2007|19:18] C:\Program Files\TikGames
    [26/03/2005|19:16] C:\Program Files\TLC-Edusoft
    [04/01/2007|19:52] C:\Program Files\TLKGAMES
    [18/11/2007|11:16] C:\Program Files\Tomato Catcher
    [04/01/2007|19:57] C:\Program Files\Trymedia
    [18/11/2007|19:20] C:\Program Files\Ulead Systems
    [17/02/2008|15:27] C:\Program Files\VideoLAN
    [24/11/2008|18:16] C:\Program Files\Wanadoo
    [23/07/2008|13:40] C:\Program Files\WhenUSearch
    [27/02/2008|11:11] C:\Program Files\Windows Live
    [08/08/2007|20:58] C:\Program Files\Windows Media Connect 2
    [02/09/2008|11:23] C:\Program Files\Windows Media Player
    [02/09/2008|11:23] C:\Program Files\Windows NT
    [01/01/2004|14:06] C:\Program Files\xerox
    [28/11/2006|19:37] C:\Program Files\zippy

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [28/10/2008|19:08] C:\Program Files\Fichiers communs\Adobe
    [08/08/2007|09:52] C:\Program Files\Fichiers communs\AOL
    [21/03/2007|14:52] C:\Program Files\Fichiers communs\aolback
    [31/12/2004|15:17] C:\Program Files\Fichiers communs\Designer
    [25/08/2008|11:37] C:\Program Files\Fichiers communs\DirectX
    [22/04/2008|17:25] C:\Program Files\Fichiers communs\France Telecom
    [01/01/2004|15:41] C:\Program Files\Fichiers communs\Hewlett-Packard
    [02/01/2004|05:59] C:\Program Files\Fichiers communs\InstallShield
    [24/03/2008|13:42] C:\Program Files\Fichiers communs\Java
    [29/03/2008|14:11] C:\Program Files\Fichiers communs\LogiShrd
    [27/02/2008|11:13] C:\Program Files\Fichiers communs\Microsoft Shared
    [22/04/2008|17:34] C:\Program Files\Fichiers communs\Motive
    [01/01/2004|14:04] C:\Program Files\Fichiers communs\MSSoap
    [21/03/2007|14:45] C:\Program Files\Fichiers communs\Nullsoft
    [18/11/2007|19:19] C:\Program Files\Fichiers communs\Real
    [31/12/2004|19:32] C:\Program Files\Fichiers communs\Services
    [01/01/2004|14:59] C:\Program Files\Fichiers communs\SpeechEngines
    [02/09/2008|11:23] C:\Program Files\Fichiers communs\System
    [18/06/2005|13:30] C:\Program Files\Fichiers communs\Ulead Systems
    [27/02/2008|11:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 56 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-03 09:56:35
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 525

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:9434][D:1842]-> C:\DOCUME~1\journal\LOCALS~1\Temp
    [F:333][D:0]-> C:\DOCUME~1\journal\Cookies
    [F:713][D:4]-> C:\DOCUME~1\journal\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 24/11/2008|18:27 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 24/11/2008|20:11 - Option : [2]
    3 - "C:\Lop SD\LopR_3.txt" - 02/12/2008|13:15 - Option : [1]
    4 - "C:\Lop SD\LopR_4.txt" - 03/12/2008|10:00 - Option : [4]

    --------------------\\ Fin du rapport a 10:00:36


    Je sais pas si c'est normal mais quand lop S&D faisais son travail antivir a trouver des trojan j'ai donc choisi l'option delete ais-jr birn fait?
    a b 8 Sécurité
    3 Décembre 2008 12:46:11

    Si cela venait d'AntiVir, il ne fallait pas delete. Reposte un rapport Hijackthis.
    3 Décembre 2008 13:23:15

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:21:18, on 03/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Fichiers communs\Motive\McciCMService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\keyhook.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\WhenUSearch\Search.exe
    C:\Program Files\WhenUSearch\whse.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Orange\LiveAssistant.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Documents and Settings\journal\Bureau\HiJackThis.exe
    C:\WINDOWS\system32\wuauclt.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/quicktime/buy/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
    O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
    O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
    O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [Orange_McciTrayApp] C:\Program Files\Orange\LiveAssistant.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
    O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
    O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
    O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O15 - Trusted Zone: http://pfttbc.ft.motive.com
    O15 - Trusted Zone: http://*.orange.fr
    O15 - Trusted Zone: http://rw.search.ke.voila.fr
    O15 - Trusted Zone: http://orange.weborama.fr
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 11174 bytes


    il fallait que je fasse quoi alors? pour les virus d'antivir?
    a b 8 Sécurité
    3 Décembre 2008 17:49:46

    Re,

    Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
    O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
    O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
    O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe

    Supprime :
    C:\Program Files\Save
    C:\Program Files\WhenUSearch
    3 Décembre 2008 18:01:36

    Ok c'est fait seulement je n'est pas trouver :

    C:\Program Files\Save

    Et :
    C:\Program Files\WhenUSearch est désormer dans la corbeil

    de plus quand j'ai fixé un dossier "Backup" est apparu sur le bureau voila le résultat de se que j'ai fait je suis a votre écoute

    merci encore
    a b 8 Sécurité
    4 Décembre 2008 16:56:06

    Pas grave pour Save, tu peux virer le dossier Backups.
    Reposte un rapport Hijackthis.
    4 Décembre 2008 17:17:21

    Salut dit moi en attendant ta réponse j'ai lancer un scan antivir en mode sans échec et je suis a 13 détection je ne sais pas si j'ai bien fait ( sa peu pas lui faire de mal de toute façon) tu voudra le rapport antivir? aussi (il est pas fini encore mais il va pas tarder d'ici 30minutes tu a t'es deux rapport
    a b 8 Sécurité
    4 Décembre 2008 18:21:24

    Yep balance le rapport ;) 
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS