Votre question

encore des fenetres explorer publicitaires

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Septembre 2008 11:34:39

bonjour
je lance ce sujet car des fenetre internet s'ouvrent a nouveau toutes seules: lorsque je vais sur explorer il y a 2 ou 3 autre fenetres publicitaires qui s'ouvres ce sont des fenetre qui en general sont des pub pour site de rencontre ou telephone mobile.
quelqun pourait m'aider svp?

Autres pages sur : fenetres explorer publicitaires

14 Septembre 2008 14:24:53

merci de vous ocuper de mon probleme...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:23:44, on 14/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Clock window.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKCU\..\Run: [regs remote] C:\DOCUME~1\lomig\APPLIC~1\2BODY~1\Seek Mail.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Compaq_Propriétaire')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Compaq_Propriétaire')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 (User 'Compaq_Propriétaire')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden (User 'Compaq_Propriétaire')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [regs remote] C:\DOCUME~1\COMPAQ~1\APPLIC~1\2BODY~1\Seek Mail.exe (User 'Compaq_Propriétaire')
O4 - S-1-5-21-2467794096-1380120373-2375025980-1008 Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe (User 'Compaq_Propriétaire')
O4 - S-1-5-21-2467794096-1380120373-2375025980-1008 User Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe (User 'Compaq_Propriétaire')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPl...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: crawley - {8bbe40fd-0416-4c3f-80ea-0c7ad5fb1aab} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 16492 bytes
Contenus similaires
a b 8 Sécurité
14 Septembre 2008 19:56:42

Bonjour,

Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de LopS&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré (C:\lopR.txt*)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    * le nom de la partition peut changer
    17 Septembre 2008 17:51:39

    bonjour,voici le rapport
    --------------------\\ Lop S&D 4.2.3-6 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
    BIOS : BIOS Ver: A7225NH5 V3.13 07/18/06 14:31:38
    USER : lomig ( Administrator )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 15.5.0.23 (Activated)
    Firewall : Norton Internet Security 15.5.0.23 (Activated)

    "C:\Lop SD" ( MAJ : 27-08-2008|22:40 )
    Option : [1] ( 17/09/2008|17:41 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [23/05/2007|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [06/12/2007|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [08/03/2008|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [12/09/2008|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    [03/01/2006|03:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [13/09/2006|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DataViz
    [23/11/2004|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [15/09/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [03/01/2006|03:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [13/09/2006|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotSync
    [03/01/2006|03:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
    [26/08/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
    [26/08/2008|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
    [03/01/2006|03:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [24/05/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
    [24/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [31/08/2008|14:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MakeMusic
    [29/08/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [01/08/2008|12:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [23/08/2008|15:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [20/07/2008|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
    [02/02/2007|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [06/02/2008|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PferdeHof
    [25/09/2006|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [03/01/2006|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [02/01/2007|14:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [03/01/2006|03:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [21/06/2007|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [22/08/2008|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [25/05/2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [22/08/2008|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
    [02/09/2006|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [11/09/2006|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [27/08/2007|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [17/11/2007|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [12/09/2008|22:57] C:\DOCUME~1\COMPAQ~1\APPLIC~1\2 body
    [27/05/2008|21:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Adobe
    [11/01/2008|10:04] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM
    [05/06/2008|19:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Apple Computer
    [16/11/2006|23:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Creative
    [22/01/2008|18:12] C:\DOCUME~1\COMPAQ~1\APPLIC~1\CyberLink
    [23/11/2004|17:13] C:\DOCUME~1\COMPAQ~1\APPLIC~1\desktop.ini
    [02/05/2007|18:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DivX
    [02/09/2006|17:52] C:\DOCUME~1\COMPAQ~1\APPLIC~1\EPSON
    [23/10/2007|22:45] C:\DOCUME~1\COMPAQ~1\APPLIC~1\GDIPFONTCACHEV1.DAT
    [13/09/2007|18:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Google
    [21/11/2007|16:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Help
    [13/09/2006|17:34] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HotSync
    [06/03/2008|17:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HP
    [02/09/2006|16:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HPQ
    [29/05/2008|15:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ICQ Toolbar
    [27/10/2005|00:34] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Identities
    [13/09/2006|17:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech
    [02/09/2006|16:38] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Macromedia
    [05/06/2008|23:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft
    [11/09/2006|19:35] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft Web Folders
    [15/11/2007|23:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Mozilla
    [03/01/2006|03:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Real
    [17/09/2008|17:40] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Skype
    [28/05/2007|15:01] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sonic
    [03/09/2006|12:22] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sun
    [05/11/2007|12:54] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Symantec
    [29/05/2007|23:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\TaoUSign
    [07/02/2008|17:16] C:\DOCUME~1\COMPAQ~1\APPLIC~1\U3
    [16/09/2007|11:45] C:\DOCUME~1\COMPAQ~1\APPLIC~1\vlc
    [28/09/2007|18:35] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Windows Desktop Search

    [23/11/2004|17:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [27/10/2005|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [03/01/2006|03:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [03/01/2006|03:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [03/01/2006|03:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [12/10/2007|21:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [12/09/2008|20:42] C:\DOCUME~1\lomig\APPLIC~1\2 body
    [27/05/2008|20:01] C:\DOCUME~1\lomig\APPLIC~1\Adobe
    [12/11/2006|14:23] C:\DOCUME~1\lomig\APPLIC~1\AdobeUM
    [10/07/2008|19:55] C:\DOCUME~1\lomig\APPLIC~1\Apple Computer
    [22/09/2006|20:17] C:\DOCUME~1\lomig\APPLIC~1\Creative
    [12/11/2006|12:17] C:\DOCUME~1\lomig\APPLIC~1\CyberLink
    [23/11/2004|17:13] C:\DOCUME~1\lomig\APPLIC~1\desktop.ini
    [29/04/2007|18:39] C:\DOCUME~1\lomig\APPLIC~1\DivX
    [01/06/2008|11:22] C:\DOCUME~1\lomig\APPLIC~1\dvdcss
    [09/12/2007|11:52] C:\DOCUME~1\lomig\APPLIC~1\EPSON
    [22/08/2008|19:26] C:\DOCUME~1\lomig\APPLIC~1\Fit3DLive
    [20/02/2007|20:22] C:\DOCUME~1\lomig\APPLIC~1\GDIPFONTCACHEV1.DAT
    [14/09/2007|19:14] C:\DOCUME~1\lomig\APPLIC~1\Google
    [09/09/2006|17:55] C:\DOCUME~1\lomig\APPLIC~1\Help
    [13/09/2006|18:53] C:\DOCUME~1\lomig\APPLIC~1\HotSync
    [22/10/2006|12:18] C:\DOCUME~1\lomig\APPLIC~1\HP
    [12/11/2006|14:51] C:\DOCUME~1\lomig\APPLIC~1\HPQ
    [10/07/2008|21:52] C:\DOCUME~1\lomig\APPLIC~1\ICQ
    [21/05/2008|17:36] C:\DOCUME~1\lomig\APPLIC~1\ICQ Toolbar
    [27/10/2005|00:34] C:\DOCUME~1\lomig\APPLIC~1\Identities
    [03/10/2007|17:14] C:\DOCUME~1\lomig\APPLIC~1\InstallShield
    [26/08/2008|12:46] C:\DOCUME~1\lomig\APPLIC~1\InstallShield Installation Information
    [12/11/2006|12:27] C:\DOCUME~1\lomig\APPLIC~1\Leadertech
    [05/09/2006|20:28] C:\DOCUME~1\lomig\APPLIC~1\Macromedia
    [29/08/2008|14:54] C:\DOCUME~1\lomig\APPLIC~1\Malwarebytes
    [22/05/2008|16:23] C:\DOCUME~1\lomig\APPLIC~1\Microsoft
    [29/04/2007|18:40] C:\DOCUME~1\lomig\APPLIC~1\Mozilla
    [20/07/2008|20:53] C:\DOCUME~1\lomig\APPLIC~1\NCH Swift Sound
    [25/05/2007|19:18] C:\DOCUME~1\lomig\APPLIC~1\PlayFirst
    [06/09/2006|17:08] C:\DOCUME~1\lomig\APPLIC~1\Real
    [20/07/2008|19:34] C:\DOCUME~1\lomig\APPLIC~1\Samsung
    [04/07/2008|13:10] C:\DOCUME~1\lomig\APPLIC~1\Skype
    [12/11/2006|12:27] C:\DOCUME~1\lomig\APPLIC~1\Sonic
    [17/09/2006|20:02] C:\DOCUME~1\lomig\APPLIC~1\Sun
    [05/11/2007|21:22] C:\DOCUME~1\lomig\APPLIC~1\Symantec
    [12/09/2007|17:27] C:\DOCUME~1\lomig\APPLIC~1\vlc
    [28/09/2007|20:11] C:\DOCUME~1\lomig\APPLIC~1\Windows Desktop Search
    [16/12/2006|13:22] C:\DOCUME~1\lomig\APPLIC~1\Xfire

    [26/01/2008|10:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [13/09/2008|09:50] C:\DOCUME~1\solenn\APPLIC~1\2 body
    [28/05/2008|14:29] C:\DOCUME~1\solenn\APPLIC~1\Adobe
    [08/11/2006|11:11] C:\DOCUME~1\solenn\APPLIC~1\AdobeUM
    [24/05/2008|22:53] C:\DOCUME~1\solenn\APPLIC~1\Apple Computer
    [07/11/2006|19:49] C:\DOCUME~1\solenn\APPLIC~1\Creative
    [08/11/2006|10:39] C:\DOCUME~1\solenn\APPLIC~1\CyberLink
    [23/11/2004|17:13] C:\DOCUME~1\solenn\APPLIC~1\desktop.ini
    [15/06/2007|21:04] C:\DOCUME~1\solenn\APPLIC~1\DivX
    [08/12/2007|16:29] C:\DOCUME~1\solenn\APPLIC~1\EPSON
    [23/08/2008|20:22] C:\DOCUME~1\solenn\APPLIC~1\Fit3DLive
    [16/09/2008|17:41] C:\DOCUME~1\solenn\APPLIC~1\GDIPFONTCACHEV1.DAT
    [15/09/2007|12:50] C:\DOCUME~1\solenn\APPLIC~1\Google
    [03/11/2007|20:29] C:\DOCUME~1\solenn\APPLIC~1\Help
    [16/10/2006|22:41] C:\DOCUME~1\solenn\APPLIC~1\HotSync
    [24/05/2008|18:39] C:\DOCUME~1\solenn\APPLIC~1\HP
    [02/11/2006|18:55] C:\DOCUME~1\solenn\APPLIC~1\HPQ
    [07/05/2008|20:28] C:\DOCUME~1\solenn\APPLIC~1\ICQ
    [31/01/2008|16:00] C:\DOCUME~1\solenn\APPLIC~1\ICQ Toolbar
    [27/10/2005|00:34] C:\DOCUME~1\solenn\APPLIC~1\Identities
    [01/09/2007|10:50] C:\DOCUME~1\solenn\APPLIC~1\Leadertech
    [15/09/2008|19:04] C:\DOCUME~1\solenn\APPLIC~1\LimeWire
    [16/10/2006|22:48] C:\DOCUME~1\solenn\APPLIC~1\Macromedia
    [31/08/2008|12:01] C:\DOCUME~1\solenn\APPLIC~1\Microsoft
    [18/11/2007|20:15] C:\DOCUME~1\solenn\APPLIC~1\Mozilla
    [21/11/2006|18:48] C:\DOCUME~1\solenn\APPLIC~1\Real
    [01/09/2007|10:50] C:\DOCUME~1\solenn\APPLIC~1\Sonic
    [02/11/2006|13:37] C:\DOCUME~1\solenn\APPLIC~1\Sun
    [05/11/2007|13:51] C:\DOCUME~1\solenn\APPLIC~1\Symantec
    [22/09/2007|16:47] C:\DOCUME~1\solenn\APPLIC~1\vlc
    [28/09/2007|17:37] C:\DOCUME~1\solenn\APPLIC~1\Windows Desktop Search

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [17/09/2008 17:00][--ah-----] C:\WINDOWS\tasks\ABB1DAC69146505E.job
    [15/09/2008 22:48][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Compaq_Propri‚taire.job
    [13/09/2008 15:29][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [17/09/2008 17:23][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [27/08/2008 16:36][--a------] C:\WINDOWS\tasks\HPCeeSchedule.job
    [17/09/2008 08:28][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

    ( ABB1DAC69146505E.job )=( c:\docume~1\lomig\applic~1\2body~1\sitegreythunk.exe )
    --------------------\\ MsgPlus SPONSOR INSTALLED !

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
    "SponsorInstalled"=dword:00000000


    --------------------\\ Listing des dossiers dans C:\Program Files

    [12/09/2008|20:41] C:\Program Files\2 body
    [22/10/2007|20:34] C:\Program Files\Adobe
    [02/09/2006|16:38] C:\Program Files\Alice
    [07/11/2007|19:35] C:\Program Files\Asthme Academy
    [21/01/2007|15:00] C:\Program Files\Audacity
    [09/11/2007|18:59] C:\Program Files\Audible
    [30/04/2008|18:55] C:\Program Files\CDBreton
    [12/09/2008|20:41] C:\Program Files\Circle Developement
    [20/10/2005|21:06] C:\Program Files\ComPlus Applications
    [19/02/2007|21:07] C:\Program Files\Core Design
    [19/02/2007|18:19] C:\Program Files\Creative
    [22/09/2006|19:13] C:\Program Files\Creative Installation Information
    [03/01/2006|03:27] C:\Program Files\CyberLink
    [02/12/2006|13:01] C:\Program Files\directx
    [02/06/2008|20:21] C:\Program Files\DivX
    [13/09/2006|18:02] C:\Program Files\Documents To Go
    [21/04/2008|17:42] C:\Program Files\Droppix
    [02/09/2006|17:17] C:\Program Files\EPSON
    [31/08/2008|14:19] C:\Program Files\Fichiers communs
    [31/08/2008|14:22] C:\Program Files\Finale 2005
    [31/08/2008|14:21] C:\Program Files\Finale Performance Assessment
    [13/09/2007|18:07] C:\Program Files\Google
    [03/01/2006|03:37] C:\Program Files\Hewlett-Packard
    [04/06/2008|13:45] C:\Program Files\Hip Interactive
    [03/01/2006|03:26] C:\Program Files\HP
    [27/08/2008|19:42] C:\Program Files\ICQ6
    [04/04/2008|18:35] C:\Program Files\ICQToolbar
    [21/04/2008|17:48] C:\Program Files\illiminable
    [26/08/2008|13:48] C:\Program Files\IncrediMail
    [20/07/2008|19:09] C:\Program Files\InstallShield Installation Information
    [22/08/2008|16:05] C:\Program Files\Internet Explorer
    [08/03/2008|17:01] C:\Program Files\iPod
    [08/03/2008|17:01] C:\Program Files\iTunes
    [25/10/2007|14:36] C:\Program Files\Java
    [17/09/2008|14:10] C:\Program Files\JS World
    [25/09/2006|20:15] C:\Program Files\Kodak
    [01/08/2008|13:45] C:\Program Files\LimeWire
    [03/09/2006|11:19] C:\Program Files\Logitech
    [29/08/2008|14:54] C:\Program Files\Malwarebytes' Anti-Malware
    [22/08/2008|16:06] C:\Program Files\Messenger
    [12/09/2008|20:41] C:\Program Files\Messenger Plus! Live
    [01/08/2008|11:28] C:\Program Files\MessengerPlus! 3
    [29/08/2007|22:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [11/09/2006|19:35] C:\Program Files\microsoft frontpage
    [11/09/2006|19:36] C:\Program Files\Microsoft Office
    [24/01/2007|09:17] C:\Program Files\Microsoft Picture It! PhotoPub
    [27/09/2007|19:36] C:\Program Files\Microsoft SQL Server Compact Edition
    [03/01/2006|03:29] C:\Program Files\Microsoft Works
    [27/10/2005|00:36] C:\Program Files\Movie Maker
    [13/09/2008|12:42] C:\Program Files\Mozilla Firefox
    [04/09/2006|19:44] C:\Program Files\MSN
    [27/10/2005|00:36] C:\Program Files\MSN Gaming Zone
    [01/08/2008|11:37] C:\Program Files\MSN Messenger
    [19/11/2006|04:01] C:\Program Files\MSXML 4.0
    [06/02/2008|14:40] C:\Program Files\MyEstate
    [29/08/2008|14:07] C:\Program Files\Navilog1
    [20/07/2008|20:53] C:\Program Files\NCH Swift Sound
    [25/08/2008|15:51] C:\Program Files\NEC
    [23/06/2007|16:25] C:\Program Files\NetMeeting
    [05/06/2008|16:35] C:\Program Files\Norton Internet Security
    [25/05/2007|19:18] C:\Program Files\Oberon Media
    [27/10/2005|00:36] C:\Program Files\Online Services
    [13/06/2007|23:30] C:\Program Files\Outlook Express
    [13/09/2006|18:30] C:\Program Files\palmOne
    [03/01/2006|03:35] C:\Program Files\PC-Doctor 5 for Windows
    [20/03/2008|18:07] C:\Program Files\QuickTime
    [03/01/2006|03:24] C:\Program Files\Real
    [20/07/2008|19:08] C:\Program Files\Samsung
    [03/01/2006|03:39] C:\Program Files\Services en ligne
    [02/01/2007|14:12] C:\Program Files\Skype
    [03/01/2006|03:25] C:\Program Files\Sonic
    [21/06/2007|19:56] C:\Program Files\Spybot - Search & Destroy
    [16/09/2008|16:19] C:\Program Files\Symantec
    [02/09/2006|16:38] C:\Program Files\TechCity Solutions
    [15/07/2008|13:02] C:\Program Files\TmNationsForever
    [28/08/2008|09:56] C:\Program Files\Trend Micro
    [22/06/2007|18:30] C:\Program Files\TryMedia
    [20/10/2005|21:06] C:\Program Files\Uninstall Information
    [12/09/2007|17:26] C:\Program Files\VideoLAN
    [10/07/2007|11:30] C:\Program Files\warcraft iii
    [27/09/2007|19:36] C:\Program Files\Windows Desktop Search
    [28/02/2008|01:35] C:\Program Files\Windows Live
    [02/11/2007|23:53] C:\Program Files\Windows Live Toolbar
    [09/03/2007|20:15] C:\Program Files\Windows Media Connect 2
    [07/02/2008|16:40] C:\Program Files\Windows Media Player
    [27/10/2005|00:36] C:\Program Files\Windows NT
    [05/06/2008|16:34] C:\Program Files\Windows Sidebar
    [20/10/2005|21:05] C:\Program Files\WindowsUpdate
    [22/10/2007|20:33] C:\Program Files\WinRAR
    [27/10/2005|00:37] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [22/10/2007|20:34] C:\Program Files\Fichiers communs\Adobe
    [06/12/2007|19:26] C:\Program Files\Fichiers communs\Apple
    [21/09/2006|18:50] C:\Program Files\Fichiers communs\Creative
    [13/09/2006|17:50] C:\Program Files\Fichiers communs\DataViz
    [11/09/2006|19:31] C:\Program Files\Fichiers communs\Designer
    [21/04/2008|17:47] C:\Program Files\Fichiers communs\Droppix
    [03/01/2006|03:20] C:\Program Files\Fichiers communs\HP
    [02/09/2006|17:15] C:\Program Files\Fichiers communs\InstallShield
    [03/01/2006|03:05] C:\Program Files\Fichiers communs\Java
    [25/09/2006|20:15] C:\Program Files\Fichiers communs\KODAK
    [03/09/2006|11:18] C:\Program Files\Fichiers communs\Labtec
    [21/04/2008|17:46] C:\Program Files\Fichiers communs\LightScribe
    [11/06/2008|17:59] C:\Program Files\Fichiers communs\Microsoft Shared
    [27/10/2005|00:35] C:\Program Files\Fichiers communs\MSSoap
    [19/05/2007|13:34] C:\Program Files\Fichiers communs\Oberon Media
    [27/10/2005|00:35] C:\Program Files\Fichiers communs\ODBC
    [03/01/2006|03:24] C:\Program Files\Fichiers communs\Real
    [27/10/2005|00:35] C:\Program Files\Fichiers communs\Services
    [02/01/2007|14:12] C:\Program Files\Fichiers communs\Skype
    [03/01/2006|03:24] C:\Program Files\Fichiers communs\Sonic Shared
    [27/10/2005|00:35] C:\Program Files\Fichiers communs\SpeechEngines
    [03/01/2006|03:25] C:\Program Files\Fichiers communs\SureThing Shared
    [16/12/2006|10:01] C:\Program Files\Fichiers communs\SWF Studio
    [17/09/2008|14:21] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|23:30] C:\Program Files\Fichiers communs\System
    [03/01/2006|03:25] C:\Program Files\Fichiers communs\TiVo Shared
    [17/11/2007|11:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [31/08/2008|14:19] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [03/01/2006|03:24] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 78 Processus )

    IEXPLORE.EXE ~ [PID:3444]
    IEXPLORE.EXE ~ [PID:4352]
    IEXPLORE.EXE ~ [PID:4376]
    IEXPLORE.EXE ~ [PID:4960]
    IEXPLORE.EXE ~ [PID:3952]

    --------------------\\ Recherche avec S_Lop

    C:\DOCUME~1\lomig\LOCALS~1\Temp\bis47A.exe

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Clock window.exe
    C:\DOCUME~1\COMPAQ~1\APPLIC~1\2body~1
    C:\DOCUME~1\COMPAQ~1\APPLIC~1\2body~1\Seek Mail.exe
    C:\DOCUME~1\lomig\APPLIC~1\2body~1
    C:\DOCUME~1\lomig\APPLIC~1\2body~1\jwwtxhxf.exe
    C:\DOCUME~1\lomig\APPLIC~1\2body~1\Objclosesecondtwo.exe
    C:\DOCUME~1\lomig\APPLIC~1\2body~1\Seek Mail.exe
    C:\DOCUME~1\lomig\APPLIC~1\2body~1\site grey thunk.exe
    C:\DOCUME~1\solenn\APPLIC~1\2body~1
    C:\DOCUME~1\solenn\APPLIC~1\2body~1\Seek Mail.exe
    C:\Program Files\2body~1
    C:\DOCUME~1\lomig\LOCALS~1\Temp\nsj14A.tmp
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\DOCUME~1\lomig\Cookies\lomig@advertstream[1].txt
    C:\DOCUME~1\lomig\Cookies\lomig@www.adserver5[1].txt
    C:\DOCUME~1\lomig\Cookies\lomig@advertising[2].txt
    C:\DOCUME~1\lomig\Cookies\lomig@bigpoint[1].txt
    C:\DOCUME~1\lomig\Cookies\lomig@fr.xblaster.bigpoint[1].txt
    C:\DOCUME~1\lomig\Cookies\lomig@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\lomig\Cookies\lomig@cotedazurpalace[2].txt
    C:\DOCUME~1\lomig\Cookies\lomig@www.cotedazurpalace[1].txt
    C:\DOCUME~1\lomig\Cookies\lomig@adopt.euroclick[2].txt
    C:\DOCUME~1\lomig\Cookies\lomig@pacificpoker[2].txt
    C:\DOCUME~1\lomig\Cookies\lomig@32vegas[1].txt
    C:\DOCUME~1\lomig\Cookies\lomig@banner.32vegas[2].txt
    C:\WINDOWS\Tasks\ABB1DAC69146505E.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "regs remote"="C:\\DOCUME~1\\lomig\\APPLIC~1\\2BODY~1\\Seek Mail.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Base frag grid bows"="C:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\Clock window.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-17 17:42:18
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 68

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:432][D:15]-> C:\DOCUME~1\lomig\LOCALS~1\Temp
    [F:216][D:0]-> C:\DOCUME~1\lomig\Cookies
    [F:7322][D:9]-> C:\DOCUME~1\lomig\LOCALS~1\TEMPOR~1\content.IE5

    --------------------\\ Fin du rapport a 17:44:12
    a b 8 Sécurité
    17 Septembre 2008 18:03:36

    Re,

    Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.
    22 Septembre 2008 17:53:12

    bonjour;

    --------------------\\ Lop S&D 4.2.3-6 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
    BIOS : BIOS Ver: A7225NH5 V3.13 07/18/06 14:31:38
    USER : lomig ( Administrator )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 15.5.0.23 (Activated)
    Firewall : Norton Internet Security 15.5.0.23 (Activated)

    "C:\Lop SD" ( MAJ : 27-08-2008|22:40 )
    Option : [2] ( 22/09/2008|17:26 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Clock window.exe
    Supprime! - C:\DOCUME~1\COMPAQ~1\APPLIC~1\2body~1\Seek Mail.exe
    Supprime! - C:\DOCUME~1\lomig\APPLIC~1\2body~1\jwwtxhxf.exe
    Supprime! - C:\DOCUME~1\lomig\APPLIC~1\2body~1\Objclosesecondtwo.exe
    Supprime! - C:\DOCUME~1\lomig\APPLIC~1\2body~1\Seek Mail.exe
    Supprime! - C:\DOCUME~1\lomig\APPLIC~1\2body~1\site grey thunk.exe
    Supprime! - C:\DOCUME~1\solenn\APPLIC~1\2body~1\Seek Mail.exe
    Supprime! - C:\DOCUME~1\lomig\LOCALS~1\Temp\nsj14A.tmp
    Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@advertstream[1].txt
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@advertising[2].txt
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@bigpoint[1].txt
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@fr.xblaster.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@banner.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@www.cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@adopt.euroclick[2].txt
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@pacificpoker[2].txt
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@32vegas[1].txt
    Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@banner.32vegas[2].txt
    Supprime! - C:\WINDOWS\Tasks\ABB1DAC69146505E.job
    Supprime! - C:\DOCUME~1\lomig\LOCALS~1\Temp\bis47A.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    Supprime! - C:\DOCUME~1\COMPAQ~1\APPLIC~1\2body~1
    Supprime! - C:\DOCUME~1\lomig\APPLIC~1\2body~1
    Supprime! - C:\DOCUME~1\solenn\APPLIC~1\2body~1
    Supprime! - C:\Program Files\2body~1
    Supprime! - C:\Program Files\Circle Developement

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [23/05/2007|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [06/12/2007|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [08/03/2008|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/01/2006|03:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [13/09/2006|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DataViz
    [23/11/2004|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [15/09/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [03/01/2006|03:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [13/09/2006|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotSync
    [03/01/2006|03:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
    [26/08/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
    [26/08/2008|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
    [03/01/2006|03:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [24/05/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
    [24/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [31/08/2008|14:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MakeMusic
    [29/08/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [01/08/2008|12:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [23/08/2008|15:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [20/07/2008|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
    [02/02/2007|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [06/02/2008|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PferdeHof
    [25/09/2006|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [03/01/2006|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [02/01/2007|14:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [03/01/2006|03:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [21/06/2007|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [22/08/2008|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [25/05/2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [22/08/2008|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
    [02/09/2006|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [11/09/2006|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [27/08/2007|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [17/11/2007|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [27/05/2008|21:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Adobe
    [11/01/2008|10:04] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM
    [05/06/2008|19:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Apple Computer
    [16/11/2006|23:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Creative
    [22/01/2008|18:12] C:\DOCUME~1\COMPAQ~1\APPLIC~1\CyberLink
    [23/11/2004|17:13] C:\DOCUME~1\COMPAQ~1\APPLIC~1\desktop.ini
    [02/05/2007|18:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DivX
    [02/09/2006|17:52] C:\DOCUME~1\COMPAQ~1\APPLIC~1\EPSON
    [23/10/2007|22:45] C:\DOCUME~1\COMPAQ~1\APPLIC~1\GDIPFONTCACHEV1.DAT
    [13/09/2007|18:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Google
    [21/11/2007|16:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Help
    [13/09/2006|17:34] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HotSync
    [06/03/2008|17:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HP
    [02/09/2006|16:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HPQ
    [29/05/2008|15:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ICQ Toolbar
    [27/10/2005|00:34] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Identities
    [13/09/2006|17:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech
    [02/09/2006|16:38] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Macromedia
    [05/06/2008|23:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft
    [11/09/2006|19:35] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft Web Folders
    [15/11/2007|23:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Mozilla
    [03/01/2006|03:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Real
    [22/09/2008|10:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Skype
    [28/05/2007|15:01] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sonic
    [03/09/2006|12:22] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sun
    [05/11/2007|12:54] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Symantec
    [29/05/2007|23:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\TaoUSign
    [07/02/2008|17:16] C:\DOCUME~1\COMPAQ~1\APPLIC~1\U3
    [16/09/2007|11:45] C:\DOCUME~1\COMPAQ~1\APPLIC~1\vlc
    [28/09/2007|18:35] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Windows Desktop Search

    [23/11/2004|17:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [27/10/2005|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [03/01/2006|03:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [03/01/2006|03:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [03/01/2006|03:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [12/10/2007|21:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [27/05/2008|20:01] C:\DOCUME~1\lomig\APPLIC~1\Adobe
    [12/11/2006|14:23] C:\DOCUME~1\lomig\APPLIC~1\AdobeUM
    [10/07/2008|19:55] C:\DOCUME~1\lomig\APPLIC~1\Apple Computer
    [22/09/2006|20:17] C:\DOCUME~1\lomig\APPLIC~1\Creative
    [12/11/2006|12:17] C:\DOCUME~1\lomig\APPLIC~1\CyberLink
    [23/11/2004|17:13] C:\DOCUME~1\lomig\APPLIC~1\desktop.ini
    [29/04/2007|18:39] C:\DOCUME~1\lomig\APPLIC~1\DivX
    [01/06/2008|11:22] C:\DOCUME~1\lomig\APPLIC~1\dvdcss
    [09/12/2007|11:52] C:\DOCUME~1\lomig\APPLIC~1\EPSON
    [22/08/2008|19:26] C:\DOCUME~1\lomig\APPLIC~1\Fit3DLive
    [20/02/2007|20:22] C:\DOCUME~1\lomig\APPLIC~1\GDIPFONTCACHEV1.DAT
    [14/09/2007|19:14] C:\DOCUME~1\lomig\APPLIC~1\Google
    [09/09/2006|17:55] C:\DOCUME~1\lomig\APPLIC~1\Help
    [13/09/2006|18:53] C:\DOCUME~1\lomig\APPLIC~1\HotSync
    [22/10/2006|12:18] C:\DOCUME~1\lomig\APPLIC~1\HP
    [12/11/2006|14:51] C:\DOCUME~1\lomig\APPLIC~1\HPQ
    [10/07/2008|21:52] C:\DOCUME~1\lomig\APPLIC~1\ICQ
    [21/05/2008|17:36] C:\DOCUME~1\lomig\APPLIC~1\ICQ Toolbar
    [27/10/2005|00:34] C:\DOCUME~1\lomig\APPLIC~1\Identities
    [03/10/2007|17:14] C:\DOCUME~1\lomig\APPLIC~1\InstallShield
    [26/08/2008|12:46] C:\DOCUME~1\lomig\APPLIC~1\InstallShield Installation Information
    [12/11/2006|12:27] C:\DOCUME~1\lomig\APPLIC~1\Leadertech
    [05/09/2006|20:28] C:\DOCUME~1\lomig\APPLIC~1\Macromedia
    [29/08/2008|14:54] C:\DOCUME~1\lomig\APPLIC~1\Malwarebytes
    [22/05/2008|16:23] C:\DOCUME~1\lomig\APPLIC~1\Microsoft
    [29/04/2007|18:40] C:\DOCUME~1\lomig\APPLIC~1\Mozilla
    [20/07/2008|20:53] C:\DOCUME~1\lomig\APPLIC~1\NCH Swift Sound
    [25/05/2007|19:18] C:\DOCUME~1\lomig\APPLIC~1\PlayFirst
    [06/09/2006|17:08] C:\DOCUME~1\lomig\APPLIC~1\Real
    [20/07/2008|19:34] C:\DOCUME~1\lomig\APPLIC~1\Samsung
    [04/07/2008|13:10] C:\DOCUME~1\lomig\APPLIC~1\Skype
    [12/11/2006|12:27] C:\DOCUME~1\lomig\APPLIC~1\Sonic
    [17/09/2006|20:02] C:\DOCUME~1\lomig\APPLIC~1\Sun
    [05/11/2007|21:22] C:\DOCUME~1\lomig\APPLIC~1\Symantec
    [12/09/2007|17:27] C:\DOCUME~1\lomig\APPLIC~1\vlc
    [28/09/2007|20:11] C:\DOCUME~1\lomig\APPLIC~1\Windows Desktop Search
    [16/12/2006|13:22] C:\DOCUME~1\lomig\APPLIC~1\Xfire

    [26/01/2008|10:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [28/05/2008|14:29] C:\DOCUME~1\solenn\APPLIC~1\Adobe
    [08/11/2006|11:11] C:\DOCUME~1\solenn\APPLIC~1\AdobeUM
    [24/05/2008|22:53] C:\DOCUME~1\solenn\APPLIC~1\Apple Computer
    [07/11/2006|19:49] C:\DOCUME~1\solenn\APPLIC~1\Creative
    [08/11/2006|10:39] C:\DOCUME~1\solenn\APPLIC~1\CyberLink
    [23/11/2004|17:13] C:\DOCUME~1\solenn\APPLIC~1\desktop.ini
    [15/06/2007|21:04] C:\DOCUME~1\solenn\APPLIC~1\DivX
    [08/12/2007|16:29] C:\DOCUME~1\solenn\APPLIC~1\EPSON
    [23/08/2008|20:22] C:\DOCUME~1\solenn\APPLIC~1\Fit3DLive
    [16/09/2008|17:41] C:\DOCUME~1\solenn\APPLIC~1\GDIPFONTCACHEV1.DAT
    [15/09/2007|12:50] C:\DOCUME~1\solenn\APPLIC~1\Google
    [03/11/2007|20:29] C:\DOCUME~1\solenn\APPLIC~1\Help
    [16/10/2006|22:41] C:\DOCUME~1\solenn\APPLIC~1\HotSync
    [24/05/2008|18:39] C:\DOCUME~1\solenn\APPLIC~1\HP
    [02/11/2006|18:55] C:\DOCUME~1\solenn\APPLIC~1\HPQ
    [07/05/2008|20:28] C:\DOCUME~1\solenn\APPLIC~1\ICQ
    [31/01/2008|16:00] C:\DOCUME~1\solenn\APPLIC~1\ICQ Toolbar
    [27/10/2005|00:34] C:\DOCUME~1\solenn\APPLIC~1\Identities
    [01/09/2007|10:50] C:\DOCUME~1\solenn\APPLIC~1\Leadertech
    [15/09/2008|19:04] C:\DOCUME~1\solenn\APPLIC~1\LimeWire
    [16/10/2006|22:48] C:\DOCUME~1\solenn\APPLIC~1\Macromedia
    [31/08/2008|12:01] C:\DOCUME~1\solenn\APPLIC~1\Microsoft
    [18/11/2007|20:15] C:\DOCUME~1\solenn\APPLIC~1\Mozilla
    [21/11/2006|18:48] C:\DOCUME~1\solenn\APPLIC~1\Real
    [01/09/2007|10:50] C:\DOCUME~1\solenn\APPLIC~1\Sonic
    [02/11/2006|13:37] C:\DOCUME~1\solenn\APPLIC~1\Sun
    [05/11/2007|13:51] C:\DOCUME~1\solenn\APPLIC~1\Symantec
    [22/09/2007|16:47] C:\DOCUME~1\solenn\APPLIC~1\vlc
    [28/09/2007|17:37] C:\DOCUME~1\solenn\APPLIC~1\Windows Desktop Search

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [15/09/2008 22:48][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Compaq_Propri‚taire.job
    [13/09/2008 15:29][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [22/09/2008 17:23][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [27/08/2008 16:36][--a------] C:\WINDOWS\tasks\HPCeeSchedule.job
    [22/09/2008 17:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
    --------------------\\ MsgPlus SPONSOR INSTALLED !

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
    "SponsorInstalled"=dword:00000000


    --------------------\\ Listing des dossiers dans C:\Program Files

    [22/10/2007|20:34] C:\Program Files\Adobe
    [02/09/2006|16:38] C:\Program Files\Alice
    [07/11/2007|19:35] C:\Program Files\Asthme Academy
    [21/01/2007|15:00] C:\Program Files\Audacity
    [09/11/2007|18:59] C:\Program Files\Audible
    [30/04/2008|18:55] C:\Program Files\CDBreton
    [20/10/2005|21:06] C:\Program Files\ComPlus Applications
    [19/02/2007|21:07] C:\Program Files\Core Design
    [19/02/2007|18:19] C:\Program Files\Creative
    [22/09/2006|19:13] C:\Program Files\Creative Installation Information
    [03/01/2006|03:27] C:\Program Files\CyberLink
    [02/12/2006|13:01] C:\Program Files\directx
    [02/06/2008|20:21] C:\Program Files\DivX
    [13/09/2006|18:02] C:\Program Files\Documents To Go
    [21/04/2008|17:42] C:\Program Files\Droppix
    [02/09/2006|17:17] C:\Program Files\EPSON
    [31/08/2008|14:19] C:\Program Files\Fichiers communs
    [31/08/2008|14:22] C:\Program Files\Finale 2005
    [31/08/2008|14:21] C:\Program Files\Finale Performance Assessment
    [13/09/2007|18:07] C:\Program Files\Google
    [03/01/2006|03:37] C:\Program Files\Hewlett-Packard
    [04/06/2008|13:45] C:\Program Files\Hip Interactive
    [03/01/2006|03:26] C:\Program Files\HP
    [22/09/2008|17:20] C:\Program Files\ICQ6
    [04/04/2008|18:35] C:\Program Files\ICQToolbar
    [21/04/2008|17:48] C:\Program Files\illiminable
    [26/08/2008|13:48] C:\Program Files\IncrediMail
    [20/07/2008|19:09] C:\Program Files\InstallShield Installation Information
    [22/08/2008|16:05] C:\Program Files\Internet Explorer
    [08/03/2008|17:01] C:\Program Files\iPod
    [08/03/2008|17:01] C:\Program Files\iTunes
    [25/10/2007|14:36] C:\Program Files\Java
    [17/09/2008|14:10] C:\Program Files\JS World
    [25/09/2006|20:15] C:\Program Files\Kodak
    [01/08/2008|13:45] C:\Program Files\LimeWire
    [03/09/2006|11:19] C:\Program Files\Logitech
    [29/08/2008|14:54] C:\Program Files\Malwarebytes' Anti-Malware
    [22/08/2008|16:06] C:\Program Files\Messenger
    [12/09/2008|20:41] C:\Program Files\Messenger Plus! Live
    [01/08/2008|11:28] C:\Program Files\MessengerPlus! 3
    [29/08/2007|22:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [11/09/2006|19:35] C:\Program Files\microsoft frontpage
    [11/09/2006|19:36] C:\Program Files\Microsoft Office
    [24/01/2007|09:17] C:\Program Files\Microsoft Picture It! PhotoPub
    [27/09/2007|19:36] C:\Program Files\Microsoft SQL Server Compact Edition
    [03/01/2006|03:29] C:\Program Files\Microsoft Works
    [27/10/2005|00:36] C:\Program Files\Movie Maker
    [17/09/2008|17:46] C:\Program Files\Mozilla Firefox
    [04/09/2006|19:44] C:\Program Files\MSN
    [27/10/2005|00:36] C:\Program Files\MSN Gaming Zone
    [01/08/2008|11:37] C:\Program Files\MSN Messenger
    [19/11/2006|04:01] C:\Program Files\MSXML 4.0
    [06/02/2008|14:40] C:\Program Files\MyEstate
    [29/08/2008|14:07] C:\Program Files\Navilog1
    [20/07/2008|20:53] C:\Program Files\NCH Swift Sound
    [25/08/2008|15:51] C:\Program Files\NEC
    [23/06/2007|16:25] C:\Program Files\NetMeeting
    [05/06/2008|16:35] C:\Program Files\Norton Internet Security
    [25/05/2007|19:18] C:\Program Files\Oberon Media
    [27/10/2005|00:36] C:\Program Files\Online Services
    [13/06/2007|23:30] C:\Program Files\Outlook Express
    [13/09/2006|18:30] C:\Program Files\palmOne
    [03/01/2006|03:35] C:\Program Files\PC-Doctor 5 for Windows
    [20/03/2008|18:07] C:\Program Files\QuickTime
    [03/01/2006|03:24] C:\Program Files\Real
    [20/07/2008|19:08] C:\Program Files\Samsung
    [03/01/2006|03:39] C:\Program Files\Services en ligne
    [02/01/2007|14:12] C:\Program Files\Skype
    [03/01/2006|03:25] C:\Program Files\Sonic
    [21/06/2007|19:56] C:\Program Files\Spybot - Search & Destroy
    [16/09/2008|16:19] C:\Program Files\Symantec
    [02/09/2006|16:38] C:\Program Files\TechCity Solutions
    [15/07/2008|13:02] C:\Program Files\TmNationsForever
    [28/08/2008|09:56] C:\Program Files\Trend Micro
    [22/06/2007|18:30] C:\Program Files\TryMedia
    [20/10/2005|21:06] C:\Program Files\Uninstall Information
    [12/09/2007|17:26] C:\Program Files\VideoLAN
    [10/07/2007|11:30] C:\Program Files\warcraft iii
    [27/09/2007|19:36] C:\Program Files\Windows Desktop Search
    [28/02/2008|01:35] C:\Program Files\Windows Live
    [02/11/2007|23:53] C:\Program Files\Windows Live Toolbar
    [09/03/2007|20:15] C:\Program Files\Windows Media Connect 2
    [07/02/2008|16:40] C:\Program Files\Windows Media Player
    [27/10/2005|00:36] C:\Program Files\Windows NT
    [05/06/2008|16:34] C:\Program Files\Windows Sidebar
    [20/10/2005|21:05] C:\Program Files\WindowsUpdate
    [22/10/2007|20:33] C:\Program Files\WinRAR
    [27/10/2005|00:37] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [22/10/2007|20:34] C:\Program Files\Fichiers communs\Adobe
    [06/12/2007|19:26] C:\Program Files\Fichiers communs\Apple
    [21/09/2006|18:50] C:\Program Files\Fichiers communs\Creative
    [13/09/2006|17:50] C:\Program Files\Fichiers communs\DataViz
    [11/09/2006|19:31] C:\Program Files\Fichiers communs\Designer
    [21/04/2008|17:47] C:\Program Files\Fichiers communs\Droppix
    [03/01/2006|03:20] C:\Program Files\Fichiers communs\HP
    [02/09/2006|17:15] C:\Program Files\Fichiers communs\InstallShield
    [03/01/2006|03:05] C:\Program Files\Fichiers communs\Java
    [25/09/2006|20:15] C:\Program Files\Fichiers communs\KODAK
    [03/09/2006|11:18] C:\Program Files\Fichiers communs\Labtec
    [21/04/2008|17:46] C:\Program Files\Fichiers communs\LightScribe
    [11/06/2008|17:59] C:\Program Files\Fichiers communs\Microsoft Shared
    [27/10/2005|00:35] C:\Program Files\Fichiers communs\MSSoap
    [19/05/2007|13:34] C:\Program Files\Fichiers communs\Oberon Media
    [27/10/2005|00:35] C:\Program Files\Fichiers communs\ODBC
    [03/01/2006|03:24] C:\Program Files\Fichiers communs\Real
    [27/10/2005|00:35] C:\Program Files\Fichiers communs\Services
    [02/01/2007|14:12] C:\Program Files\Fichiers communs\Skype
    [03/01/2006|03:24] C:\Program Files\Fichiers communs\Sonic Shared
    [27/10/2005|00:35] C:\Program Files\Fichiers communs\SpeechEngines
    [03/01/2006|03:25] C:\Program Files\Fichiers communs\SureThing Shared
    [16/12/2006|10:01] C:\Program Files\Fichiers communs\SWF Studio
    [21/09/2008|19:50] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|23:30] C:\Program Files\Fichiers communs\System
    [03/01/2006|03:25] C:\Program Files\Fichiers communs\TiVo Shared
    [17/11/2007|11:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [31/08/2008|14:19] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [03/01/2006|03:24] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 48 Processus )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\lomig\Cookies\lomig@www.adserver5[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-22 17:27:37
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 68

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:117][D:11]-> C:\DOCUME~1\lomig\LOCALS~1\Temp
    [F:223][D:0]-> C:\DOCUME~1\lomig\Cookies
    [F:8267][D:13]-> C:\DOCUME~1\lomig\LOCALS~1\TEMPOR~1\content.IE5

    --------------------\\ Fin du rapport a 17:29:45
    a b 8 Sécurité
    22 Septembre 2008 18:50:21

    Reposte un rapport Hijackthis.
    22 Septembre 2008 20:21:46

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:21:23, on 22/09/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\ICQ6\ICQ.exe
    C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    C:\Program Files\palmOne\Hotsync.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
    O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: crawley - {8bbe40fd-0416-4c3f-80ea-0c7ad5fb1aab} - (no file)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    --
    End of file - 14667 bytes
    et voila...
    a b 8 Sécurité
    22 Septembre 2008 20:35:26

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    24 Septembre 2008 20:12:40

    Malwarebytes' Anti-Malware 1.25
    Version de la base de données: 1094
    Windows 5.1.2600 Service Pack 2

    22:51:51 23/09/2008
    mbam-log-09-23-2008 (22-51-15).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 204636
    Temps écoulé: 2 hour(s), 31 minute(s), 34 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP603\A0088851.dll (Adware.MyWeb.FunWeb) -> No action taken.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP603\A0088852.scr (Adware.MyWebSearch) -> No action taken.
    bonne soiré
    a b 8 Sécurité
    24 Septembre 2008 20:32:44

    Tu as bien supprimé les infections ?
    27 Septembre 2008 11:58:16

    ouai je croi ...
    27 Septembre 2008 11:58:50

    faut il que je le refasse?
    a b 8 Sécurité
    27 Septembre 2008 13:25:58

    Oui :) 
    1 Octobre 2008 19:50:48

    Malwarebytes' Anti-Malware 1.25
    Version de la base de données: 1094
    Windows 5.1.2600 Service Pack 2

    17:38:25 01/10/2008
    mbam-log-10-01-2008 (17-38-25).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 205357
    Temps écoulé: 2 hour(s), 31 minute(s), 2 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a b 8 Sécurité
    1 Octobre 2008 19:58:08

    Reposte un rapport Hijackthis.
    5 Octobre 2008 19:15:51

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:14:57, on 05/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\ICQ6\ICQ.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    C:\Program Files\palmOne\Hotsync.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\PhotoJoy\bin\PjApp.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Windows Live Toolbar\msn_sl.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\rundll32.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
    O4 - HKCU\..\Run: [PhotoJoy] C:\Program Files\PhotoJoy\bin\PhotoJoy.exe /c
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [regs remote] C:\DOCUME~1\COMPAQ~1\APPLIC~1\2BODY~1\Seek Mail.exe (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [PhotoJoy] C:\Program Files\PhotoJoy\bin\PhotoJoy.exe /c (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1011\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'solenn')
    O4 - S-1-5-21-2467794096-1380120373-2375025980-1008 Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe (User 'Compaq_Propriétaire')
    O4 - S-1-5-21-2467794096-1380120373-2375025980-1008 User Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe (User 'Compaq_Propriétaire')
    O4 - S-1-5-21-2467794096-1380120373-2375025980-1011 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'solenn')
    O4 - S-1-5-21-2467794096-1380120373-2375025980-1011 User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'solenn')
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
    O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: crawley - {8bbe40fd-0416-4c3f-80ea-0c7ad5fb1aab} - (no file)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    --
    End of file - 16851 bytes
    bonne soirée
    a b 8 Sécurité
    5 Octobre 2008 19:38:57

    La moindre des choses, c'est d'expliquer son retard ou de dire bonjour nan ?
    11 Octobre 2008 13:59:11

    bonjour,
    desolé je n'ai pas eu le temp de me connecter plus tot ; j'ai beaucoup de boulot ces temp si.
    bonne soirée

    a b 8 Sécurité
    11 Octobre 2008 14:11:16

    C'est le cas de tout le monde, je comprends. Mais quand tu reviens, ne balance pas un rapport comme ça.

    Télécharge Smitfraudfix (de S!ri).
    Enregistre-le sur ton bureau.
    Lance SmitfraudFix.exe (le .exe peut ne pas apparaitre).
    Choisis l'Option 1 (Recherche)
    Poste le premier rapport ici.

    **Si le lien ne fonctionne pas, clique ici**
    11 Octobre 2008 16:59:15

    j'ai un problemme :
    mon antivirus (orton )me dit qu'il a bloké un iedefender quand je clique sur l'icone smitfraud et la fenetre qui s'ouvre ne me propose pas d'option:SmitFraudFix v2.359

    "Fichier IEDFix.exe absent !
    Dezippez la totalité de l'archive dans un dossier.

    IEDFix.exe file missing !
    Unzip all the archive in a folder.

    Appuyez sur une touche pour continuer..."
    quand j'apui sur un touche cela fait apparaitre un nouveu dossier sur mon bureau:smitfraud ce dossier contient plusieur ellement genre"dumphive" "reboot" " exit"ect
    je fai quoi?
    a b 8 Sécurité
    11 Octobre 2008 17:25:47

    Désactive Norton pendant que tu utilises Smitfraudfix (il faut le retélécharger là)
    11 Octobre 2008 18:01:17

    voila le rapport
    SmitFraudFix v2.359

    Rapport fait à 17:45:36,85, 11/10/2008
    Executé à partir de C:\Documents and Settings\lomig\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» Process

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\ICQ6\ICQ.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\Program Files\palmOne\Hotsync.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\PhotoJoy\bin\PjApp.exe
    C:\Program Files\Windows Live Toolbar\msn_sl.exe
    C:\WINDOWS\system32\cmd.exe

    »»»»»»»»»»»»»»»»»»»»»»»» hosts


    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\lomig


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\lomig\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\lomig\Favoris


    »»»»»»»»»»»»»»»»»»»»»»»» Bureau


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Ma page d'accueil"


    »»»»»»»»»»»»»»»»»»»»»»»» o4Patch
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    o4Patch
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» VACFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    AntiXPVSTFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{8bbe40fd-0416-4c3f-80ea-0c7ad5fb1aab}"="crawley"



    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=""


    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    "System"=""


    »»»»»»»»»»»»»»»»»»»»»»»» RK



    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    Description: Wireless LAN PCI 802.11 b/g adapter WN5301A - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 15.243.128.51
    DNS Server Search Order: 15.243.160.51

    Description: NVIDIA nForce Networking Controller - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 192.168.1.1

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer=15.243.128.51 15.243.160.51
    HKLM\SYSTEM\CCS\Services\Tcpip\..\{F042F1BB-580F-486D-BCEA-39C912C963BC}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer=15.243.128.51 15.243.160.51
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{F042F1BB-580F-486D-BCEA-39C912C963BC}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer=15.243.128.51 15.243.160.51
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{F042F1BB-580F-486D-BCEA-39C912C963BC}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


    »»»»»»»»»»»»»»»»»»»»»»»» Fin

    a b 8 Sécurité
    12 Octobre 2008 10:46:49

    Passe l'option 2.
    13 Octobre 2008 20:43:15

    voila le rapport ...SmitFraudFix v2.359

    Rapport fait à 20:29:02,17, 13/10/2008
    Executé à partir de C:\Documents and Settings\lomig\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{8bbe40fd-0416-4c3f-80ea-0c7ad5fb1aab}"="crawley"


    »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


    »»»»»»»»»»»»»»»»»»»»»»»» hosts


    127.0.0.1 localhost

    »»»»»»»»»»»»»»»»»»»»»»»» VACFix

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

    S!Ri's WS2Fix: LSP not Found.


    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

    AntiXPVSTFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» RK


    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    Description: Wireless LAN PCI 802.11 b/g adapter WN5301A - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 15.243.128.51
    DNS Server Search Order: 15.243.160.51

    Description: NVIDIA nForce Networking Controller - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 192.168.1.1

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer=15.243.128.51 15.243.160.51
    HKLM\SYSTEM\CCS\Services\Tcpip\..\{F042F1BB-580F-486D-BCEA-39C912C963BC}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer=15.243.128.51 15.243.160.51
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{F042F1BB-580F-486D-BCEA-39C912C963BC}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer=15.243.128.51 15.243.160.51
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{F042F1BB-580F-486D-BCEA-39C912C963BC}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


    »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""


    »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

    Nettoyage terminé.

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» Fin

    en revanche mon fond d'ecran a disparu et il est impossible de le remetre j'essay de redemarer mon ordi...
    13 Octobre 2008 20:45:36

    re...en fait c'est bon pour mon fond d'ecran il est revenu tout seul...
    a b 8 Sécurité
    14 Octobre 2008 12:40:35

    Reposte un rapport Hijackthis.
    16 Octobre 2008 18:51:18

    salut
    voila mon rapport hijackthis...

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:49:35, on 16/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\Program Files\ICQ6\ICQ.exe
    C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    C:\Program Files\palmOne\Hotsync.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\PhotoJoy\bin\PjApp.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Windows Live Toolbar\msn_sl.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
    O4 - HKCU\..\Run: [PhotoJoy] C:\Program Files\PhotoJoy\bin\PhotoJoy.exe /c
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [regs remote] C:\DOCUME~1\COMPAQ~1\APPLIC~1\2BODY~1\Seek Mail.exe (User 'Compaq_Propriétaire')
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [PhotoJoy] C:\Program Files\PhotoJoy\bin\PhotoJoy.exe /c (User 'Compaq_Propriétaire')
    O4 - S-1-5-21-2467794096-1380120373-2375025980-1008 Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe (User 'Compaq_Propriétaire')
    O4 - S-1-5-21-2467794096-1380120373-2375025980-1008 User Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe (User 'Compaq_Propriétaire')
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
    O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    --
    End of file - 15191 bytes
    a b 8 Sécurité
    16 Octobre 2008 19:01:18

    Re,

    Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [regs remote] C:\DOCUME~1\COMPAQ~1\APPLIC~1\2BODY~1\Seek Mail.exe (User 'Compaq_Propriétaire')
    18 Octobre 2008 14:17:44

    bonjour
    une foi ces ligne fixer faut il que je reposte un rpport hijackthis?
    a b 8 Sécurité
    18 Octobre 2008 17:25:28

    Ouaip.
    20 Octobre 2008 20:39:44

    bonsoir ...
    voila le rapport
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:38:49, on 20/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    C:\Program Files\PhotoJoy\bin\PjApp.exe
    C:\Program Files\palmOne\Hotsync.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Windows Live Toolbar\msn_sl.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
    O4 - HKCU\..\Run: [PhotoJoy] C:\Program Files\PhotoJoy\bin\PhotoJoy.exe /c
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
    O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    --
    End of file - 13475 bytes
    merci
    a b 8 Sécurité
    20 Octobre 2008 20:49:00

    C'est ok ;) 
    21 Octobre 2008 20:29:04

    bah merci
    c'est simpa de ta pare
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS