Se connecter / S'enregistrer
Votre question

Fenêtre de pub

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
23 Septembre 2008 20:08:43

Bonjour à tous voilà j'arrive pas a bloquer les fenêtres de pub elle me gache la vie je vous passe mon hijackthis
Merci de m'aider
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:07:14, on 23/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\yannick\LOCALS~1\Temp\Rar$EX00.812\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [AXIS TONS THE MP3] C:\Documents and Settings\All Users\Application Data\Readme Live Axis Tons\Kind gpl.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DEFY MAPI] C:\DOCUME~1\yannick\APPLIC~1\BOLTEQ~1\MeowThat.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 8737 bytes

Autres pages sur : fenetre pub

a b 8 Sécurité
23 Septembre 2008 20:18:13

Bonjour,

Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de LopS&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré (C:\lopR.txt*)
    23 Septembre 2008 20:20:25

    oups déjà merci
    Contenus similaires
    23 Septembre 2008 20:57:55


    --------------------\\ Lop S&D 4.2.4-4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : Award Medallion BIOS v6.00PG
    USER : yannick ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Anti-Virus 8.0.0.454 (Activated)
    C:\ (Local Disk) - NTFS - Total : 186 Go Free : 147 Go
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)

    "C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
    Option : [1] ( 23/09/2008|20:53 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [23/09/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [24/03/2008|22:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [24/03/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [24/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/08/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
    [23/09/2008|07:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [15/09/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [17/09/2008|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [13/07/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [01/06/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [15/06/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MinigolfAdventures
    [02/09/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
    [07/09/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiberianStrikeX
    [06/07/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra Online
    [15/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [13/09/2008|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
    [06/05/2008|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [24/03/2008|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [04/04/2008|21:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [24/03/2008|16:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [01/06/2008|11:52] C:\DOCUME~1\yannick\APPLIC~1\Adobe
    [24/06/2008|20:52] C:\DOCUME~1\yannick\APPLIC~1\Alawar
    [15/09/2008|22:01] C:\DOCUME~1\yannick\APPLIC~1\Apple Computer
    [21/09/2008|09:31] C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp
    [14/04/2008|16:16] C:\DOCUME~1\yannick\APPLIC~1\CamfrogWEB
    [07/04/2008|16:57] C:\DOCUME~1\yannick\APPLIC~1\Help
    [24/03/2008|16:08] C:\DOCUME~1\yannick\APPLIC~1\Identities
    [13/07/2008|19:35] C:\DOCUME~1\yannick\APPLIC~1\InstallShield
    [07/07/2008|22:21] C:\DOCUME~1\yannick\APPLIC~1\iWin
    [04/04/2008|19:34] C:\DOCUME~1\yannick\APPLIC~1\Lavasoft
    [02/04/2008|21:12] C:\DOCUME~1\yannick\APPLIC~1\Leadertech
    [24/03/2008|20:48] C:\DOCUME~1\yannick\APPLIC~1\Macromedia
    [18/04/2008|21:27] C:\DOCUME~1\yannick\APPLIC~1\Microsoft
    [13/07/2008|17:13] C:\DOCUME~1\yannick\APPLIC~1\Mozilla
    [06/07/2008|19:03] C:\DOCUME~1\yannick\APPLIC~1\Sierra Online
    [02/04/2008|21:14] C:\DOCUME~1\yannick\APPLIC~1\Sonic
    [22/06/2008|17:29] C:\DOCUME~1\yannick\APPLIC~1\Sun
    [24/03/2008|21:47] C:\DOCUME~1\yannick\APPLIC~1\vlc
    [15/06/2008|20:34] C:\DOCUME~1\yannick\APPLIC~1\WildTangent

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [23/09/2008 16:19][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [23/09/2008 07:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [13/09/2008|14:46] C:\Program Files\Adobe
    [30/05/2008|17:03] C:\Program Files\Alwil Software
    [13/07/2008|19:36] C:\Program Files\AMD
    [05/08/2008|10:37] C:\Program Files\Apple Software Update
    [13/07/2008|19:38] C:\Program Files\ATI Technologies
    [02/09/2008|13:35] C:\Program Files\bolt eq comp
    [14/07/2008|10:58] C:\Program Files\CA Yahoo! Anti-Spy
    [20/07/2008|18:36] C:\Program Files\CFWebAdvancedU
    [02/09/2008|13:35] C:\Program Files\Circle Developement
    [24/03/2008|15:58] C:\Program Files\ComPlus Applications
    [02/04/2008|21:31] C:\Program Files\DIFX
    [22/09/2008|07:25] C:\Program Files\eMule
    [14/07/2008|10:07] C:\Program Files\Fichiers communs
    [13/07/2008|19:38] C:\Program Files\InstallShield Installation Information
    [25/08/2008|20:03] C:\Program Files\Internet Explorer
    [24/03/2008|20:39] C:\Program Files\Inventel
    [23/09/2008|17:06] C:\Program Files\iPod
    [23/09/2008|17:06] C:\Program Files\iTunes
    [13/07/2008|19:50] C:\Program Files\Java
    [15/09/2008|19:19] C:\Program Files\Kaspersky Lab
    [24/03/2008|22:42] C:\Program Files\K-Lite Codec Pack
    [17/09/2008|18:16] C:\Program Files\Lavasoft
    [13/07/2008|18:24] C:\Program Files\ma-config.com
    [28/08/2008|10:49] C:\Program Files\Messenger
    [02/09/2008|13:35] C:\Program Files\Messenger Plus! Live
    [24/03/2008|16:01] C:\Program Files\microsoft frontpage
    [24/03/2008|20:28] C:\Program Files\Microsoft Office
    [28/08/2008|10:46] C:\Program Files\Movie Maker
    [15/09/2008|18:53] C:\Program Files\Mozilla Firefox
    [24/03/2008|15:57] C:\Program Files\MSN
    [24/03/2008|15:57] C:\Program Files\MSN Gaming Zone
    [24/03/2008|22:31] C:\Program Files\MSXML 4.0
    [28/08/2008|10:43] C:\Program Files\NetMeeting
    [24/03/2008|15:57] C:\Program Files\Online Services
    [24/03/2008|22:48] C:\Program Files\Orange
    [28/08/2008|10:43] C:\Program Files\Outlook Express
    [23/09/2008|17:04] C:\Program Files\QuickTime
    [24/03/2008|20:37] C:\Program Files\Securitoo
    [24/03/2008|15:59] C:\Program Files\Services en ligne
    [02/04/2008|21:08] C:\Program Files\Sonic
    [15/09/2008|19:16] C:\Program Files\Spybot - Search & Destroy
    [23/09/2008|20:12] C:\Program Files\Trend Micro
    [24/03/2008|16:08] C:\Program Files\Uninstall Information
    [13/07/2008|19:37] C:\Program Files\VIA
    [24/03/2008|21:46] C:\Program Files\VideoLAN
    [23/09/2008|10:57] C:\Program Files\Wanadoo
    [22/09/2008|22:49] C:\Program Files\WildGames
    [24/03/2008|21:55] C:\Program Files\Windows Live
    [04/05/2008|20:21] C:\Program Files\Windows Media Connect 2
    [28/08/2008|10:43] C:\Program Files\Windows Media Player
    [28/08/2008|10:43] C:\Program Files\Windows NT
    [24/03/2008|15:59] C:\Program Files\WindowsUpdate
    [24/03/2008|20:28] C:\Program Files\WinRAR
    [24/03/2008|16:01] C:\Program Files\xerox
    [13/07/2008|17:16] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [24/03/2008|22:21] C:\Program Files\Fichiers communs\Adobe
    [23/09/2008|17:03] C:\Program Files\Fichiers communs\Apple
    [24/03/2008|20:28] C:\Program Files\Fichiers communs\Designer
    [13/07/2008|19:36] C:\Program Files\Fichiers communs\InstallShield
    [22/06/2008|17:27] C:\Program Files\Fichiers communs\Java
    [24/03/2008|23:42] C:\Program Files\Fichiers communs\Logitech
    [25/03/2008|13:17] C:\Program Files\Fichiers communs\Microsoft Shared
    [24/03/2008|15:58] C:\Program Files\Fichiers communs\MSSoap
    [24/03/2008|16:44] C:\Program Files\Fichiers communs\ODBC
    [24/03/2008|15:58] C:\Program Files\Fichiers communs\Services
    [02/04/2008|21:09] C:\Program Files\Fichiers communs\Sonic
    [24/03/2008|16:44] C:\Program Files\Fichiers communs\SpeechEngines
    [02/04/2008|21:08] C:\Program Files\Fichiers communs\SureThing Shared
    [28/08/2008|10:43] C:\Program Files\Fichiers communs\System
    [24/03/2008|21:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [17/09/2008|18:15] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 46 Processes )

    IEXPLORE.EXE ~ [PID:1112]
    IEXPLORE.EXE ~ [PID:3692]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\Kind gpl.exe
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\DOCUME~1\yannick\Cookies\yannick@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\yannick\Cookies\yannick@cotedazurpalace[2].txt
    C:\DOCUME~1\yannick\Cookies\yannick@adopt.euroclick[1].txt
    C:\DOCUME~1\yannick\Cookies\yannick@32vegas[1].txt
    C:\DOCUME~1\yannick\Cookies\yannick@banner.32vegas[2].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AXIS TONS THE MP3"="C:\\Documents and Settings\\All Users\\Application Data\\Readme Live Axis Tons\\Kind gpl.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-23 20:55:23
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 17

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\yannick\Mes documents\logitiels\Ahead.NeroLinux.v3.5.0.1.Incl-Keygen.rar


    [F:160][D:8]-> C:\DOCUME~1\yannick\LOCALS~1\Temp
    [F:77][D:0]-> C:\DOCUME~1\yannick\Cookies
    [F:2067][D:8]-> C:\DOCUME~1\yannick\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 23/09/2008|20:56 - Option : [1]

    --------------------\\ Fin du rapport a 20:56:56

    Voilà
    ET ENCORE MERCI DE LA RAPIDITEE
    a b 8 Sécurité
    23 Septembre 2008 21:03:27

    Euh il n'est pas complet.
    23 Septembre 2008 21:27:43

    il manque quoi?
    23 Septembre 2008 21:29:02

    j'ai rien d'autre
    je recommence si tu veux?


    23 Septembre 2008 21:34:03


    --------------------\\ Lop S&D 4.2.4-4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : Award Medallion BIOS v6.00PG
    USER : yannick ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Anti-Virus 8.0.0.454 (Activated)
    C:\ (Local Disk) - NTFS - Total : 186 Go Free : 147 Go
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)

    "C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
    Option : [1] ( 23/09/2008|21:29 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [23/09/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [24/03/2008|22:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [24/03/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [24/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/08/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
    [23/09/2008|07:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [15/09/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [17/09/2008|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [13/07/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [01/06/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [15/06/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MinigolfAdventures
    [02/09/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
    [07/09/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiberianStrikeX
    [06/07/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra Online
    [15/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [13/09/2008|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
    [06/05/2008|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [24/03/2008|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [04/04/2008|21:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [24/03/2008|16:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [01/06/2008|11:52] C:\DOCUME~1\yannick\APPLIC~1\Adobe
    [24/06/2008|20:52] C:\DOCUME~1\yannick\APPLIC~1\Alawar
    [15/09/2008|22:01] C:\DOCUME~1\yannick\APPLIC~1\Apple Computer
    [21/09/2008|09:31] C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp
    [14/04/2008|16:16] C:\DOCUME~1\yannick\APPLIC~1\CamfrogWEB
    [07/04/2008|16:57] C:\DOCUME~1\yannick\APPLIC~1\Help
    [24/03/2008|16:08] C:\DOCUME~1\yannick\APPLIC~1\Identities
    [13/07/2008|19:35] C:\DOCUME~1\yannick\APPLIC~1\InstallShield
    [07/07/2008|22:21] C:\DOCUME~1\yannick\APPLIC~1\iWin
    [04/04/2008|19:34] C:\DOCUME~1\yannick\APPLIC~1\Lavasoft
    [02/04/2008|21:12] C:\DOCUME~1\yannick\APPLIC~1\Leadertech
    [24/03/2008|20:48] C:\DOCUME~1\yannick\APPLIC~1\Macromedia
    [18/04/2008|21:27] C:\DOCUME~1\yannick\APPLIC~1\Microsoft
    [13/07/2008|17:13] C:\DOCUME~1\yannick\APPLIC~1\Mozilla
    [06/07/2008|19:03] C:\DOCUME~1\yannick\APPLIC~1\Sierra Online
    [02/04/2008|21:14] C:\DOCUME~1\yannick\APPLIC~1\Sonic
    [22/06/2008|17:29] C:\DOCUME~1\yannick\APPLIC~1\Sun
    [24/03/2008|21:47] C:\DOCUME~1\yannick\APPLIC~1\vlc
    [15/06/2008|20:34] C:\DOCUME~1\yannick\APPLIC~1\WildTangent

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [23/09/2008 16:19][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [23/09/2008 07:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [13/09/2008|14:46] C:\Program Files\Adobe
    [30/05/2008|17:03] C:\Program Files\Alwil Software
    [13/07/2008|19:36] C:\Program Files\AMD
    [05/08/2008|10:37] C:\Program Files\Apple Software Update
    [13/07/2008|19:38] C:\Program Files\ATI Technologies
    [02/09/2008|13:35] C:\Program Files\bolt eq comp
    [14/07/2008|10:58] C:\Program Files\CA Yahoo! Anti-Spy
    [20/07/2008|18:36] C:\Program Files\CFWebAdvancedU
    [02/09/2008|13:35] C:\Program Files\Circle Developement
    [24/03/2008|15:58] C:\Program Files\ComPlus Applications
    [02/04/2008|21:31] C:\Program Files\DIFX
    [22/09/2008|07:25] C:\Program Files\eMule
    [14/07/2008|10:07] C:\Program Files\Fichiers communs
    [13/07/2008|19:38] C:\Program Files\InstallShield Installation Information
    [25/08/2008|20:03] C:\Program Files\Internet Explorer
    [24/03/2008|20:39] C:\Program Files\Inventel
    [23/09/2008|17:06] C:\Program Files\iPod
    [23/09/2008|17:06] C:\Program Files\iTunes
    [13/07/2008|19:50] C:\Program Files\Java
    [15/09/2008|19:19] C:\Program Files\Kaspersky Lab
    [24/03/2008|22:42] C:\Program Files\K-Lite Codec Pack
    [17/09/2008|18:16] C:\Program Files\Lavasoft
    [13/07/2008|18:24] C:\Program Files\ma-config.com
    [28/08/2008|10:49] C:\Program Files\Messenger
    [02/09/2008|13:35] C:\Program Files\Messenger Plus! Live
    [24/03/2008|16:01] C:\Program Files\microsoft frontpage
    [24/03/2008|20:28] C:\Program Files\Microsoft Office
    [28/08/2008|10:46] C:\Program Files\Movie Maker
    [15/09/2008|18:53] C:\Program Files\Mozilla Firefox
    [24/03/2008|15:57] C:\Program Files\MSN
    [24/03/2008|15:57] C:\Program Files\MSN Gaming Zone
    [24/03/2008|22:31] C:\Program Files\MSXML 4.0
    [28/08/2008|10:43] C:\Program Files\NetMeeting
    [24/03/2008|15:57] C:\Program Files\Online Services
    [24/03/2008|22:48] C:\Program Files\Orange
    [28/08/2008|10:43] C:\Program Files\Outlook Express
    [23/09/2008|17:04] C:\Program Files\QuickTime
    [24/03/2008|20:37] C:\Program Files\Securitoo
    [24/03/2008|15:59] C:\Program Files\Services en ligne
    [02/04/2008|21:08] C:\Program Files\Sonic
    [15/09/2008|19:16] C:\Program Files\Spybot - Search & Destroy
    [23/09/2008|20:12] C:\Program Files\Trend Micro
    [24/03/2008|16:08] C:\Program Files\Uninstall Information
    [13/07/2008|19:37] C:\Program Files\VIA
    [24/03/2008|21:46] C:\Program Files\VideoLAN
    [23/09/2008|10:57] C:\Program Files\Wanadoo
    [22/09/2008|22:49] C:\Program Files\WildGames
    [24/03/2008|21:55] C:\Program Files\Windows Live
    [04/05/2008|20:21] C:\Program Files\Windows Media Connect 2
    [28/08/2008|10:43] C:\Program Files\Windows Media Player
    [28/08/2008|10:43] C:\Program Files\Windows NT
    [24/03/2008|15:59] C:\Program Files\WindowsUpdate
    [24/03/2008|20:28] C:\Program Files\WinRAR
    [24/03/2008|16:01] C:\Program Files\xerox
    [13/07/2008|17:16] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [24/03/2008|22:21] C:\Program Files\Fichiers communs\Adobe
    [23/09/2008|17:03] C:\Program Files\Fichiers communs\Apple
    [24/03/2008|20:28] C:\Program Files\Fichiers communs\Designer
    [13/07/2008|19:36] C:\Program Files\Fichiers communs\InstallShield
    [22/06/2008|17:27] C:\Program Files\Fichiers communs\Java
    [24/03/2008|23:42] C:\Program Files\Fichiers communs\Logitech
    [25/03/2008|13:17] C:\Program Files\Fichiers communs\Microsoft Shared
    [24/03/2008|15:58] C:\Program Files\Fichiers communs\MSSoap
    [24/03/2008|16:44] C:\Program Files\Fichiers communs\ODBC
    [24/03/2008|15:58] C:\Program Files\Fichiers communs\Services
    [02/04/2008|21:09] C:\Program Files\Fichiers communs\Sonic
    [24/03/2008|16:44] C:\Program Files\Fichiers communs\SpeechEngines
    [02/04/2008|21:08] C:\Program Files\Fichiers communs\SureThing Shared
    [28/08/2008|10:43] C:\Program Files\Fichiers communs\System
    [24/03/2008|21:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [17/09/2008|18:15] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 46 Processes )

    IEXPLORE.EXE ~ [PID:1112]
    IEXPLORE.EXE ~ [PID:3692]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\Kind gpl.exe
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\DOCUME~1\yannick\Cookies\yannick@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\yannick\Cookies\yannick@cotedazurpalace[2].txt
    C:\DOCUME~1\yannick\Cookies\yannick@adopt.euroclick[1].txt
    C:\DOCUME~1\yannick\Cookies\yannick@32vegas[1].txt
    C:\DOCUME~1\yannick\Cookies\yannick@banner.32vegas[2].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AXIS TONS THE MP3"="C:\\Documents and Settings\\All Users\\Application Data\\Readme Live Axis Tons\\Kind gpl.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-23 21:31:36
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 17

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\yannick\Mes documents\logitiels\Ahead.NeroLinux.v3.5.0.1.Incl-Keygen.rar


    [F:160][D:8]-> C:\DOCUME~1\yannick\LOCALS~1\Temp
    [F:83][D:0]-> C:\DOCUME~1\yannick\Cookies
    [F:2462][D:8]-> C:\DOCUME~1\yannick\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 23/09/2008|20:56 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 23/09/2008|21:33 - Option : [1]

    --------------------\\ Fin du rapport a 21:33:19
    a b 8 Sécurité
    24 Septembre 2008 12:51:57

    Re,

    Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.
    24 Septembre 2008 18:56:53


    --------------------\\ Lop S&D 4.2.4-4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : Award Medallion BIOS v6.00PG
    USER : yannick ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Anti-Virus 8.0.0.454 (Activated)
    C:\ (Local Disk) - NTFS - Total : 186 Go Free : 146 Go
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)

    "C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
    Option : [2] ( 24/09/2008|18:52 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\Kind gpl.exe
    Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
    Supprime! - C:\Program Files\Circle Developement
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [23/09/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [24/03/2008|22:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [24/03/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [24/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/08/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
    [24/09/2008|08:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [15/09/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [17/09/2008|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [13/07/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [01/06/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [15/06/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MinigolfAdventures
    [07/09/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiberianStrikeX
    [06/07/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra Online
    [15/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [13/09/2008|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
    [06/05/2008|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [24/03/2008|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [04/04/2008|21:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [24/03/2008|16:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [01/06/2008|11:52] C:\DOCUME~1\yannick\APPLIC~1\Adobe
    [24/06/2008|20:52] C:\DOCUME~1\yannick\APPLIC~1\Alawar
    [15/09/2008|22:01] C:\DOCUME~1\yannick\APPLIC~1\Apple Computer
    [21/09/2008|09:31] C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp
    [14/04/2008|16:16] C:\DOCUME~1\yannick\APPLIC~1\CamfrogWEB
    [07/04/2008|16:57] C:\DOCUME~1\yannick\APPLIC~1\Help
    [24/03/2008|16:08] C:\DOCUME~1\yannick\APPLIC~1\Identities
    [13/07/2008|19:35] C:\DOCUME~1\yannick\APPLIC~1\InstallShield
    [07/07/2008|22:21] C:\DOCUME~1\yannick\APPLIC~1\iWin
    [04/04/2008|19:34] C:\DOCUME~1\yannick\APPLIC~1\Lavasoft
    [02/04/2008|21:12] C:\DOCUME~1\yannick\APPLIC~1\Leadertech
    [24/03/2008|20:48] C:\DOCUME~1\yannick\APPLIC~1\Macromedia
    [18/04/2008|21:27] C:\DOCUME~1\yannick\APPLIC~1\Microsoft
    [13/07/2008|17:13] C:\DOCUME~1\yannick\APPLIC~1\Mozilla
    [06/07/2008|19:03] C:\DOCUME~1\yannick\APPLIC~1\Sierra Online
    [02/04/2008|21:14] C:\DOCUME~1\yannick\APPLIC~1\Sonic
    [22/06/2008|17:29] C:\DOCUME~1\yannick\APPLIC~1\Sun
    [24/03/2008|21:47] C:\DOCUME~1\yannick\APPLIC~1\vlc
    [15/06/2008|20:34] C:\DOCUME~1\yannick\APPLIC~1\WildTangent

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [23/09/2008 16:19][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [24/09/2008 07:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [13/09/2008|14:46] C:\Program Files\Adobe
    [30/05/2008|17:03] C:\Program Files\Alwil Software
    [13/07/2008|19:36] C:\Program Files\AMD
    [05/08/2008|10:37] C:\Program Files\Apple Software Update
    [13/07/2008|19:38] C:\Program Files\ATI Technologies
    [02/09/2008|13:35] C:\Program Files\bolt eq comp
    [14/07/2008|10:58] C:\Program Files\CA Yahoo! Anti-Spy
    [20/07/2008|18:36] C:\Program Files\CFWebAdvancedU
    [24/03/2008|15:58] C:\Program Files\ComPlus Applications
    [02/04/2008|21:31] C:\Program Files\DIFX
    [24/09/2008|13:52] C:\Program Files\eMule
    [14/07/2008|10:07] C:\Program Files\Fichiers communs
    [13/07/2008|19:38] C:\Program Files\InstallShield Installation Information
    [25/08/2008|20:03] C:\Program Files\Internet Explorer
    [24/03/2008|20:39] C:\Program Files\Inventel
    [23/09/2008|17:06] C:\Program Files\iPod
    [23/09/2008|17:06] C:\Program Files\iTunes
    [13/07/2008|19:50] C:\Program Files\Java
    [15/09/2008|19:19] C:\Program Files\Kaspersky Lab
    [24/03/2008|22:42] C:\Program Files\K-Lite Codec Pack
    [17/09/2008|18:16] C:\Program Files\Lavasoft
    [13/07/2008|18:24] C:\Program Files\ma-config.com
    [28/08/2008|10:49] C:\Program Files\Messenger
    [02/09/2008|13:35] C:\Program Files\Messenger Plus! Live
    [24/03/2008|16:01] C:\Program Files\microsoft frontpage
    [24/03/2008|20:28] C:\Program Files\Microsoft Office
    [28/08/2008|10:46] C:\Program Files\Movie Maker
    [15/09/2008|18:53] C:\Program Files\Mozilla Firefox
    [24/03/2008|15:57] C:\Program Files\MSN
    [24/03/2008|15:57] C:\Program Files\MSN Gaming Zone
    [24/03/2008|22:31] C:\Program Files\MSXML 4.0
    [28/08/2008|10:43] C:\Program Files\NetMeeting
    [24/03/2008|15:57] C:\Program Files\Online Services
    [24/03/2008|22:48] C:\Program Files\Orange
    [28/08/2008|10:43] C:\Program Files\Outlook Express
    [23/09/2008|17:04] C:\Program Files\QuickTime
    [24/03/2008|20:37] C:\Program Files\Securitoo
    [24/03/2008|15:59] C:\Program Files\Services en ligne
    [02/04/2008|21:08] C:\Program Files\Sonic
    [15/09/2008|19:16] C:\Program Files\Spybot - Search & Destroy
    [23/09/2008|20:12] C:\Program Files\Trend Micro
    [24/03/2008|16:08] C:\Program Files\Uninstall Information
    [13/07/2008|19:37] C:\Program Files\VIA
    [24/03/2008|21:46] C:\Program Files\VideoLAN
    [24/09/2008|11:42] C:\Program Files\Wanadoo
    [22/09/2008|22:49] C:\Program Files\WildGames
    [24/03/2008|21:55] C:\Program Files\Windows Live
    [04/05/2008|20:21] C:\Program Files\Windows Media Connect 2
    [28/08/2008|10:43] C:\Program Files\Windows Media Player
    [28/08/2008|10:43] C:\Program Files\Windows NT
    [24/03/2008|15:59] C:\Program Files\WindowsUpdate
    [24/03/2008|20:28] C:\Program Files\WinRAR
    [24/03/2008|16:01] C:\Program Files\xerox
    [13/07/2008|17:16] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [24/03/2008|22:21] C:\Program Files\Fichiers communs\Adobe
    [23/09/2008|17:03] C:\Program Files\Fichiers communs\Apple
    [24/03/2008|20:28] C:\Program Files\Fichiers communs\Designer
    [13/07/2008|19:36] C:\Program Files\Fichiers communs\InstallShield
    [22/06/2008|17:27] C:\Program Files\Fichiers communs\Java
    [24/03/2008|23:42] C:\Program Files\Fichiers communs\Logitech
    [25/03/2008|13:17] C:\Program Files\Fichiers communs\Microsoft Shared
    [24/03/2008|15:58] C:\Program Files\Fichiers communs\MSSoap
    [24/03/2008|16:44] C:\Program Files\Fichiers communs\ODBC
    [24/03/2008|15:58] C:\Program Files\Fichiers communs\Services
    [02/04/2008|21:09] C:\Program Files\Fichiers communs\Sonic
    [24/03/2008|16:44] C:\Program Files\Fichiers communs\SpeechEngines
    [02/04/2008|21:08] C:\Program Files\Fichiers communs\SureThing Shared
    [28/08/2008|10:43] C:\Program Files\Fichiers communs\System
    [24/03/2008|21:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [17/09/2008|18:15] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 42 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-24 18:53:24
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 17

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\yannick\Mes documents\logitiels\Ahead.NeroLinux.v3.5.0.1.Incl-Keygen.rar


    [F:165][D:8]-> C:\DOCUME~1\yannick\LOCALS~1\Temp
    [F:26][D:0]-> C:\DOCUME~1\yannick\Cookies
    [F:190][D:5]-> C:\DOCUME~1\yannick\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 23/09/2008|20:56 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 23/09/2008|21:33 - Option : [1]
    3 - "C:\Lop SD\LopR_3.txt" - 24/09/2008|18:54 - Option : [2]

    --------------------\\ Fin du rapport a 18:54:32

    C'est fait
    a b 8 Sécurité
    24 Septembre 2008 19:04:56

    Reposte un rapport Hijackthis.
    24 Septembre 2008 20:54:28

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:54:09, on 24/09/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DEFY MAPI] C:\DOCUME~1\yannick\APPLIC~1\BOLTEQ~1\MeowThat.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 8403 bytes
    a b 8 Sécurité
    25 Septembre 2008 16:58:52

    Re,

    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    C:\Program Files\bolt eq comp
    C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp


  • Relance Lop S&D.
  • Choisis cette fois-ci l'option 4 (LopScript). Une page blanche va s'ouvrir, colle (Ctrl+V) le texte précedemment copié.
  • Ferme cette page, il te sera demandé de l'enregistrer, accepte.
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ![/#f]
  • Poste le rapport généré (C:\lopR.txt*)

    (Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    * le nom de la partition peut changer
    25 Septembre 2008 20:34:26


    --------------------\\ Lop S&D 4.2.4-4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : Award Medallion BIOS v6.00PG
    USER : yannick ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Anti-Virus 8.0.0.454 (Activated)
    C:\ (Local Disk) - NTFS - Total : 186 Go Free : 146 Go
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)

    "C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
    Option : [4] ( 25/09/2008|20:26 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

    C:\Program Files\bolt eq comp
    C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\Program Files\bolt eq comp
    Supprime! - C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [23/09/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [24/03/2008|22:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [24/03/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [24/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/08/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
    [25/09/2008|10:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [15/09/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [17/09/2008|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [13/07/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [01/06/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [15/06/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MinigolfAdventures
    [07/09/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiberianStrikeX
    [06/07/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra Online
    [15/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [13/09/2008|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
    [06/05/2008|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [24/03/2008|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [04/04/2008|21:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [24/03/2008|16:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [01/06/2008|11:52] C:\DOCUME~1\yannick\APPLIC~1\Adobe
    [24/06/2008|20:52] C:\DOCUME~1\yannick\APPLIC~1\Alawar
    [15/09/2008|22:01] C:\DOCUME~1\yannick\APPLIC~1\Apple Computer
    [14/04/2008|16:16] C:\DOCUME~1\yannick\APPLIC~1\CamfrogWEB
    [07/04/2008|16:57] C:\DOCUME~1\yannick\APPLIC~1\Help
    [24/03/2008|16:08] C:\DOCUME~1\yannick\APPLIC~1\Identities
    [13/07/2008|19:35] C:\DOCUME~1\yannick\APPLIC~1\InstallShield
    [07/07/2008|22:21] C:\DOCUME~1\yannick\APPLIC~1\iWin
    [04/04/2008|19:34] C:\DOCUME~1\yannick\APPLIC~1\Lavasoft
    [02/04/2008|21:12] C:\DOCUME~1\yannick\APPLIC~1\Leadertech
    [24/03/2008|20:48] C:\DOCUME~1\yannick\APPLIC~1\Macromedia
    [18/04/2008|21:27] C:\DOCUME~1\yannick\APPLIC~1\Microsoft
    [13/07/2008|17:13] C:\DOCUME~1\yannick\APPLIC~1\Mozilla
    [06/07/2008|19:03] C:\DOCUME~1\yannick\APPLIC~1\Sierra Online
    [02/04/2008|21:14] C:\DOCUME~1\yannick\APPLIC~1\Sonic
    [22/06/2008|17:29] C:\DOCUME~1\yannick\APPLIC~1\Sun
    [24/03/2008|21:47] C:\DOCUME~1\yannick\APPLIC~1\vlc
    [15/06/2008|20:34] C:\DOCUME~1\yannick\APPLIC~1\WildTangent

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [23/09/2008 16:19][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [25/09/2008 10:44][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [13/09/2008|14:46] C:\Program Files\Adobe
    [30/05/2008|17:03] C:\Program Files\Alwil Software
    [13/07/2008|19:36] C:\Program Files\AMD
    [05/08/2008|10:37] C:\Program Files\Apple Software Update
    [13/07/2008|19:38] C:\Program Files\ATI Technologies
    [14/07/2008|10:58] C:\Program Files\CA Yahoo! Anti-Spy
    [20/07/2008|18:36] C:\Program Files\CFWebAdvancedU
    [24/03/2008|15:58] C:\Program Files\ComPlus Applications
    [02/04/2008|21:31] C:\Program Files\DIFX
    [25/09/2008|14:25] C:\Program Files\eMule
    [14/07/2008|10:07] C:\Program Files\Fichiers communs
    [13/07/2008|19:38] C:\Program Files\InstallShield Installation Information
    [25/08/2008|20:03] C:\Program Files\Internet Explorer
    [24/03/2008|20:39] C:\Program Files\Inventel
    [23/09/2008|17:06] C:\Program Files\iPod
    [23/09/2008|17:06] C:\Program Files\iTunes
    [13/07/2008|19:50] C:\Program Files\Java
    [15/09/2008|19:19] C:\Program Files\Kaspersky Lab
    [24/03/2008|22:42] C:\Program Files\K-Lite Codec Pack
    [17/09/2008|18:16] C:\Program Files\Lavasoft
    [13/07/2008|18:24] C:\Program Files\ma-config.com
    [28/08/2008|10:49] C:\Program Files\Messenger
    [02/09/2008|13:35] C:\Program Files\Messenger Plus! Live
    [24/03/2008|16:01] C:\Program Files\microsoft frontpage
    [24/03/2008|20:28] C:\Program Files\Microsoft Office
    [28/08/2008|10:46] C:\Program Files\Movie Maker
    [15/09/2008|18:53] C:\Program Files\Mozilla Firefox
    [24/03/2008|15:57] C:\Program Files\MSN
    [24/03/2008|15:57] C:\Program Files\MSN Gaming Zone
    [24/03/2008|22:31] C:\Program Files\MSXML 4.0
    [28/08/2008|10:43] C:\Program Files\NetMeeting
    [24/03/2008|15:57] C:\Program Files\Online Services
    [24/03/2008|22:48] C:\Program Files\Orange
    [28/08/2008|10:43] C:\Program Files\Outlook Express
    [23/09/2008|17:04] C:\Program Files\QuickTime
    [24/03/2008|20:37] C:\Program Files\Securitoo
    [24/03/2008|15:59] C:\Program Files\Services en ligne
    [02/04/2008|21:08] C:\Program Files\Sonic
    [15/09/2008|19:16] C:\Program Files\Spybot - Search & Destroy
    [23/09/2008|20:12] C:\Program Files\Trend Micro
    [24/03/2008|16:08] C:\Program Files\Uninstall Information
    [13/07/2008|19:37] C:\Program Files\VIA
    [24/03/2008|21:46] C:\Program Files\VideoLAN
    [25/09/2008|12:04] C:\Program Files\Wanadoo
    [22/09/2008|22:49] C:\Program Files\WildGames
    [24/03/2008|21:55] C:\Program Files\Windows Live
    [04/05/2008|20:21] C:\Program Files\Windows Media Connect 2
    [28/08/2008|10:43] C:\Program Files\Windows Media Player
    [28/08/2008|10:43] C:\Program Files\Windows NT
    [24/03/2008|15:59] C:\Program Files\WindowsUpdate
    [24/03/2008|20:28] C:\Program Files\WinRAR
    [24/03/2008|16:01] C:\Program Files\xerox
    [13/07/2008|17:16] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [24/03/2008|22:21] C:\Program Files\Fichiers communs\Adobe
    [23/09/2008|17:03] C:\Program Files\Fichiers communs\Apple
    [24/03/2008|20:28] C:\Program Files\Fichiers communs\Designer
    [13/07/2008|19:36] C:\Program Files\Fichiers communs\InstallShield
    [22/06/2008|17:27] C:\Program Files\Fichiers communs\Java
    [24/03/2008|23:42] C:\Program Files\Fichiers communs\Logitech
    [25/03/2008|13:17] C:\Program Files\Fichiers communs\Microsoft Shared
    [24/03/2008|15:58] C:\Program Files\Fichiers communs\MSSoap
    [24/03/2008|16:44] C:\Program Files\Fichiers communs\ODBC
    [24/03/2008|15:58] C:\Program Files\Fichiers communs\Services
    [02/04/2008|21:09] C:\Program Files\Fichiers communs\Sonic
    [24/03/2008|16:44] C:\Program Files\Fichiers communs\SpeechEngines
    [02/04/2008|21:08] C:\Program Files\Fichiers communs\SureThing Shared
    [28/08/2008|10:43] C:\Program Files\Fichiers communs\System
    [24/03/2008|21:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [17/09/2008|18:15] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 41 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-25 20:29:44
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 17

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\yannick\Mes documents\logitiels\Ahead.NeroLinux.v3.5.0.1.Incl-Keygen.rar


    [F:163][D:6]-> C:\DOCUME~1\yannick\LOCALS~1\Temp
    [F:28][D:0]-> C:\DOCUME~1\yannick\Cookies
    [F:152][D:5]-> C:\DOCUME~1\yannick\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 23/09/2008|20:56 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 23/09/2008|21:33 - Option : [1]
    3 - "C:\Lop SD\LopR_3.txt" - 24/09/2008|18:54 - Option : [2]
    4 - "C:\Lop SD\LopR_4.txt" - 25/09/2008|20:31 - Option : [4]

    --------------------\\ Fin du rapport a 20:31:04

    Voilà
    a b 8 Sécurité
    25 Septembre 2008 21:02:09

    Reposte un rapport Hijackthis.
    25 Septembre 2008 21:09:48

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:09:30, on 25/09/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DEFY MAPI] C:\DOCUME~1\yannick\APPLIC~1\BOLTEQ~1\MeowThat.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 8403 bytes
    a b 8 Sécurité
    26 Septembre 2008 19:34:08

    Re,

    Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    26 Septembre 2008 21:35:13

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:34:42, on 26/09/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DEFY MAPI] C:\DOCUME~1\yannick\APPLIC~1\BOLTEQ~1\MeowThat.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 8208 bytes
    26 Septembre 2008 21:36:15

    j'ai fait ce que tu m'a dit je te repost un rapport hijackthis
    a b 8 Sécurité
    26 Septembre 2008 22:15:26

    Re,

    Fix la ligne dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    O4 - HKCU\..\Run: [DEFY MAPI] C:\DOCUME~1\yannick\APPLIC~1\BOLTEQ~1\MeowThat.exe
    28 Septembre 2008 19:28:52

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:28:23, on 28/09/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\slserv.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 8124 bytes
    28 Septembre 2008 19:29:19

    oki c'est fait
    a b 8 Sécurité
    28 Septembre 2008 21:36:50

    Tu as encore des soucis ?
    30 Septembre 2008 20:26:13

    bah pour le moment plus aucun je te remercie de ta rapidité et de tes conseils sa à l'air de fonctionner merci merci merci
    30 Septembre 2008 20:27:00

    si je peux faire quelques choses n'hésite pas encore merci de ta disponibilitée
    a b 8 Sécurité
    30 Septembre 2008 21:11:13

    Je pense que c'est ok :) 
    1 Octobre 2008 20:21:27

    encore merci bonne soirée
    a b 8 Sécurité
    1 Octobre 2008 20:27:17

    Bon surf.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS