Hijackthis log please help diagnose

hi jack Messages postés 22 Statut Membre -  
hi jack Messages postés 22 Statut Membre -
Bonjour, c'est mon premier message. je précise que je suis niveau ras les paquerettes en info .
qqun pouraît-il m'aider car une page lost, au démarrage, me gâche la vie depuis qq semaines et je ne sais pas quoi faire.
je me suis enfin décidé à faire ce scan, pour moi c'est une première.
si vs me répondez, merci de rester simple ds vos explications et notament ds les termes utilisés.
voici le rapport
merci à tous
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:10:59, on 09/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\fast.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe
O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Bind Two.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Thunk Mfcd] C:\DOCUME~1\PROPRI~1\APPLIC~1\CDROML~1\Flap Wma.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1757981266-299502267-839522115-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Justine')
O4 - HKUS\S-1-5-21-1757981266-299502267-839522115-1009\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Justine')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1757981266-299502267-839522115-1009 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Justine')
O4 - S-1-5-21-1757981266-299502267-839522115-1009 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Justine')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe

--
End of file - 13990 bytes
Configuration: Windows XP
Firefox 3.0.7e j

28 réponses

  • 1
  • 2
Résumé de la discussion

Une personne débutante en informatique sollicite de l'aide pour une page d'accueil bloquante au démarrage et communique un rapport HijackThis v2.0.2 sur Windows XP SP3, présentant une liste étendue de processus et d’outils. La meilleure réponse indique que le problème semble résolu puisque la fenêtre perdue ne réapparaît plus, mais l’auteur demande où trouver le second rapport AD REMOVER. D'autres échanges proposent des conseils simples, comme sélectionner le texte et le copier-coller pour faciliter le partage, tout en restant clair et utilisable dans les explications. Le log HijackThis détaille de nombreuses entrées d’exécution automatique et des composants potentiellement problématiques (barres d’outils, adware), soulignant la complexité du nettoyage et la nécessité de vérifications complémentaires.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    Bonsoir

    c'est Eorezo qui te fait sa c'est un genre de spyware ne telecharge + rien chez eux si tu ne veut pas que sa recommence mais tu dois aussi avoir des pop up de pub puisque que tu as installé messenger skinner qui t'infecte par navipromo deja pour eorezo, sweetim et companie

    * Télécharge et enregistre le fichier d installation sur ton bureau :

    http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

    * Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( le bureau )

    * Ouvre le dossier Ad-remover présent sur ton bureau, et double clique sur Ad-remover.bat.

    * Au menu principal choisi l'option "A"

    * Poste le rapport qui apparait à la fin.

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note :

    Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis
    entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels
    de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces
    antivirus.
    0
    1. hi jack Messages postés 22 Statut Membre
       
      désolé pour cette longueur mais je ne suis pas très à l aise

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 21:10:59, on 09/03/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16791)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\taskswitch.exe
      C:\WINDOWS\system32\fast.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\WINDOWS\system32\LVCOMSX.EXE
      C:\Program Files\Logitech\Video\LogiTray.exe
      C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
      C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
      C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
      C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\Program Files\EoRezo\EoEngine.exe
      C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Logitech\Video\FxSvr2.exe
      C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
      C:\Program Files\Windows Media Player\WMPNSCFG.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
      C:\Program Files\OpenOffice.org 3\program\soffice.exe
      C:\Program Files\OpenOffice.org 3\program\soffice.bin
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\UPHClean\uphclean.exe
      C:\Program Files\Canon\CAL\CALMAIN.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
      O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
      O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe
      O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
      O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
      O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
      O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
      O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
      O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
      O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
      O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Bind Two.exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
      O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
      O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
      O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
      O4 - HKCU\..\Run: [Thunk Mfcd] C:\DOCUME~1\PROPRI~1\APPLIC~1\CDROML~1\Flap Wma.exe
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-21-1757981266-299502267-839522115-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Justine')
      O4 - HKUS\S-1-5-21-1757981266-299502267-839522115-1009\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Justine')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - S-1-5-21-1757981266-299502267-839522115-1009 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Justine')
      O4 - S-1-5-21-1757981266-299502267-839522115-1009 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Justine')
      O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe
      O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe
      O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
      O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
      O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
      0
  2. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    re

    je vois sa que tu as pas l'air trés a l'aise ^^

    c'est pas le bon rapport, suit les instructions du poste 1 stp :)
    0
  3. hi jack Messages postés 22 Statut Membre
     
    désolé, j'essaie de copier le rapport AD remover mais je n'y arrive pas (pour l'instant ) à chaque fois c'est le premier qui s'y colle !!!
    0
  4. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    selectionne ton texte en le surlignant puis appui sur ctr+c pour copier et ici tu fait ctr+v pour coller
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. hi jack Messages postés 22 Statut Membre
     
    ouf ! une bête, je suis

    ------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------

    Updated by C_XX on 09/03/2009 at 21:20

    Start at: 22:13:45, Lun 09/03/2009 | Boot mode: Normal Boot
    Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
    Computer Name: BOISTEAU-27AF38
    Current User: Propri‚taire - Administrator
    Drive(s):
    - C:\ (File System: NTFS)
    - D:\ (File System: NTFS)
    System Drive: C:\
    Windows Directory: C:\WINDOWS\
    System Directory: C:\WINDOWS\System32\

    --- Running Processes: 88

    +-----------------| Boonty/Boonty Games Elements Found:

    .
    .

    +-----------------| Eorezo Elements Found:

    HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
    HKCR\AppID\EoRezoBHO.DLL
    HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
    HKCU\Software\EoRezo
    HKLM\Software\EoRezo
    HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
    HKLM\Software\Classes\AppID\EoRezoBHO.DLL
    HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\Software\Classes\EoRezoBHO.EoBho
    HKLM\Software\Classes\EoRezoBHO.EoBho.1
    HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Softwarehelper
    .
    C:\Program Files\EoRezo
    C:\Documents and Settings\Propri‚taire\Application Data\EoRezo
    C:\Documents and Settings\Justine\Application Data\Eorezo
    C:\Documents and Settings\Propri‚taire\Application Data\Eorezo
    C:\Documents and Settings\Propri‚taire\Bureau\eorezo.doc
    C:\Documents and Settings\Propri‚taire\Cookies\propri‚taire@ads.eorezo[2].txt
    C:\Documents and Settings\Propri‚taire\Cookies\propri‚taire@dl.eorezo[1].txt
    C:\Documents and Settings\Propri‚taire\Cookies\propri‚taire@eorezo[1].txt
    C:\Documents and Settings\Justine\Cookies\justine@ads.eorezo[2].txt
    C:\Documents and Settings\Justine\Cookies\justine@eorezo[1].txt
    C:\Documents and Settings\Propri‚taire\Cookies\propri‚taire@ads.eorezo[2].txt
    C:\Documents and Settings\Propri‚taire\Cookies\propri‚taire@dl.eorezo[1].txt
    C:\Documents and Settings\Propri‚taire\Cookies\propri‚taire@eorezo[1].txt

    +-----------------| Infected Poker Softwares Elements Found:

    .

    +-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

    .
    .

    +-----------------| It's TV Elements Found:

    .

    +-----------------| Sweetim Elements Found:

    HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    HKCR\CLSID\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
    HKCR\MgMediaPlayer.GifAnimator
    HKCR\MgMediaPlayer.GifAnimator.1
    HKCR\SWEETIE.IEToolbar
    HKCR\SWEETIE.IEToolbar.1
    HKCR\SWEETIE.SWEETIE
    HKCR\SWEETIE.SWEETIE.1
    HKCR\ToolBand.SWEETIE
    HKCR\ToolBand.SWEETIE.1
    HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
    HKCU\Software\SWEETIE
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
    HKLM\Software\Classes\MgMediaPlayer.GifAnimator
    HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1
    HKLM\Software\Classes\SWEETIE.IEToolbar
    HKLM\Software\Classes\SWEETIE.IEToolbar.1
    HKLM\Software\Classes\SWEETIE.SWEETIE
    HKLM\Software\Classes\SWEETIE.SWEETIE.1
    HKLM\Software\Classes\ToolBand.SWEETIE
    HKLM\Software\Classes\ToolBand.SWEETIE.1
    HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
    HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    HKLM\Software\Classes\CLSID\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
    HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
    HKLM\Software\Macrogaming
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{502358FB-0718-45BC-B142-7511F1694D58}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Sweetim
    HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKCR\Installer\Products\BF8532058170CB541B2457111F96D485
    HKLM\Software\Classes\Installer\Products\BF8532058170CB541B2457111F96D485
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\BF8532058170CB541B2457111F96D485
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
    .
    C:\WINDOWS\Installer\673cb9.msi
    C:\WINDOWS\Installer\673cbf.msi
    C:\Program Files\Macrogaming
    C:\WINDOWS\Prefetch\SWEETIM.EXE-2E64256A.pf
    C:\Documents and Settings\Propri‚taire\Cookies\propri‚taire@www.sweetim[2].txt

    +-----------------| Other Adwares Found:

    .
    .

    +-----------------| Added Scan:

    ---- Mozilla FireFox Version 3.0.7 ----

    ProfilePath: 9s2n1vij.default
    .
    .
    (Prefs.js) FOUND: user_pref("browser.startup.homepage", "http://y.lo.st");
    .
    .
    (Invalidprefs.js) FOUND: user_pref("browser.startup.homepage", "http://y.lo.st");
    .
    .

    ---- Internet Explorer Version 7.0.5730.11 ----

    +-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Search Page: hxxp://recherche.neuf.fr/
    Start page: hxxp://y.lo.st

    +-[HKEY_USERS\S-1-5-21-1757981266-299502267-839522115-1003\..\Internet Explorer\Main]

    Search Page: hxxp://recherche.neuf.fr/
    Start page: hxxp://y.lo.st

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.google.com
    Default_Search_URL: hxxp://recherche.neuf.fr/
    Search bar: hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start page: hxxp://www.google.com

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://y.lo.st

    +---------------------------------------------------------------------------+

    10249 Byte(s) - C:\Ad-Report-Scan-09.03.2009.log

    0 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
    0 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

    Before run: 134,064,783,360 Byte(s) free
    After run: Byte(s) free

    End at: 22:15:02 | 09/03/2009
    .
    +-----------------| E.O.F - 166 Lines
    .
    0
  7. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    ! Déconnectes toi et fermes toutes applications en cours !

    * Relances "Ad-remover" : au menu principal choisi l'option "B" .
    * Coche à l'écran de sélection :

    2. Suppression Eorezo
    6. Suppression Sweetim

    * Tape les chiffre correspondant à la suppression demandée et valide par ENTER pour les cocher.
    * Puis choisi "S" , le programme va travailler,
    * Postes le rapport qui apparait à la fin.

    ( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

    (CTRL A Pour tout selectionner , CTRL C pour copier et CTRL V pour coller )

    /!\ Si le Bureau ne réapparait pas presse Ctrl Alt Suppr , Onglet "Fichier" , "Nouvelle tâche", tapes explorer.exe et valides)
    0
    1. hi jack Messages postés 22 Statut Membre
       
      plopus, je crois que ça a marché, je n'ai plus cette fenêtre lost mais le 2eme rapport AD REMOVER ? je ne sais pas où le chercher pour te l'envoyer.
      Mille merci
      0
  8. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    le rapport est sauvegardé aussi sous C:\Ad-report(date).log

    ben voui la page c'est bon parcontre c'est pas fini la desinfection :)
    0
    1. hi jack Messages postés 22 Statut Membre
       
      Salut Plopus, j'en ai refais un aujourd'hui, j'espère que ça ira.
      Encore merci pour ton aide






      ------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------

      Updated by C_XX on 09/03/2009 at 21:20

      **** LIMITED TO ****

      Eorezo
      Sweetim

      ********************

      Start at: 16:42:46, Mar 10/03/2009 | Boot mode: Normal Boot
      Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
      Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
      Computer Name: BOISTEAU-27AF38
      Current User: Propri‚taire - Administrator
      Drive(s):
      - C:\ (File System: NTFS)
      - D:\ (File System: NTFS)
      System Drive: C:\
      Windows Directory: C:\WINDOWS\
      System Directory: C:\WINDOWS\System32\

      --- Running Processes: 57

      (!) ---- IE start pages/Tabs reset

      +-----------------| Eorezo Elements Deleted :

      .

      +-----------------| Sweetim Elements Deleted :

      .
      C:\Program Files\Macrogaming

      (!) ---- Temp files deleted.
      (!) ---- Recycle bin emptied in all drives.


      +-----------------| Added Scan :

      ---- Mozilla FireFox Version 3.0.7 ----

      ProfilePath: 9s2n1vij.default
      .
      .
      .
      .
      0
  9. hi jack Messages postés 22 Statut Membre
     
    virus/ sécurité
    C'est la suite de mon message d'hier;
    y a t-il quelqu'un qui peut m'aider ?
    Merci
    0
  10. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    oups je t'avais oublié ^^

    Télécharge Random's System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.
    http://images.malwareremoval.com/random/RSIT.exe
    Clique sur Continue
    Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront poste les 2 rapports SEPAREMENT
    0
    1. hi jack Messages postés 22 Statut Membre
       
      --
      Salut à toi, ô sentinelle du Net,veillant l'oeil acéré sur la toile fragile !

      voilà le premier
      Logfile of random's system information tool 1.05 (written by random/random)
      Run by Propriétaire at 2009-03-10 21:25:13
      Microsoft Windows XP Édition familiale Service Pack 3
      System drive C: has 128 GB (80%) free of 160 GB
      Total RAM: 1022 MB (55% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 21:25:27, on 10/03/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16791)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\UPHClean\uphclean.exe
      C:\WINDOWS\system32\taskswitch.exe
      C:\WINDOWS\system32\fast.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\WINDOWS\system32\LVCOMSX.EXE
      C:\Program Files\Logitech\Video\LogiTray.exe
      C:\Program Files\Canon\CAL\CALMAIN.exe
      C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
      C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
      C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
      C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\Program Files\Logitech\Video\FxSvr2.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Windows Media Player\WMPNSCFG.exe
      C:\Program Files\OpenOffice.org 3\program\soffice.exe
      C:\Program Files\OpenOffice.org 3\program\soffice.bin
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
      C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
      C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
      O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe
      O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
      O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
      O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
      O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
      O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
      O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
      O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
      O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Bind Two.exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
      O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
      O4 - HKCU\..\Run: [Thunk Mfcd] C:\DOCUME~1\PROPRI~1\APPLIC~1\CDROML~1\Flap Wma.exe
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe
      O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe
      O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
      O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
      O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
      0
  11. hi jack Messages postés 22 Statut Membre
     
    --
    Salut à toi, ô sentinelle du Net,veillant l'oeil acéré sur la toile fragile !
    voila le deuxième
    info.txt logfile of random's system information tool 1.05 2009-03-10 21:25:29

    ======Uninstall list======

    -->C:\PROGRA~1\Yahoo!\Common\unyt.exe
    -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749}
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
    -->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
    -->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
    -->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
    -->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    -->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
    -->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749}
    -->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    -->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
    -->MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
    -->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}
    -->MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}
    -->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe Acrobat 4.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.dll"
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe PhotoDeluxe Home Edition 4.0-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Adobe\PhotoDeluxe Home Edition 4.0\Uninst.isu"
    Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Ad-remover-->C:\Program Files\Ad-remover\Uninstall ADR.exe
    Alexandra Ledermann 7-->C:\Program Files\UbiSoft\Lexis Numérique\Alexandra Ledermann 7\Desinst.exe
    AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
    Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
    Canon G.726 WMP-Decoder-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
    CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
    Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
    Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
    Canon MP Navigator 3.0-->"C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.0\uninst.ini
    Canon MP510-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510 /L0x000c
    Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
    Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
    Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
    Canon Utilities CameraWindow DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini"
    Canon Utilities CameraWindow-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
    Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
    Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
    Canon Utilities MyCamera DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCameraDC\Uninst.ini"
    Canon Utilities MyCamera-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini"
    Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
    Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
    Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
    Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini"
    CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
    CloneCD-->"C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD"
    CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    dBpowerAMP Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
    DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Encyclopédie Microsoft Encarta 99-->RunDll32 C:\PROGRA~1\MIE1DB~1\ENCYCL~1\UNENC99.DLL,Uninstall C:\PROGRA~1\MIE1DB~1\ENCYCL~1\SETUP99F\INST99F.LOG
    Enregistrement utilisateur de Canon MP510-->C:\Program Files\Canon\IJEREG\MP510\UNINST.EXE
    EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
    FairStars Audio Converter 1.46-->"C:\Program Files\FairStars Audio Converter\unins000.exe"
    Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
    Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
    HijackThis 2.0.2-->"C:\Documents and Settings\Propriétaire\Local Settings\Temp\wz0eb5\HijackThis.exe" /uninstall
    IncrediMail Xe-->C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log
    InterVideo DVDCopy5-->"C:\Program Files\InstallShield Installation Information\{C167A588-87AA-47BF-A88E-5B0F9A14480D}\setup.exe" --u:{C167A588-87AA-47BF-A88E-5B0F9A14480D}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
    Kit de connexion ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B0C5783F-AB91-460B-8238-BD9A8F6346D3}\setup.exe" -l0x40c -eth
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
    LimeWire 4.18.6-->"C:\Program Files\LimeWire\uninstall.exe"
    Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
    Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
    Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly
    Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
    Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    MessengerSkinner-->C:\Program Files\MessengerSkinner\uninst.exe
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
    Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
    Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
    Microsoft Calculatrice Plus-->MsiExec.exe /I{13922F10-BD74-4912-AB11-E34B35062700}
    Microsoft Color Control Panel Applet for Windows XP-->MsiExec.exe /X{CE378F36-E404-4244-A33F-F50A2A6D31BD}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft RAW Image Thumbnailer and Viewer for Windows XP Version 1.0 (Build 50)-->MsiExec.exe /X{2E5A5B57-57FC-4C79-A239-9DB280ADEC2A}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
    Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{1787603C-E6E3-42D4-8034-55F358486F1D}
    Nero 8-->MsiExec.exe /X{DFA4CA5A-D073-4964-B8F5-778612851036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
    NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585}
    OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    PhotoFiltre-->"C:\Documents and Settings\Propriétaire\Bureau\PhotoFiltre\Uninst.exe"
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    Powertoys FR Pour Windows XP-->C:\WINDOWS\system32\ptoys-uninst.exe
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    Realtek AC'97 Audio-->Alcrmv.exe -r -m
    River Past Audio Converter Pro-->C:\WINDOWS\Audio Converter Pro Uninstaller.exe
    Roxio Easy Media Creator 9 Suite-->MsiExec.exe /I{938B1CD7-7C60-491E-AA90-1F1888168240}
    Sandlot Games Client Services 1.2.2-->"C:\Program Files\Fichiers communs\Sandlot Shared\unins000.exe"
    ScanSoft OmniPage SE 4.0-->MsiExec.exe /I{29D851C2-048C-4B5E-8D1F-25D473342BB5}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Excel 2007 (KB936509)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A00724F5-82C4-4924-B707-0E5A84B52471}
    Security Update for Office 2007 (KB934062)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
    Security Update for Office 2007 (KB936514)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C7A78F7F-EF32-4477-BAD7-3439EA7571BF}
    Security Update for Publisher 2007 (KB936646)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A32E4BAF-6477-45FA-B8AB-E743FA8D63FF}
    Security Update for the 2007 Microsoft Office System (KB936960)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
    SightSpeed (remove only)-->"C:\Program Files\SightSpeed\uninst.exe"
    Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    Update for Office 2007 (KB932080)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
    Update for Office 2007 (KB934391)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
    Update for Office 2007 (KB934393)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
    Update for Outlook 2007 (KB937608)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CBB2454D-193F-4523-8A31-FEB343B7C30E}
    Update for Outlook 2007 Junk Email Filter (kb943559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {2BE2B020-CE6A-4AD1-8291-2B881CF923B6}
    Update for Word 2007 (KB934173)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
    User Profile Hive Cleanup Service-->MsiExec.exe /I{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
    VirtualCloneDrive-->"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive"
    Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
    WinAce Archiver 2.0-->C:\Program Files\WinAce\SXUNINST.EXE C:\Program Files\WinAce\SXUNINST.INI
    Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
    Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
    Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
    Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
    Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
    Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\WINDOWS\cache\YINSTH~1.DLL
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

    ======Hosts File======

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

    ======Security center information======

    AV: avast! antivirus 4.8.1229 [VPS 090306-0]

    System event log

    Computer Name: BOISTEAU-27AF38
    Event Code: 7036
    Message: Le service Carte de performance WMI est entré dans l'état : arrêté.

    Record Number: 95757
    Source Name: Service Control Manager
    Time Written: 20090219113432.000000+060
    Event Type: Informations
    User:

    Computer Name: BOISTEAU-27AF38
    Event Code: 7036
    Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.

    Record Number: 95756
    Source Name: Service Control Manager
    Time Written: 20090219113432.000000+060
    Event Type: Informations
    User:

    Computer Name: BOISTEAU-27AF38
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI.

    Record Number: 95755
    Source Name: Service Control Manager
    Time Written: 20090219113432.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: BOISTEAU-27AF38
    Event Code: 7036
    Message: Le service Windows Installer est entré dans l'état : en cours d'exécution.

    Record Number: 95754
    Source Name: Service Control Manager
    Time Written: 20090219113432.000000+060
    Event Type: Informations
    User:

    Computer Name: BOISTEAU-27AF38
    Event Code: 7036
    Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.

    Record Number: 95753
    Source Name: Service Control Manager
    Time Written: 20090219113432.000000+060
    Event Type: Informations
    User:

    Application event log

    Computer Name: BOISTEAU-27AF38
    Event Code: 1001
    Message: User profile hive cleanup service version 1.6.30.0 started successfully.

    Record Number: 58313
    Source Name: UPHClean
    Time Written: 20090217162708.000000+060
    Event Type: Informations
    User:

    Computer Name: BOISTEAU-27AF38
    Event Code: 0
    Message:
    Record Number: 58312
    Source Name: RoxSniffer9
    Time Written: 20090217162708.000000+060
    Event Type: Informations
    User:

    Computer Name: BOISTEAU-27AF38
    Event Code: 0
    Message:
    Record Number: 58311
    Source Name: RoxLiveShare9
    Time Written: 20090217162708.000000+060
    Event Type: Informations
    User:

    Computer Name: BOISTEAU-27AF38
    Event Code: 0
    Message:
    Record Number: 58310
    Source Name: RoxLiveShare9
    Time Written: 20090217162708.000000+060
    Event Type: Informations
    User:

    Computer Name: BOISTEAU-27AF38
    Event Code: 1001
    Message: Échec de détection du produit '{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}', fonctionnalité 'SoleFeature' lors de la demande du composant '{3E97692A-C113-4135-96B7-39865124B03C}'

    Record Number: 58309
    Source Name: MsiInstaller
    Time Written: 20090217162708.000000+060
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;C:\Program Files\Fichiers communs\Roxio Shared\9.0\DLLShared\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
    "PROCESSOR_REVISION"=0f06
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\9.0\Roxio Central33\

    -----------------EOF-----------------
    0
  12. hi jack Messages postés 22 Statut Membre
     
    Ben, y a plus personne pour donner suite à ce message ? Ou bien, je ne fais pas ce qu'il faut?
    Hi Jack
    0
  13. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    erff mes messages ont pas trop envie de passer sur ton sujet, je sais pas pourquoi ....

    * Télécharger et enregistrer lopSD sur ton bureau https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    (c est le numéro 4 en bas de la page) :
    * Double-clic Lop S&D
    * Faire l'installation
    * Fermer toutes les applications
    * Le lancer par un double-clic sur le raccourci qui est sur le bureau

    * Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur
    * Taper F pour français , puis presser entrée
    * Taper 1
    * Presser Entrée
    * Le PC va redémarrer

    * Note= si l'antivirus annonce une infection dans TEMP , l'ignorer
    * Attendre l'apparition du rapport
    * Copier le rapport et le coller dans la réponse

    * le rapport se trouve aussi à C:\lopR

    puis

    * Télécharge sur le bureau Navilog1 http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    * Si ton antivirus s'affole , le désactiver
    * sous vista : Clic-droit sur le raccourci Navilog1 présent sur le bureau et choisis "Exécuter en tant qu'administrateur
    * sous XP : double-clic dessus pour l'installer et le lancer
    * taper F
    * Appuyer sur une touche jusqu' arriver aux options
    * Choisir Recherche ( = taper 1 )

    ne pas utiliser les autres sans avis , il peut y avoir des processus légitimes
    * un rapport : fixnavi.txt dans ==> C :
    * le copier et le coller dans la réponse

    donc ces 2 fix servent a supprimer les infections de pop up dont tu es victime :

    Cette infection provient après l'installation d'un de ces programmes piégés :

    * go-astro
    * GoRecord
    * HotTVPlayer
    * MailSkinner
    * Messenger Skinner
    * Instant Access
    * InternetGameBox
    * Officiale Emule (Version d'Emule modifiée)
    * Sudoplanet
    * Webmediaplayer
    * Sur le site www.games-desktop.com (n'allez pas dessus!!)
    * BitDownload
    * BitGrabber
    * BitRoll
    * MessengerPlus! 3 sous le nom de sponsors
    * Messenger Plus! Live sous le nom de sponsors
    * NetPumper
    * TorrentQ
    * Torrent101

    Si vous avez installé un de ces programmes, vous êtes certainement infectés.. et les popups de pubs proviennent de cette infection.
    0
    1. hi jack Messages postés 22 Statut Membre
       
      ca a été " un peu" long mais la vie continue par ailleurs !
      voici les rapports

      --------------------\\ Lop S&D 4.2.5-0 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
      BIOS : Phoenix - AwardBIOS v6.00PG
      USER : Propriétaire ( Administrator )
      BOOT : Normal boot
      Antivirus : avast! antivirus 4.8.1229 [VPS 090306-0] 4.8.1229 (Activated)
      A:\ (USB)
      C:\ (Local Disk) - NTFS - Total:156 Go (Free:125 Go)
      D:\ (Local Disk) - NTFS - Total:141 Go (Free:137 Go)
      E:\ (CD or DVD)
      F:\ (CD or DVD)
      G:\ (USB)
      H:\ (USB)
      I:\ (USB)
      J:\ (USB)

      "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
      Option : [1] ( 12/03/2009|16:33 )

      --------------------\\ Listing des dossiers dans APPLIC~1

      [10/11/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
      [15/02/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
      [27/01/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
      [11/04/2008|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
      [27/01/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
      [30/12/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
      [11/03/2009|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
      [27/01/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
      [08/03/2009|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
      [21/07/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
      [21/07/2007|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
      [06/01/2008|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
      [07/03/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
      [18/02/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
      [17/04/2008|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
      [14/02/2007|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
      [02/02/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G4
      [16/02/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
      [17/06/2007|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
      [27/01/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
      [31/05/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
      [16/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
      [06/03/2009|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
      [11/11/2007|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
      [27/01/2007|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
      [03/03/2007|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
      [04/07/2007|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
      [16/04/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
      [13/11/2007|07:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
      [02/03/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
      [11/07/2008|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

      [12/11/2007|17:27] C:\DOCUME~1\COMPTE~1\APPLIC~1\Roxio

      [06/02/2008|13:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
      [12/12/2007|16:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

      [17/11/2007|07:53] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
      [17/11/2007|07:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
      [17/11/2007|07:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Logitech
      [15/02/2008|20:00] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
      [17/11/2007|07:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Roxio
      [17/11/2007|07:53] C:\DOCUME~1\INVIT~1\APPLIC~1\SlySoft

      [07/02/2008|18:07] C:\DOCUME~1\JuJu\APPLIC~1\Roxio

      [26/06/2008|17:00] C:\DOCUME~1\Justine\APPLIC~1\Adobe
      [25/02/2009|16:07] C:\DOCUME~1\Justine\APPLIC~1\Canon
      [15/01/2008|07:43] C:\DOCUME~1\Justine\APPLIC~1\Google
      [06/01/2008|17:31] C:\DOCUME~1\Justine\APPLIC~1\Identities
      [06/01/2008|17:44] C:\DOCUME~1\Justine\APPLIC~1\Macromedia
      [17/01/2009|22:57] C:\DOCUME~1\Justine\APPLIC~1\Microsoft
      [10/09/2008|16:52] C:\DOCUME~1\Justine\APPLIC~1\Mozilla
      [24/04/2008|09:40] C:\DOCUME~1\Justine\APPLIC~1\Nero
      [23/02/2009|21:51] C:\DOCUME~1\Justine\APPLIC~1\OpenOffice.org
      [07/04/2008|14:56] C:\DOCUME~1\Justine\APPLIC~1\Roxio
      [14/07/2008|14:01] C:\DOCUME~1\Justine\APPLIC~1\Skype
      [06/01/2008|20:16] C:\DOCUME~1\Justine\APPLIC~1\SlySoft
      [03/05/2008|10:58] C:\DOCUME~1\Justine\APPLIC~1\Sun
      [17/07/2008|18:27] C:\DOCUME~1\Justine\APPLIC~1\Talkback
      [04/03/2009|18:57] C:\DOCUME~1\Justine\APPLIC~1\Windows Live Writer
      [07/04/2008|17:14] C:\DOCUME~1\Justine\APPLIC~1\Yahoo!
      [16/07/2008|19:52] C:\DOCUME~1\Justine\APPLIC~1\ZoomBrowser EX

      [15/02/2008|20:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
      [01/12/2007|20:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\PhotoParade
      [16/02/2007|19:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Roxio

      [15/02/2008|20:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
      [14/11/2007|17:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Roxio

      [27/01/2007|15:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
      [07/11/2007|14:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
      [06/02/2007|16:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
      [21/02/2009|09:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\CameraWindowDC
      [18/02/2009|22:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Canon
      [21/02/2009|09:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\CANON INC
      [11/04/2008|19:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Cdrom List
      [09/02/2007|13:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink
      [16/02/2007|21:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Elaborate Bytes
      [17/05/2007|11:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\eMule
      [27/01/2007|17:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
      [14/10/2007|09:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
      [11/11/2007|08:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
      [27/01/2007|01:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
      [21/07/2007|10:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
      [23/02/2009|12:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intelore
      [30/01/2009|22:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
      [21/07/2007|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
      [30/01/2007|18:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
      [07/03/2009|16:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
      [17/04/2008|14:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
      [10/09/2008|11:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
      [17/04/2008|00:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nero
      [23/02/2009|19:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org
      [02/02/2007|21:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\River Past G4
      [16/02/2007|19:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Roxio
      [27/01/2007|17:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\ScanSoft
      [31/01/2007|18:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
      [01/02/2009|11:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
      [01/02/2009|08:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM
      [25/06/2007|19:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
      [02/03/2008|10:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Yahoo!
      [21/02/2009|09:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\ZoomBrowser EX

      --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

      [12/03/2009 12:00][--ah-----] C:\WINDOWS\tasks\ADBEAFE591A12675.job
      [12/03/2009 12:11][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
      [12/03/2009 16:23][--ah-----] C:\WINDOWS\tasks\SA.DAT
      [02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

      ( ADBEAFE591A12675.job )=( c:\docume~1\propri~1\applic~1\cdroml~1\Uploadarmympeg.exe )

      --------------------\\ Listing des dossiers dans C:\Program Files

      [10/11/2008|12:14] C:\Program Files\Adobe
      [10/03/2009|16:40] C:\Program Files\Ad-remover
      [16/02/2007|18:39] C:\Program Files\Ahead
      [11/11/2007|07:51] C:\Program Files\Alwil Software
      [27/01/2007|17:30] C:\Program Files\ArcSoft
      [27/01/2007|11:39] C:\Program Files\AvRack
      [11/07/2008|18:08] C:\Program Files\Canon
      [27/01/2007|17:26] C:\Program Files\CanonBJ
      [27/02/2008|13:20] C:\Program Files\Cdrom List
      [11/04/2008|17:59] C:\Program Files\Circle Developement
      [27/01/2007|01:34] C:\Program Files\ComPlus Applications
      [27/01/2007|12:01] C:\Program Files\CyberLink
      [16/02/2007|19:23] C:\Program Files\DivX
      [01/02/2008|12:31] C:\Program Files\EA GAMES
      [16/02/2007|20:21] C:\Program Files\Elaborate Bytes
      [09/12/2008|09:10] C:\Program Files\eMule
      [17/04/2008|00:03] C:\Program Files\EPSON
      [02/02/2007|21:17] C:\Program Files\FairStars Audio Converter
      [10/03/2009|22:08] C:\Program Files\Fichiers communs
      [17/04/2008|00:25] C:\Program Files\Foxit Software
      [08/12/2007|08:54] C:\Program Files\Gamenext
      [30/12/2008|15:33] C:\Program Files\Google
      [27/01/2007|12:02] C:\Program Files\Grisoft
      [02/02/2007|21:06] C:\Program Files\Illustrate
      [30/03/2007|19:44] C:\Program Files\IncrediMail
      [17/04/2008|14:51] C:\Program Files\InstallShield Installation Information
      [04/12/2007|07:33] C:\Program Files\InterActual
      [14/02/2009|22:57] C:\Program Files\Internet Explorer
      [16/02/2007|20:28] C:\Program Files\InterVideo
      [17/12/2008|08:22] C:\Program Files\Java
      [23/02/2009|18:59] C:\Program Files\JRE
      [17/04/2008|14:51] C:\Program Files\Kit ADSL
      [08/03/2009|09:56] C:\Program Files\Lavasoft
      [18/01/2009|19:46] C:\Program Files\LimeWire
      [21/07/2007|10:23] C:\Program Files\Logitech
      [18/01/2009|19:46] C:\Program Files\Messenger
      [04/01/2009|19:21] C:\Program Files\Messenger Plus! Live
      [02/03/2008|12:35] C:\Program Files\MessengerPlus! 3
      [07/03/2009|16:30] C:\Program Files\MessengerSkinner
      [27/01/2007|10:32] C:\Program Files\Microsoft Calculatrice Plus
      [09/05/2007|20:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [27/01/2007|01:38] C:\Program Files\microsoft frontpage
      [02/02/2007|18:07] C:\Program Files\Microsoft Office
      [12/02/2007|14:54] C:\Program Files\Microsoft R‚f‚rence
      [10/11/2007|12:37] C:\Program Files\Microsoft SQL Server Compact Edition
      [02/02/2007|18:07] C:\Program Files\Microsoft Visual Studio
      [02/02/2007|18:05] C:\Program Files\Microsoft Visual Studio 8
      [02/02/2007|18:07] C:\Program Files\Microsoft Works
      [02/02/2007|18:06] C:\Program Files\Microsoft.NET
      [13/10/2008|16:51] C:\Program Files\Movie Maker
      [12/03/2009|16:30] C:\Program Files\Mozilla Firefox
      [24/07/2007|10:38] C:\Program Files\MSBuild
      [27/01/2007|01:32] C:\Program Files\MSN
      [27/01/2007|01:33] C:\Program Files\MSN Gaming Zone
      [04/07/2007|20:31] C:\Program Files\MSN Messenger
      [27/01/2007|10:38] C:\Program Files\MSXML 4.0
      [24/07/2007|10:40] C:\Program Files\MSXML 6.0
      [24/11/2007|06:28] C:\Program Files\Musicmatch
      [17/04/2008|00:47] C:\Program Files\Nero
      [13/10/2008|16:49] C:\Program Files\NetMeeting
      [16/04/2008|22:05] C:\Program Files\Neuf
      [27/01/2007|01:33] C:\Program Files\Online Services
      [23/02/2009|18:59] C:\Program Files\OpenOffice.org 3
      [13/10/2008|16:49] C:\Program Files\Outlook Express
      [11/11/2007|08:34] C:\Program Files\Papeterie
      [27/01/2007|10:37] C:\Program Files\Pro Imaging Powertoys
      [27/01/2007|11:39] C:\Program Files\Realtek AC97
      [27/01/2007|11:39] C:\Program Files\Realtek Sound Manager
      [24/07/2007|10:35] C:\Program Files\Reference Assemblies
      [02/02/2007|21:10] C:\Program Files\River Past
      [20/02/2007|12:26] C:\Program Files\Roxio
      [27/01/2007|17:33] C:\Program Files\ScanSoft
      [27/01/2007|01:36] C:\Program Files\Services en ligne
      [16/02/2007|19:26] C:\Program Files\SightSpeed
      [01/02/2009|09:21] C:\Program Files\Skype
      [02/02/2007|19:27] C:\Program Files\SlySoft
      [07/03/2009|16:30] C:\Program Files\Spybot - Search & Destroy
      [06/11/2007|18:45] C:\Program Files\Thomson
      [16/02/2009|17:58] C:\Program Files\Trend Micro
      [31/01/2007|18:21] C:\Program Files\UbiSoft
      [27/01/2007|01:44] C:\Program Files\Uninstall Information
      [27/01/2007|10:37] C:\Program Files\UPHClean
      [27/01/2007|10:09] C:\Program Files\VIA
      [11/11/2007|08:14] C:\Program Files\WinAce
      [27/01/2007|10:33] C:\Program Files\Windows Journal Viewer
      [27/02/2008|23:27] C:\Program Files\Windows Live
      [18/01/2009|19:46] C:\Program Files\Windows Live Toolbar
      [18/01/2009|19:46] C:\Program Files\Windows Media Connect 2
      [18/01/2009|19:46] C:\Program Files\Windows Media Player
      [13/10/2008|16:49] C:\Program Files\Windows NT
      [27/01/2007|01:36] C:\Program Files\WindowsUpdate
      [02/02/2007|18:26] C:\Program Files\WinRAR
      [16/04/2008|23:32] C:\Program Files\WinZip
      [27/01/2007|01:38] C:\Program Files\xerox
      [02/03/2008|10:28] C:\Program Files\Yahoo!

      --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

      [10/11/2008|12:14] C:\Program Files\Fichiers communs\Adobe
      [17/04/2008|00:36] C:\Program Files\Fichiers communs\Ahead
      [11/07/2008|18:05] C:\Program Files\Fichiers communs\Canon
      [02/02/2007|18:07] C:\Program Files\Fichiers communs\DESIGNER
      [02/02/2007|21:01] C:\Program Files\Fichiers communs\FotoNation
      [27/01/2007|17:10] C:\Program Files\Fichiers communs\FotoWire
      [27/01/2007|17:33] C:\Program Files\Fichiers communs\InstallShield
      [14/05/2007|22:21] C:\Program Files\Fichiers communs\Java
      [21/07/2007|10:23] C:\Program Files\Fichiers communs\Logitech
      [07/03/2009|17:10] C:\Program Files\Fichiers communs\Microsoft Shared
      [27/01/2007|01:35] C:\Program Files\Fichiers communs\MSSoap
      [17/04/2008|00:49] C:\Program Files\Fichiers communs\Nero
      [27/01/2007|10:36] C:\Program Files\Fichiers communs\Nikon
      [27/01/2007|01:48] C:\Program Files\Fichiers communs\ODBC
      [02/02/2007|21:10] C:\Program Files\Fichiers communs\River Past
      [16/02/2007|19:24] C:\Program Files\Fichiers communs\Roxio Shared
      [24/07/2007|10:05] C:\Program Files\Fichiers communs\Sandlot Shared
      [27/01/2007|17:33] C:\Program Files\Fichiers communs\ScanSoft Shared
      [27/01/2007|01:35] C:\Program Files\Fichiers communs\Services
      [16/02/2007|19:23] C:\Program Files\Fichiers communs\SightSpeed
      [31/05/2008|11:02] C:\Program Files\Fichiers communs\Skype
      [04/12/2007|18:15] C:\Program Files\Fichiers communs\Softwin
      [16/02/2007|19:27] C:\Program Files\Fichiers communs\Sonic Shared
      [27/01/2007|01:48] C:\Program Files\Fichiers communs\SpeechEngines
      [16/02/2007|19:27] C:\Program Files\Fichiers communs\SureThing Shared
      [08/02/2007|16:51] C:\Program Files\Fichiers communs\SWF Studio
      [13/10/2008|16:48] C:\Program Files\Fichiers communs\System
      [10/11/2007|12:28] C:\Program Files\Fichiers communs\WindowsLiveInstaller

      --------------------\\ Process

      ( 54 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
      C:\DOCUME~1\PROPRI~1\APPLIC~1\cdroml~1
      C:\Program Files\cdroml~1
      C:\Program Files\Circle Developement
      C:\WINDOWS\Tasks\ADBEAFE591A12675.job

      --------------------\\ Verification du Registre

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Thunk Mfcd"="C:\\DOCUME~1\\PROPRI~1\\APPLIC~1\\CDROML~1\\Flap Wma.exe"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Base frag grid bows"="C:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\Bind Two.exe"

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts MODIFIE

      127.0.0.1 bin.errorprotector.com ## added by CiD
      127.0.0.1 br.errorsafe.com ## added by CiD
      127.0.0.1 br.winantivirus.com ## added by CiD
      127.0.0.1 br.winfixer.com ## added by CiD
      127.0.0.1 cdn.drivecleaner.com ## added by CiD
      127.0.0.1 cdn.errorsafe.com ## added by CiD
      127.0.0.1 cdn.winsoftware.com ## added by CiD
      127.0.0.1 de.errorsafe.com ## added by CiD
      127.0.0.1 de.winantivirus.com ## added by CiD
      127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
      127.0.0.1 download.cdn.errorsafe.com ## added by CiD
      127.0.0.1 download.cdn.winsoftware.com ## added by CiD
      127.0.0.1 download.errorsafe.com ## added by CiD
      127.0.0.1 download.systemdoctor.com ## added by CiD
      127.0.0.1 download.winantispyware.com ## added by CiD
      127.0.0.1 download.windrivecleaner.com ## added by CiD
      127.0.0.1 download.winfixer.com ## added by CiD
      127.0.0.1 drivecleaner.com ## added by CiD
      127.0.0.1 dynamique.drivecleaner.com ## added by CiD
      127.0.0.1 errorprotector.com ## added by CiD
      127.0.0.1 errorsafe.com ## added by CiD
      127.0.0.1 es.winantivirus.com ## added by CiD
      127.0.0.1 fr.winantivirus.com ## added by CiD
      127.0.0.1 fr.winfixer.com ## added by CiD
      127.0.0.1 go.drivecleaner.com ## added by CiD
      127.0.0.1 go.errorsafe.com ## added by CiD
      127.0.0.1 go.winantispyware.com ## added by CiD
      127.0.0.1 go.winantivirus.com ## added by CiD
      127.0.0.1 hk.winantivirus.com ## added by CiD
      127.0.0.1 instlog.errorsafe.com ## added by CiD
      127.0.0.1 instlog.winantivirus.com ## added by CiD
      127.0.0.1 instlog.winfixer.com ## added by CiD
      127.0.0.1 jsp.drivecleaner.com ## added by CiD
      127.0.0.1 kb.errorsafe.com ## added by CiD
      127.0.0.1 kb.winantivirus.com ## added by CiD
      127.0.0.1 nl.errorsafe.com ## added by CiD
      127.0.0.1 se.errorsafe.com ## added by CiD
      127.0.0.1 secure.drivecleaner.com ## added by CiD
      127.0.0.1 secure.errorsafe.com ## added by CiD
      127.0.0.1 secure.winantispam.com ## added by CiD
      127.0.0.1 secure.winantispy.com ## added by CiD
      127.0.0.1 secure.winantivirus.com ## added by CiD
      127.0.0.1 support.winantivirus.com ## added by CiD
      127.0.0.1 trial.updates.winsoftware.com ## added by CiD
      127.0.0.1 ulog.winantivirus.com ## added by CiD
      127.0.0.1 utils.errorsafe.com ## added by CiD
      127.0.0.1 utils.winantivirus.com ## added by CiD
      127.0.0.1 utils.winfixer.com ## added by CiD
      127.0.0.1 winantispyware.com ## added by CiD
      127.0.0.1 winantivirus.com ## added by CiD
      127.0.0.1 winfixer.com ## added by CiD
      127.0.0.1 winfixer2006.com ## added by CiD
      127.0.0.1 winsoftware.com ## added by CiD
      127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
      127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
      127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
      127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
      127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
      127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
      127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
      127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
      127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
      127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
      127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
      127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
      127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
      127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
      127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
      127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
      127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

      -> 10454 [ 70 ## added by CiD ]

      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-03-12 16:34:31
      Windows 5.1.2600 Service Pack 3 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 374

      --------------------\\ Recherche d'autres infections

      C:\Program Files\MessengerSkinner
      C:\Program Files\MessengerSkinner\download
      C:\Program Files\MessengerSkinner\MessengerSkinnerDll.dll
      C:\Program Files\MessengerSkinner\resources
      C:\Program Files\MessengerSkinner\uninst.exe
      C:\Program Files\MessengerSkinner\updates
      C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
      C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner\Userdata
      C:\WINDOWS\System32\nvs2.inf

      C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene.dat
      C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene_nav.dat
      C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene_navps.dat
      [b]==> EGDACCESS <==/b



      [F:13][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
      [F:17][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
      [F:2][D:13]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

      1 - "C:\Lop SD\LopR_1.txt" - 12/03/2009|16:35 - Option : [1]

      --------------------\\ Fin du rapport a 16:35:35
      Et le Navifix
      --------------------\\ Lop S&D 4.2.5-0 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
      BIOS : Phoenix - AwardBIOS v6.00PG
      USER : Propriétaire ( Administrator )
      BOOT : Normal boot
      Antivirus : avast! antivirus 4.8.1229 [VPS 090306-0] 4.8.1229 (Activated)
      A:\ (USB)
      C:\ (Local Disk) - NTFS - Total:156 Go (Free:125 Go)
      D:\ (Local Disk) - NTFS - Total:141 Go (Free:137 Go)
      E:\ (CD or DVD)
      F:\ (CD or DVD)
      G:\ (USB)
      H:\ (USB)
      I:\ (USB)
      J:\ (USB)

      "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
      Option : [1] ( 12/03/2009|16:33 )

      --------------------\\ Listing des dossiers dans APPLIC~1

      [10/11/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
      [15/02/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
      [27/01/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
      [11/04/2008|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
      [27/01/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
      [30/12/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
      [11/03/2009|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
      [27/01/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
      [08/03/2009|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
      [21/07/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
      [21/07/2007|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
      [06/01/2008|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
      [07/03/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
      [18/02/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
      [17/04/2008|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
      [14/02/2007|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
      [02/02/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G4
      [16/02/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
      [17/06/2007|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
      [27/01/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
      [31/05/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
      [16/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
      [06/03/2009|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
      [11/11/2007|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
      [27/01/2007|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
      [03/03/2007|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
      [04/07/2007|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
      [16/04/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
      [13/11/2007|07:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
      [02/03/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
      [11/07/2008|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

      [12/11/2007|17:27] C:\DOCUME~1\COMPTE~1\APPLIC~1\Roxio

      [06/02/2008|13:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
      [12/12/2007|16:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

      [17/11/2007|07:53] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
      [17/11/2007|07:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
      [17/11/2007|07:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Logitech
      [15/02/2008|20:00] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
      [17/11/2007|07:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Roxio
      [17/11/2007|07:53] C:\DOCUME~1\INVIT~1\APPLIC~1\SlySoft

      [07/02/2008|18:07] C:\DOCUME~1\JuJu\APPLIC~1\Roxio

      [26/06/2008|17:00] C:\DOCUME~1\Justine\APPLIC~1\Adobe
      [25/02/2009|16:07] C:\DOCUME~1\Justine\APPLIC~1\Canon
      [15/01/2008|07:43] C:\DOCUME~1\Justine\APPLIC~1\Google
      [06/01/2008|17:31] C:\DOCUME~1\Justine\APPLIC~1\Identities
      [06/01/2008|17:44] C:\DOCUME~1\Justine\APPLIC~1\Macromedia
      [17/01/2009|22:57] C:\DOCUME~1\Justine\APPLIC~1\Microsoft
      [10/09/2008|16:52] C:\DOCUME~1\Justine\APPLIC~1\Mozilla
      [24/04/2008|09:40] C:\DOCUME~1\Justine\APPLIC~1\Nero
      [23/02/2009|21:51] C:\DOCUME~1\Justine\APPLIC~1\OpenOffice.org
      [07/04/2008|14:56] C:\DOCUME~1\Justine\APPLIC~1\Roxio
      [14/07/2008|14:01] C:\DOCUME~1\Justine\APPLIC~1\Skype
      [06/01/2008|20:16] C:\DOCUME~1\Justine\APPLIC~1\SlySoft
      [03/05/2008|10:58] C:\DOCUME~1\Justine\APPLIC~1\Sun
      [17/07/2008|18:27] C:\DOCUME~1\Justine\APPLIC~1\Talkback
      [04/03/2009|18:57] C:\DOCUME~1\Justine\APPLIC~1\Windows Live Writer
      [07/04/2008|17:14] C:\DOCUME~1\Justine\APPLIC~1\Yahoo!
      [16/07/2008|19:52] C:\DOCUME~1\Justine\APPLIC~1\ZoomBrowser EX

      [15/02/2008|20:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
      [01/12/2007|20:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\PhotoParade
      [16/02/2007|19:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Roxio

      [15/02/2008|20:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
      [14/11/2007|17:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Roxio

      [27/01/2007|15:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
      [07/11/2007|14:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
      [06/02/2007|16:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
      [21/02/2009|09:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\CameraWindowDC
      [18/02/2009|22:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Canon
      [21/02/2009|09:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\CANON INC
      [11/04/2008|19:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Cdrom List
      [09/02/2007|13:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink
      [16/02/2007|21:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Elaborate Bytes
      [17/05/2007|11:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\eMule
      [27/01/2007|17:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
      [14/10/2007|09:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
      [11/11/2007|08:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
      [27/01/2007|01:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
      [21/07/2007|10:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
      [23/02/2009|12:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intelore
      [30/01/2009|22:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
      [21/07/2007|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
      [30/01/2007|18:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
      [07/03/2009|16:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
      [17/04/2008|14:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
      [10/09/2008|11:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
      [17/04/2008|00:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nero
      [23/02/2009|19:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org
      [02/02/2007|21:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\River Past G4
      [16/02/2007|19:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Roxio
      [27/01/2007|17:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\ScanSoft
      [31/01/2007|18:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
      [01/02/2009|11:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
      [01/02/2009|08:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM
      [25/06/2007|19:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
      [02/03/2008|10:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Yahoo!
      [21/02/2009|09:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\ZoomBrowser EX

      --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

      [12/03/2009 12:00][--ah-----] C:\WINDOWS\tasks\ADBEAFE591A12675.job
      [12/03/2009 12:11][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
      [12/03/2009 16:23][--ah-----] C:\WINDOWS\tasks\SA.DAT
      [02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

      ( ADBEAFE591A12675.job )=( c:\docume~1\propri~1\applic~1\cdroml~1\Uploadarmympeg.exe )

      --------------------\\ Listing des dossiers dans C:\Program Files

      [10/11/2008|12:14] C:\Program Files\Adobe
      [10/03/2009|16:40] C:\Program Files\Ad-remover
      [16/02/2007|18:39] C:\Program Files\Ahead
      [11/11/2007|07:51] C:\Program Files\Alwil Software
      [27/01/2007|17:30] C:\Program Files\ArcSoft
      [27/01/2007|11:39] C:\Program Files\AvRack
      [11/07/2008|18:08] C:\Program Files\Canon
      [27/01/2007|17:26] C:\Program Files\CanonBJ
      [27/02/2008|13:20] C:\Program Files\Cdrom List
      [11/04/2008|17:59] C:\Program Files\Circle Developement
      [27/01/2007|01:34] C:\Program Files\ComPlus Applications
      [27/01/2007|12:01] C:\Program Files\CyberLink
      [16/02/2007|19:23] C:\Program Files\DivX
      [01/02/2008|12:31] C:\Program Files\EA GAMES
      [16/02/2007|20:21] C:\Program Files\Elaborate Bytes
      [09/12/2008|09:10] C:\Program Files\eMule
      [17/04/2008|00:03] C:\Program Files\EPSON
      [02/02/2007|21:17] C:\Program Files\FairStars Audio Converter
      [10/03/2009|22:08] C:\Program Files\Fichiers communs
      [17/04/2008|00:25] C:\Program Files\Foxit Software
      [08/12/2007|08:54] C:\Program Files\Gamenext
      [30/12/2008|15:33] C:\Program Files\Google
      [27/01/2007|12:02] C:\Program Files\Grisoft
      [02/02/2007|21:06] C:\Program Files\Illustrate
      [30/03/2007|19:44] C:\Program Files\IncrediMail
      [17/04/2008|14:51] C:\Program Files\InstallShield Installation Information
      [04/12/2007|07:33] C:\Program Files\InterActual
      [14/02/2009|22:57] C:\Program Files\Internet Explorer
      [16/02/2007|20:28] C:\Program Files\InterVideo
      [17/12/2008|08:22] C:\Program Files\Java
      [23/02/2009|18:59] C:\Program Files\JRE
      [17/04/2008|14:51] C:\Program Files\Kit ADSL
      [08/03/2009|09:56] C:\Program Files\Lavasoft
      [18/01/2009|19:46] C:\Program Files\LimeWire
      [21/07/2007|10:23] C:\Program Files\Logitech
      [18/01/2009|19:46] C:\Program Files\Messenger
      [04/01/2009|19:21] C:\Program Files\Messenger Plus! Live
      [02/03/2008|12:35] C:\Program Files\MessengerPlus! 3
      [07/03/2009|16:30] C:\Program Files\MessengerSkinner
      [27/01/2007|10:32] C:\Program Files\Microsoft Calculatrice Plus
      [09/05/2007|20:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [27/01/2007|01:38] C:\Program Files\microsoft frontpage
      [02/02/2007|18:07] C:\Program Files\Microsoft Office
      [12/02/2007|14:54] C:\Program Files\Microsoft R‚f‚rence
      [10/11/2007|12:37] C:\Program Files\Microsoft SQL Server Compact Edition
      [02/02/2007|18:07] C:\Program Files\Microsoft Visual Studio
      [02/02/2007|18:05] C:\Program Files\Microsoft Visual Studio 8
      [02/02/2007|18:07] C:\Program Files\Microsoft Works
      [02/02/2007|18:06] C:\Program Files\Microsoft.NET
      [13/10/2008|16:51] C:\Program Files\Movie Maker
      [12/03/2009|16:30] C:\Program Files\Mozilla Firefox
      [24/07/2007|10:38] C:\Program Files\MSBuild
      [27/01/2007|01:32] C:\Program Files\MSN
      [27/01/2007|01:33] C:\Program Files\MSN Gaming Zone
      [04/07/2007|20:31] C:\Program Files\MSN Messenger
      [27/01/2007|10:38] C:\Program Files\MSXML 4.0
      [24/07/2007|10:40] C:\Program Files\MSXML 6.0
      [24/11/2007|06:28] C:\Program Files\Musicmatch
      [17/04/2008|00:47] C:\Program Files\Nero
      [13/10/2008|16:49] C:\Program Files\NetMeeting
      [16/04/2008|22:05] C:\Program Files\Neuf
      [27/01/2007|01:33] C:\Program Files\Online Services
      [23/02/2009|18:59] C:\Program Files\OpenOffice.org 3
      [13/10/2008|16:49] C:\Program Files\Outlook Express
      [11/11/2007|08:34] C:\Program Files\Papeterie
      [27/01/2007|10:37] C:\Program Files\Pro Imaging Powertoys
      [27/01/2007|11:39] C:\Program Files\Realtek AC97
      [27/01/2007|11:39] C:\Program Files\Realtek Sound Manager
      [24/07/2007|10:35] C:\Program Files\Reference Assemblies
      [02/02/2007|21:10] C:\Program Files\River Past
      [20/02/2007|12:26] C:\Program Files\Roxio
      [27/01/2007|17:33] C:\Program Files\ScanSoft
      [27/01/2007|01:36] C:\Program Files\Services en ligne
      [16/02/2007|19:26] C:\Program Files\SightSpeed
      [01/02/2009|09:21] C:\Program Files\Skype
      [02/02/2007|19:27] C:\Program Files\SlySoft
      [07/03/2009|16:30] C:\Program Files\Spybot - Search & Destroy
      [06/11/2007|18:45] C:\Program Files\Thomson
      [16/02/2009|17:58] C:\Program Files\Trend Micro
      [31/01/2007|18:21] C:\Program Files\UbiSoft
      [27/01/2007|01:44] C:\Program Files\Uninstall Information
      [27/01/2007|10:37] C:\Program Files\UPHClean
      [27/01/2007|10:09] C:\Program Files\VIA
      [11/11/2007|08:14] C:\Program Files\WinAce
      [27/01/2007|10:33] C:\Program Files\Windows Journal Viewer
      [27/02/2008|23:27] C:\Program Files\Windows Live
      [18/01/2009|19:46] C:\Program Files\Windows Live Toolbar
      [18/01/2009|19:46] C:\Program Files\Windows Media Connect 2
      [18/01/2009|19:46] C:\Program Files\Windows Media Player
      [13/10/2008|16:49] C:\Program Files\Windows NT
      [27/01/2007|01:36] C:\Program Files\WindowsUpdate
      [02/02/2007|18:26] C:\Program Files\WinRAR
      [16/04/2008|23:32] C:\Program Files\WinZip
      [27/01/2007|01:38] C:\Program Files\xerox
      [02/03/2008|10:28] C:\Program Files\Yahoo!

      --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

      [10/11/2008|12:14] C:\Program Files\Fichiers communs\Adobe
      [17/04/2008|00:36] C:\Program Files\Fichiers communs\Ahead
      [11/07/2008|18:05] C:\Program Files\Fichiers communs\Canon
      [02/02/2007|18:07] C:\Program Files\Fichiers communs\DESIGNER
      [02/02/2007|21:01] C:\Program Files\Fichiers communs\FotoNation
      [27/01/2007|17:10] C:\Program Files\Fichiers communs\FotoWire
      [27/01/2007|17:33] C:\Program Files\Fichiers communs\InstallShield
      [14/05/2007|22:21] C:\Program Files\Fichiers communs\Java
      [21/07/2007|10:23] C:\Program Files\Fichiers communs\Logitech
      [07/03/2009|17:10] C:\Program Files\Fichiers communs\Microsoft Shared
      [27/01/2007|01:35] C:\Program Files\Fichiers communs\MSSoap
      [17/04/2008|00:49] C:\Program Files\Fichiers communs\Nero
      [27/01/2007|10:36] C:\Program Files\Fichiers communs\Nikon
      [27/01/2007|01:48] C:\Program Files\Fichiers communs\ODBC
      [02/02/2007|21:10] C:\Program Files\Fichiers communs\River Past
      [16/02/2007|19:24] C:\Program Files\Fichiers communs\Roxio Shared
      [24/07/2007|10:05] C:\Program Files\Fichiers communs\Sandlot Shared
      [27/01/2007|17:33] C:\Program Files\Fichiers communs\ScanSoft Shared
      [27/01/2007|01:35] C:\Program Files\Fichiers communs\Services
      [16/02/2007|19:23] C:\Program Files\Fichiers communs\SightSpeed
      [31/05/2008|11:02] C:\Program Files\Fichiers communs\Skype
      [04/12/2007|18:15] C:\Program Files\Fichiers communs\Softwin
      [16/02/2007|19:27] C:\Program Files\Fichiers communs\Sonic Shared
      [27/01/2007|01:48] C:\Program Files\Fichiers communs\SpeechEngines
      [16/02/2007|19:27] C:\Program Files\Fichiers communs\SureThing Shared
      [08/02/2007|16:51] C:\Program Files\Fichiers communs\SWF Studio
      [13/10/2008|16:48] C:\Program Files\Fichiers communs\System
      [10/11/2007|12:28] C:\Program Files\Fichiers communs\WindowsLiveInstaller

      --------------------\\ Process

      ( 54 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
      C:\DOCUME~1\PROPRI~1\APPLIC~1\cdroml~1
      C:\Program Files\cdroml~1
      C:\Program Files\Circle Developement
      C:\WINDOWS\Tasks\ADBEAFE591A12675.job

      --------------------\\ Verification du Registre

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Thunk Mfcd"="C:\\DOCUME~1\\PROPRI~1\\APPLIC~1\\CDROML~1\\Flap Wma.exe"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Base frag grid bows"="C:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\Bind Two.exe"

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts MODIFIE

      127.0.0.1 bin.errorprotector.com ## added by CiD
      127.0.0.1 br.errorsafe.com ## added by CiD
      127.0.0.1 br.winantivirus.com ## added by CiD
      127.0.0.1 br.winfixer.com ## added by CiD
      127.0.0.1 cdn.drivecleaner.com ## added by CiD
      127.0.0.1 cdn.errorsafe.com ## added by CiD
      127.0.0.1 cdn.winsoftware.com ## added by CiD
      127.0.0.1 de.errorsafe.com ## added by CiD
      127.0.0.1 de.winantivirus.com ## added by CiD
      127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
      127.0.0.1 download.cdn.errorsafe.com ## added by CiD
      127.0.0.1 download.cdn.winsoftware.com ## added by CiD
      127.0.0.1 download.errorsafe.com ## added by CiD
      127.0.0.1 download.systemdoctor.com ## added by CiD
      127.0.0.1 download.winantispyware.com ## added by CiD
      127.0.0.1 download.windrivecleaner.com ## added by CiD
      127.0.0.1 download.winfixer.com ## added by CiD
      127.0.0.1 drivecleaner.com ## added by CiD
      127.0.0.1 dynamique.drivecleaner.com ## added by CiD
      127.0.0.1 errorprotector.com ## added by CiD
      127.0.0.1 errorsafe.com ## added by CiD
      127.0.0.1 es.winantivirus.com ## added by CiD
      127.0.0.1 fr.winantivirus.com ## added by CiD
      127.0.0.1 fr.winfixer.com ## added by CiD
      127.0.0.1 go.drivecleaner.com ## added by CiD
      127.0.0.1 go.errorsafe.com ## added by CiD
      127.0.0.1 go.winantispyware.com ## added by CiD
      127.0.0.1 go.winantivirus.com ## added by CiD
      127.0.0.1 hk.winantivirus.com ## added by CiD
      127.0.0.1 instlog.errorsafe.com ## added by CiD
      127.0.0.1 instlog.winantivirus.com ## added by CiD
      127.0.0.1 instlog.winfixer.com ## added by CiD
      127.0.0.1 jsp.drivecleaner.com ## added by CiD
      127.0.0.1 kb.errorsafe.com ## added by CiD
      127.0.0.1 kb.winantivirus.com ## added by CiD
      127.0.0.1 nl.errorsafe.com ## added by CiD
      127.0.0.1 se.errorsafe.com ## added by CiD
      127.0.0.1 secure.drivecleaner.com ## added by CiD
      127.0.0.1 secure.errorsafe.com ## added by CiD
      127.0.0.1 secure.winantispam.com ## added by CiD
      127.0.0.1 secure.winantispy.com ## added by CiD
      127.0.0.1 secure.winantivirus.com ## added by CiD
      127.0.0.1 support.winantivirus.com ## added by CiD
      127.0.0.1 trial.updates.winsoftware.com ## added by CiD
      127.0.0.1 ulog.winantivirus.com ## added by CiD
      127.0.0.1 utils.errorsafe.com ## added by CiD
      127.0.0.1 utils.winantivirus.com ## added by CiD
      127.0.0.1 utils.winfixer.com ## added by CiD
      127.0.0.1 winantispyware.com ## added by CiD
      127.0.0.1 winantivirus.com ## added by CiD
      127.0.0.1 winfixer.com ## added by CiD
      127.0.0.1 winfixer2006.com ## added by CiD
      127.0.0.1 winsoftware.com ## added by CiD
      127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
      127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
      127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
      127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
      127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
      127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
      127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
      127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
      127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
      127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
      127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
      127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
      127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
      127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
      127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
      127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
      127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

      -> 10454 [ 70 ## added by CiD ]

      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-03-12 16:34:31
      Windows 5.1.2600 Service Pack 3 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 374

      --------------------\\ Recherche d'autres infections

      C:\Program Files\MessengerSkinner
      C:\Program Files\MessengerSkinner\download
      C:\Program Files\MessengerSkinner\MessengerSkinnerDll.dll
      C:\Program Files\MessengerSkinner\resources
      C:\Program Files\MessengerSkinner\uninst.exe
      C:\Program Files\MessengerSkinner\updates
      C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
      C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner\Userdata
      C:\WINDOWS\System32\nvs2.inf

      C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene.dat
      C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene_nav.dat
      C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene_navps.dat
      [b]==> EGDACCESS <==/b



      [F:13][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
      [F:17][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
      [F:2][D:13]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

      1 - "C:\Lop SD\LopR_1.txt" - 12/03/2009|16:35 - Option : [1]

      --------------------\\ Fin du rapport a 16:35:35
      0
  14. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    tu as mit 2 fois le rapport de LOP, il manque le rapport de navilog, su tu l'as fait rapport : fixnavi.txt dans ==> C

    pour suivre

    * Relance Lop S&D

    * Choisis cette fois-ci l'option 2 (Suppression)

    * Ne ferme pas la fenêtre lors de la suppression !

    * Poste le rapport généré (C:\lopR.txt)

    * (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    0
  15. hi jack Messages postés 22 Statut Membre
     
    le navifix maintenant

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Propriétaire ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 090306-0] 4.8.1229 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:156 Go (Free:125 Go)
    D:\ (Local Disk) - NTFS - Total:141 Go (Free:137 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 12/03/2009|16:33 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [10/11/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [15/02/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
    [27/01/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
    [11/04/2008|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    [27/01/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [30/12/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [11/03/2009|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [27/01/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [08/03/2009|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [21/07/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
    [21/07/2007|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [06/01/2008|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [07/03/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [18/02/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [17/04/2008|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [14/02/2007|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    [02/02/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G4
    [16/02/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
    [17/06/2007|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [27/01/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    [31/05/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [16/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [06/03/2009|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [11/11/2007|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [27/01/2007|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [03/03/2007|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [04/07/2007|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [16/04/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [13/11/2007|07:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [02/03/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    [11/07/2008|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

    [12/11/2007|17:27] C:\DOCUME~1\COMPTE~1\APPLIC~1\Roxio

    [06/02/2008|13:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [12/12/2007|16:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [17/11/2007|07:53] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
    [17/11/2007|07:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [17/11/2007|07:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Logitech
    [15/02/2008|20:00] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [17/11/2007|07:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Roxio
    [17/11/2007|07:53] C:\DOCUME~1\INVIT~1\APPLIC~1\SlySoft

    [07/02/2008|18:07] C:\DOCUME~1\JuJu\APPLIC~1\Roxio

    [26/06/2008|17:00] C:\DOCUME~1\Justine\APPLIC~1\Adobe
    [25/02/2009|16:07] C:\DOCUME~1\Justine\APPLIC~1\Canon
    [15/01/2008|07:43] C:\DOCUME~1\Justine\APPLIC~1\Google
    [06/01/2008|17:31] C:\DOCUME~1\Justine\APPLIC~1\Identities
    [06/01/2008|17:44] C:\DOCUME~1\Justine\APPLIC~1\Macromedia
    [17/01/2009|22:57] C:\DOCUME~1\Justine\APPLIC~1\Microsoft
    [10/09/2008|16:52] C:\DOCUME~1\Justine\APPLIC~1\Mozilla
    [24/04/2008|09:40] C:\DOCUME~1\Justine\APPLIC~1\Nero
    [23/02/2009|21:51] C:\DOCUME~1\Justine\APPLIC~1\OpenOffice.org
    [07/04/2008|14:56] C:\DOCUME~1\Justine\APPLIC~1\Roxio
    [14/07/2008|14:01] C:\DOCUME~1\Justine\APPLIC~1\Skype
    [06/01/2008|20:16] C:\DOCUME~1\Justine\APPLIC~1\SlySoft
    [03/05/2008|10:58] C:\DOCUME~1\Justine\APPLIC~1\Sun
    [17/07/2008|18:27] C:\DOCUME~1\Justine\APPLIC~1\Talkback
    [04/03/2009|18:57] C:\DOCUME~1\Justine\APPLIC~1\Windows Live Writer
    [07/04/2008|17:14] C:\DOCUME~1\Justine\APPLIC~1\Yahoo!
    [16/07/2008|19:52] C:\DOCUME~1\Justine\APPLIC~1\ZoomBrowser EX

    [15/02/2008|20:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [01/12/2007|20:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\PhotoParade
    [16/02/2007|19:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Roxio

    [15/02/2008|20:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [14/11/2007|17:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Roxio

    [27/01/2007|15:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
    [07/11/2007|14:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
    [06/02/2007|16:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
    [21/02/2009|09:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\CameraWindowDC
    [18/02/2009|22:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Canon
    [21/02/2009|09:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\CANON INC
    [11/04/2008|19:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Cdrom List
    [09/02/2007|13:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink
    [16/02/2007|21:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Elaborate Bytes
    [17/05/2007|11:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\eMule
    [27/01/2007|17:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
    [14/10/2007|09:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
    [11/11/2007|08:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
    [27/01/2007|01:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
    [21/07/2007|10:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
    [23/02/2009|12:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intelore
    [30/01/2009|22:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
    [21/07/2007|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
    [30/01/2007|18:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
    [07/03/2009|16:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
    [17/04/2008|14:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
    [10/09/2008|11:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
    [17/04/2008|00:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nero
    [23/02/2009|19:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org
    [02/02/2007|21:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\River Past G4
    [16/02/2007|19:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Roxio
    [27/01/2007|17:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\ScanSoft
    [31/01/2007|18:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
    [01/02/2009|11:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
    [01/02/2009|08:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM
    [25/06/2007|19:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
    [02/03/2008|10:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Yahoo!
    [21/02/2009|09:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\ZoomBrowser EX

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [12/03/2009 12:00][--ah-----] C:\WINDOWS\tasks\ADBEAFE591A12675.job
    [12/03/2009 12:11][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [12/03/2009 16:23][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( ADBEAFE591A12675.job )=( c:\docume~1\propri~1\applic~1\cdroml~1\Uploadarmympeg.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [10/11/2008|12:14] C:\Program Files\Adobe
    [10/03/2009|16:40] C:\Program Files\Ad-remover
    [16/02/2007|18:39] C:\Program Files\Ahead
    [11/11/2007|07:51] C:\Program Files\Alwil Software
    [27/01/2007|17:30] C:\Program Files\ArcSoft
    [27/01/2007|11:39] C:\Program Files\AvRack
    [11/07/2008|18:08] C:\Program Files\Canon
    [27/01/2007|17:26] C:\Program Files\CanonBJ
    [27/02/2008|13:20] C:\Program Files\Cdrom List
    [11/04/2008|17:59] C:\Program Files\Circle Developement
    [27/01/2007|01:34] C:\Program Files\ComPlus Applications
    [27/01/2007|12:01] C:\Program Files\CyberLink
    [16/02/2007|19:23] C:\Program Files\DivX
    [01/02/2008|12:31] C:\Program Files\EA GAMES
    [16/02/2007|20:21] C:\Program Files\Elaborate Bytes
    [09/12/2008|09:10] C:\Program Files\eMule
    [17/04/2008|00:03] C:\Program Files\EPSON
    [02/02/2007|21:17] C:\Program Files\FairStars Audio Converter
    [10/03/2009|22:08] C:\Program Files\Fichiers communs
    [17/04/2008|00:25] C:\Program Files\Foxit Software
    [08/12/2007|08:54] C:\Program Files\Gamenext
    [30/12/2008|15:33] C:\Program Files\Google
    [27/01/2007|12:02] C:\Program Files\Grisoft
    [02/02/2007|21:06] C:\Program Files\Illustrate
    [30/03/2007|19:44] C:\Program Files\IncrediMail
    [17/04/2008|14:51] C:\Program Files\InstallShield Installation Information
    [04/12/2007|07:33] C:\Program Files\InterActual
    [14/02/2009|22:57] C:\Program Files\Internet Explorer
    [16/02/2007|20:28] C:\Program Files\InterVideo
    [17/12/2008|08:22] C:\Program Files\Java
    [23/02/2009|18:59] C:\Program Files\JRE
    [17/04/2008|14:51] C:\Program Files\Kit ADSL
    [08/03/2009|09:56] C:\Program Files\Lavasoft
    [18/01/2009|19:46] C:\Program Files\LimeWire
    [21/07/2007|10:23] C:\Program Files\Logitech
    [18/01/2009|19:46] C:\Program Files\Messenger
    [04/01/2009|19:21] C:\Program Files\Messenger Plus! Live
    [02/03/2008|12:35] C:\Program Files\MessengerPlus! 3
    [07/03/2009|16:30] C:\Program Files\MessengerSkinner
    [27/01/2007|10:32] C:\Program Files\Microsoft Calculatrice Plus
    [09/05/2007|20:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [27/01/2007|01:38] C:\Program Files\microsoft frontpage
    [02/02/2007|18:07] C:\Program Files\Microsoft Office
    [12/02/2007|14:54] C:\Program Files\Microsoft R‚f‚rence
    [10/11/2007|12:37] C:\Program Files\Microsoft SQL Server Compact Edition
    [02/02/2007|18:07] C:\Program Files\Microsoft Visual Studio
    [02/02/2007|18:05] C:\Program Files\Microsoft Visual Studio 8
    [02/02/2007|18:07] C:\Program Files\Microsoft Works
    [02/02/2007|18:06] C:\Program Files\Microsoft.NET
    [13/10/2008|16:51] C:\Program Files\Movie Maker
    [12/03/2009|16:30] C:\Program Files\Mozilla Firefox
    [24/07/2007|10:38] C:\Program Files\MSBuild
    [27/01/2007|01:32] C:\Program Files\MSN
    [27/01/2007|01:33] C:\Program Files\MSN Gaming Zone
    [04/07/2007|20:31] C:\Program Files\MSN Messenger
    [27/01/2007|10:38] C:\Program Files\MSXML 4.0
    [24/07/2007|10:40] C:\Program Files\MSXML 6.0
    [24/11/2007|06:28] C:\Program Files\Musicmatch
    [17/04/2008|00:47] C:\Program Files\Nero
    [13/10/2008|16:49] C:\Program Files\NetMeeting
    [16/04/2008|22:05] C:\Program Files\Neuf
    [27/01/2007|01:33] C:\Program Files\Online Services
    [23/02/2009|18:59] C:\Program Files\OpenOffice.org 3
    [13/10/2008|16:49] C:\Program Files\Outlook Express
    [11/11/2007|08:34] C:\Program Files\Papeterie
    [27/01/2007|10:37] C:\Program Files\Pro Imaging Powertoys
    [27/01/2007|11:39] C:\Program Files\Realtek AC97
    [27/01/2007|11:39] C:\Program Files\Realtek Sound Manager
    [24/07/2007|10:35] C:\Program Files\Reference Assemblies
    [02/02/2007|21:10] C:\Program Files\River Past
    [20/02/2007|12:26] C:\Program Files\Roxio
    [27/01/2007|17:33] C:\Program Files\ScanSoft
    [27/01/2007|01:36] C:\Program Files\Services en ligne
    [16/02/2007|19:26] C:\Program Files\SightSpeed
    [01/02/2009|09:21] C:\Program Files\Skype
    [02/02/2007|19:27] C:\Program Files\SlySoft
    [07/03/2009|16:30] C:\Program Files\Spybot - Search & Destroy
    [06/11/2007|18:45] C:\Program Files\Thomson
    [16/02/2009|17:58] C:\Program Files\Trend Micro
    [31/01/2007|18:21] C:\Program Files\UbiSoft
    [27/01/2007|01:44] C:\Program Files\Uninstall Information
    [27/01/2007|10:37] C:\Program Files\UPHClean
    [27/01/2007|10:09] C:\Program Files\VIA
    [11/11/2007|08:14] C:\Program Files\WinAce
    [27/01/2007|10:33] C:\Program Files\Windows Journal Viewer
    [27/02/2008|23:27] C:\Program Files\Windows Live
    [18/01/2009|19:46] C:\Program Files\Windows Live Toolbar
    [18/01/2009|19:46] C:\Program Files\Windows Media Connect 2
    [18/01/2009|19:46] C:\Program Files\Windows Media Player
    [13/10/2008|16:49] C:\Program Files\Windows NT
    [27/01/2007|01:36] C:\Program Files\WindowsUpdate
    [02/02/2007|18:26] C:\Program Files\WinRAR
    [16/04/2008|23:32] C:\Program Files\WinZip
    [27/01/2007|01:38] C:\Program Files\xerox
    [02/03/2008|10:28] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [10/11/2008|12:14] C:\Program Files\Fichiers communs\Adobe
    [17/04/2008|00:36] C:\Program Files\Fichiers communs\Ahead
    [11/07/2008|18:05] C:\Program Files\Fichiers communs\Canon
    [02/02/2007|18:07] C:\Program Files\Fichiers communs\DESIGNER
    [02/02/2007|21:01] C:\Program Files\Fichiers communs\FotoNation
    [27/01/2007|17:10] C:\Program Files\Fichiers communs\FotoWire
    [27/01/2007|17:33] C:\Program Files\Fichiers communs\InstallShield
    [14/05/2007|22:21] C:\Program Files\Fichiers communs\Java
    [21/07/2007|10:23] C:\Program Files\Fichiers communs\Logitech
    [07/03/2009|17:10] C:\Program Files\Fichiers communs\Microsoft Shared
    [27/01/2007|01:35] C:\Program Files\Fichiers communs\MSSoap
    [17/04/2008|00:49] C:\Program Files\Fichiers communs\Nero
    [27/01/2007|10:36] C:\Program Files\Fichiers communs\Nikon
    [27/01/2007|01:48] C:\Program Files\Fichiers communs\ODBC
    [02/02/2007|21:10] C:\Program Files\Fichiers communs\River Past
    [16/02/2007|19:24] C:\Program Files\Fichiers communs\Roxio Shared
    [24/07/2007|10:05] C:\Program Files\Fichiers communs\Sandlot Shared
    [27/01/2007|17:33] C:\Program Files\Fichiers communs\ScanSoft Shared
    [27/01/2007|01:35] C:\Program Files\Fichiers communs\Services
    [16/02/2007|19:23] C:\Program Files\Fichiers communs\SightSpeed
    [31/05/2008|11:02] C:\Program Files\Fichiers communs\Skype
    [04/12/2007|18:15] C:\Program Files\Fichiers communs\Softwin
    [16/02/2007|19:27] C:\Program Files\Fichiers communs\Sonic Shared
    [27/01/2007|01:48] C:\Program Files\Fichiers communs\SpeechEngines
    [16/02/2007|19:27] C:\Program Files\Fichiers communs\SureThing Shared
    [08/02/2007|16:51] C:\Program Files\Fichiers communs\SWF Studio
    [13/10/2008|16:48] C:\Program Files\Fichiers communs\System
    [10/11/2007|12:28] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 54 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    C:\DOCUME~1\PROPRI~1\APPLIC~1\cdroml~1
    C:\Program Files\cdroml~1
    C:\Program Files\Circle Developement
    C:\WINDOWS\Tasks\ADBEAFE591A12675.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Thunk Mfcd"="C:\\DOCUME~1\\PROPRI~1\\APPLIC~1\\CDROML~1\\Flap Wma.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Base frag grid bows"="C:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\Bind Two.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
    127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
    127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

    -> 10454 [ 70 ## added by CiD ]

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-03-12 16:34:31
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 374

    --------------------\\ Recherche d'autres infections

    C:\Program Files\MessengerSkinner
    C:\Program Files\MessengerSkinner\download
    C:\Program Files\MessengerSkinner\MessengerSkinnerDll.dll
    C:\Program Files\MessengerSkinner\resources
    C:\Program Files\MessengerSkinner\uninst.exe
    C:\Program Files\MessengerSkinner\updates
    C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
    C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner\Userdata
    C:\WINDOWS\System32\nvs2.inf

    C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene.dat
    C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene_nav.dat
    C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene_navps.dat
    [b]==> EGDACCESS <==/b

    [F:13][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
    [F:17][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
    [F:2][D:13]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 12/03/2009|16:35 - Option : [1]

    --------------------\\ Fin du rapport a 16:35:35
    0
  16. hi jack Messages postés 22 Statut Membre
     
    c'est peut- être plutôt ça

    Search Navipromo version 3.7.5 commencé le 12/03/2009 à 21:22:31,14

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 26.02.2009 à 18h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Propriétaire ( Administrator )
    BOOT : Normal boot

    Antivirus : avast! antivirus 4.8.1229 [VPS 090306-0] 4.8.1229 (Activated)

    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:156 Go (Free:125 Go)
    D:\ (Local Disk) - NTFS - Total:141 Go (Free:137 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    Recherche executé en mode normal

    *** Recherche Programmes installés ***

    MessengerSkinner

    *** Recherche dossiers dans "C:\WINDOWS" ***

    *** Recherche dossiers dans "C:\Program Files" ***

    ...\MessengerSkinner trouvé !

    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

    *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

    *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" ***

    ...\MessengerSkinner trouvé !

    *** Recherche dossiers dans "C:\DOCUME~1\COMPTE~1\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\JuJu\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\Justine\applic~1" ***

    *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\Justine\locals~1\applic~1" ***

    *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" ***

    ...\MessengerSkinner trouvé !

    *** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\menudm~1\progra~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\Justine\menudm~1\progra~1" ***

    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\WINDOWS\system32" *

    * Recherche dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *

    * Recherche dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" *

    * Recherche dans "C:\DOCUME~1\Justine\locals~1\applic~1" *

    *** Recherche fichiers ***

    C:\WINDOWS\system32\nvs2.inf trouvé !

    *** Recherche clés spécifiques dans le Registre ***
    !! Les clés trouvées ne sont pas forcément infectées !!

    HKEY_CURRENT_USER\Software\Lanconfig

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :

    2)Recherche Heuristique :

    * Dans "C:\WINDOWS\system32" :

    * Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" :

    pialjeene.dat trouvé !
    pialjeene_nav.dat trouvé !
    pialjeene_navps.dat trouvé !

    * Dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" :

    * Dans "C:\DOCUME~1\Justine\locals~1\applic~1" :

    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group trouvé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit trouvé !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche autres dossiers et fichiers connus :

    C:\WINDOWS\Tasks\ADBEAFE591A12675.job trouvé ! Infection Lop possible non traitée par cet outil !

    *** Analyse terminée le 12/03/2009 à 21:29:05,87 ***
    0
  17. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    bonjour,

    poste les rapports au fur et a lmesure des scans pour pas te perdre

    * Relance navilog1

    * Choisis cette fois option 2

    * note : le bureau disparaît

    * redémarrage du pc

    * mettre le rapport dans ta prochaine réponse

    puis

    * Relance Lop S&D

    * Choisis cette fois-ci l'option 2 (Suppression)

    * Ne ferme pas la fenêtre lors de la suppression !

    * Poste le rapport généré (C:\lopR.txt)

    * (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

    puis poste un nouveau RSIT juste le log.txt
    0
    1. hi jack Messages postés 22 Statut Membre
       
      Salut, Plopus, suite du feuilleton


      --------------------\\ Lop S&D 4.2.5-0 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
      BIOS : Phoenix - AwardBIOS v6.00PG
      USER : Propriétaire ( Administrator )
      BOOT : Normal boot
      Antivirus : avast! antivirus 4.8.1229 [VPS 090306-0] 4.8.1229 (Activated)
      A:\ (USB)
      C:\ (Local Disk) - NTFS - Total:156 Go (Free:125 Go)
      D:\ (Local Disk) - NTFS - Total:141 Go (Free:137 Go)
      E:\ (CD or DVD)
      F:\ (CD or DVD)
      G:\ (USB)
      H:\ (USB)
      I:\ (USB)
      J:\ (USB)

      "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
      Option : [2] ( 14/03/2009| 6:50 )


      \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

      Supprime! - C:\WINDOWS\Tasks\ADBEAFE591A12675.job
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
      Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\cdroml~1
      Supprime! - C:\Program Files\cdroml~1
      Supprime! - C:\Program Files\Circle Developement
      -
      [ Fichier Hosts ] .. Restaure!

      \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


      --------------------\\ Listing des dossiers dans APPLIC~1

      [10/11/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
      [15/02/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
      [27/01/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
      [27/01/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
      [30/12/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
      [14/03/2009|06:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
      [27/01/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
      [08/03/2009|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
      [21/07/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
      [21/07/2007|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
      [06/01/2008|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
      [07/03/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
      [18/02/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
      [17/04/2008|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
      [14/02/2007|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
      [02/02/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G4
      [16/02/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
      [17/06/2007|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
      [27/01/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
      [31/05/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
      [16/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
      [06/03/2009|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
      [11/11/2007|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
      [27/01/2007|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
      [03/03/2007|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
      [04/07/2007|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
      [16/04/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
      [13/11/2007|07:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
      [02/03/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
      [11/07/2008|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

      [12/11/2007|17:27] C:\DOCUME~1\COMPTE~1\APPLIC~1\Roxio

      [06/02/2008|13:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
      [12/12/2007|16:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

      [17/11/2007|07:53] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
      [17/11/2007|07:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
      [17/11/2007|07:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Logitech
      [15/02/2008|20:00] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
      [17/11/2007|07:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Roxio
      [17/11/2007|07:53] C:\DOCUME~1\INVIT~1\APPLIC~1\SlySoft

      [07/02/2008|18:07] C:\DOCUME~1\JuJu\APPLIC~1\Roxio

      [26/06/2008|17:00] C:\DOCUME~1\Justine\APPLIC~1\Adobe
      [25/02/2009|16:07] C:\DOCUME~1\Justine\APPLIC~1\Canon
      [15/01/2008|07:43] C:\DOCUME~1\Justine\APPLIC~1\Google
      [06/01/2008|17:31] C:\DOCUME~1\Justine\APPLIC~1\Identities
      [06/01/2008|17:44] C:\DOCUME~1\Justine\APPLIC~1\Macromedia
      [17/01/2009|22:57] C:\DOCUME~1\Justine\APPLIC~1\Microsoft
      [10/09/2008|16:52] C:\DOCUME~1\Justine\APPLIC~1\Mozilla
      [24/04/2008|09:40] C:\DOCUME~1\Justine\APPLIC~1\Nero
      [23/02/2009|21:51] C:\DOCUME~1\Justine\APPLIC~1\OpenOffice.org
      [07/04/2008|14:56] C:\DOCUME~1\Justine\APPLIC~1\Roxio
      [14/07/2008|14:01] C:\DOCUME~1\Justine\APPLIC~1\Skype
      [06/01/2008|20:16] C:\DOCUME~1\Justine\APPLIC~1\SlySoft
      [03/05/2008|10:58] C:\DOCUME~1\Justine\APPLIC~1\Sun
      [17/07/2008|18:27] C:\DOCUME~1\Justine\APPLIC~1\Talkback
      [04/03/2009|18:57] C:\DOCUME~1\Justine\APPLIC~1\Windows Live Writer
      [07/04/2008|17:14] C:\DOCUME~1\Justine\APPLIC~1\Yahoo!
      [16/07/2008|19:52] C:\DOCUME~1\Justine\APPLIC~1\ZoomBrowser EX

      [15/02/2008|20:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
      [01/12/2007|20:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\PhotoParade
      [16/02/2007|19:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Roxio

      [15/02/2008|20:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
      [14/11/2007|17:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Roxio

      [27/01/2007|15:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
      [07/11/2007|14:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
      [06/02/2007|16:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
      [21/02/2009|09:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\CameraWindowDC
      [18/02/2009|22:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Canon
      [21/02/2009|09:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\CANON INC
      [09/02/2007|13:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink
      [16/02/2007|21:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Elaborate Bytes
      [17/05/2007|11:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\eMule
      [27/01/2007|17:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
      [14/10/2007|09:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
      [11/11/2007|08:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
      [27/01/2007|01:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
      [21/07/2007|10:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
      [23/02/2009|12:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intelore
      [30/01/2009|22:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
      [21/07/2007|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
      [30/01/2007|18:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
      [07/03/2009|16:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
      [17/04/2008|14:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
      [10/09/2008|11:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
      [17/04/2008|00:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nero
      [23/02/2009|19:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org
      [02/02/2007|21:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\River Past G4
      [16/02/2007|19:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Roxio
      [27/01/2007|17:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\ScanSoft
      [31/01/2007|18:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
      [01/02/2009|11:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
      [01/02/2009|08:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM
      [25/06/2007|19:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
      [02/03/2008|10:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Yahoo!
      [13/03/2009|14:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\ZoomBrowser EX

      --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

      [13/03/2009 23:11][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
      [14/03/2009 06:32][--ah-----] C:\WINDOWS\tasks\SA.DAT
      [02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

      --------------------\\ Listing des dossiers dans C:\Program Files

      [10/11/2008|12:14] C:\Program Files\Adobe
      [10/03/2009|16:40] C:\Program Files\Ad-remover
      [16/02/2007|18:39] C:\Program Files\Ahead
      [11/11/2007|07:51] C:\Program Files\Alwil Software
      [27/01/2007|17:30] C:\Program Files\ArcSoft
      [27/01/2007|11:39] C:\Program Files\AvRack
      [11/07/2008|18:08] C:\Program Files\Canon
      [27/01/2007|17:26] C:\Program Files\CanonBJ
      [27/01/2007|01:34] C:\Program Files\ComPlus Applications
      [27/01/2007|12:01] C:\Program Files\CyberLink
      [16/02/2007|19:23] C:\Program Files\DivX
      [01/02/2008|12:31] C:\Program Files\EA GAMES
      [16/02/2007|20:21] C:\Program Files\Elaborate Bytes
      [09/12/2008|09:10] C:\Program Files\eMule
      [17/04/2008|00:03] C:\Program Files\EPSON
      [02/02/2007|21:17] C:\Program Files\FairStars Audio Converter
      [10/03/2009|22:08] C:\Program Files\Fichiers communs
      [17/04/2008|00:25] C:\Program Files\Foxit Software
      [08/12/2007|08:54] C:\Program Files\Gamenext
      [30/12/2008|15:33] C:\Program Files\Google
      [27/01/2007|12:02] C:\Program Files\Grisoft
      [02/02/2007|21:06] C:\Program Files\Illustrate
      [30/03/2007|19:44] C:\Program Files\IncrediMail
      [17/04/2008|14:51] C:\Program Files\InstallShield Installation Information
      [04/12/2007|07:33] C:\Program Files\InterActual
      [14/02/2009|22:57] C:\Program Files\Internet Explorer
      [16/02/2007|20:28] C:\Program Files\InterVideo
      [17/12/2008|08:22] C:\Program Files\Java
      [23/02/2009|18:59] C:\Program Files\JRE
      [17/04/2008|14:51] C:\Program Files\Kit ADSL
      [08/03/2009|09:56] C:\Program Files\Lavasoft
      [18/01/2009|19:46] C:\Program Files\LimeWire
      [21/07/2007|10:23] C:\Program Files\Logitech
      [18/01/2009|19:46] C:\Program Files\Messenger
      [04/01/2009|19:21] C:\Program Files\Messenger Plus! Live
      [02/03/2008|12:35] C:\Program Files\MessengerPlus! 3
      [07/03/2009|16:30] C:\Program Files\MessengerSkinner
      [27/01/2007|10:32] C:\Program Files\Microsoft Calculatrice Plus
      [09/05/2007|20:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [27/01/2007|01:38] C:\Program Files\microsoft frontpage
      [02/02/2007|18:07] C:\Program Files\Microsoft Office
      [12/02/2007|14:54] C:\Program Files\Microsoft R‚f‚rence
      [10/11/2007|12:37] C:\Program Files\Microsoft SQL Server Compact Edition
      [02/02/2007|18:07] C:\Program Files\Microsoft Visual Studio
      [02/02/2007|18:05] C:\Program Files\Microsoft Visual Studio 8
      [02/02/2007|18:07] C:\Program Files\Microsoft Works
      [02/02/2007|18:06] C:\Program Files\Microsoft.NET
      [13/10/2008|16:51] C:\Program Files\Movie Maker
      [14/03/2009|06:45] C:\Program Files\Mozilla Firefox
      [24/07/2007|10:38] C:\Program Files\MSBuild
      [27/01/2007|01:32] C:\Program Files\MSN
      [27/01/2007|01:33] C:\Program Files\MSN Gaming Zone
      [04/07/2007|20:31] C:\Program Files\MSN Messenger
      [27/01/2007|10:38] C:\Program Files\MSXML 4.0
      [24/07/2007|10:40] C:\Program Files\MSXML 6.0
      [24/11/2007|06:28] C:\Program Files\Musicmatch
      [12/03/2009|21:43] C:\Program Files\Navilog1
      [17/04/2008|00:47] C:\Program Files\Nero
      [13/10/2008|16:49] C:\Program Files\NetMeeting
      [16/04/2008|22:05] C:\Program Files\Neuf
      [27/01/2007|01:33] C:\Program Files\Online Services
      [23/02/2009|18:59] C:\Program Files\OpenOffice.org 3
      [13/10/2008|16:49] C:\Program Files\Outlook Express
      [11/11/2007|08:34] C:\Program Files\Papeterie
      [27/01/2007|10:37] C:\Program Files\Pro Imaging Powertoys
      [27/01/2007|11:39] C:\Program Files\Realtek AC97
      [27/01/2007|11:39] C:\Program Files\Realtek Sound Manager
      [24/07/2007|10:35] C:\Program Files\Reference Assemblies
      [02/02/2007|21:10] C:\Program Files\River Past
      [20/02/2007|12:26] C:\Program Files\Roxio
      [27/01/2007|17:33] C:\Program Files\ScanSoft
      [27/01/2007|01:36] C:\Program Files\Services en ligne
      [16/02/2007|19:26] C:\Program Files\SightSpeed
      [01/02/2009|09:21] C:\Program Files\Skype
      [02/02/2007|19:27] C:\Program Files\SlySoft
      [07/03/2009|16:30] C:\Program Files\Spybot - Search & Destroy
      [06/11/2007|18:45] C:\Program Files\Thomson
      [16/02/2009|17:58] C:\Program Files\Trend Micro
      [31/01/2007|18:21] C:\Program Files\UbiSoft
      [27/01/2007|01:44] C:\Program Files\Uninstall Information
      [27/01/2007|10:37] C:\Program Files\UPHClean
      [27/01/2007|10:09] C:\Program Files\VIA
      [11/11/2007|08:14] C:\Program Files\WinAce
      [27/01/2007|10:33] C:\Program Files\Windows Journal Viewer
      [27/02/2008|23:27] C:\Program Files\Windows Live
      [18/01/2009|19:46] C:\Program Files\Windows Live Toolbar
      [18/01/2009|19:46] C:\Program Files\Windows Media Connect 2
      [18/01/2009|19:46] C:\Program Files\Windows Media Player
      [13/10/2008|16:49] C:\Program Files\Windows NT
      [27/01/2007|01:36] C:\Program Files\WindowsUpdate
      [02/02/2007|18:26] C:\Program Files\WinRAR
      [16/04/2008|23:32] C:\Program Files\WinZip
      [27/01/2007|01:38] C:\Program Files\xerox
      [02/03/2008|10:28] C:\Program Files\Yahoo!

      --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

      [10/11/2008|12:14] C:\Program Files\Fichiers communs\Adobe
      [17/04/2008|00:36] C:\Program Files\Fichiers communs\Ahead
      [11/07/2008|18:05] C:\Program Files\Fichiers communs\Canon
      [02/02/2007|18:07] C:\Program Files\Fichiers communs\DESIGNER
      [02/02/2007|21:01] C:\Program Files\Fichiers communs\FotoNation
      [27/01/2007|17:10] C:\Program Files\Fichiers communs\FotoWire
      [27/01/2007|17:33] C:\Program Files\Fichiers communs\InstallShield
      [14/05/2007|22:21] C:\Program Files\Fichiers communs\Java
      [21/07/2007|10:23] C:\Program Files\Fichiers communs\Logitech
      [07/03/2009|17:10] C:\Program Files\Fichiers communs\Microsoft Shared
      [27/01/2007|01:35] C:\Program Files\Fichiers communs\MSSoap
      [17/04/2008|00:49] C:\Program Files\Fichiers communs\Nero
      [27/01/2007|10:36] C:\Program Files\Fichiers communs\Nikon
      [27/01/2007|01:48] C:\Program Files\Fichiers communs\ODBC
      [02/02/2007|21:10] C:\Program Files\Fichiers communs\River Past
      [16/02/2007|19:24] C:\Program Files\Fichiers communs\Roxio Shared
      [24/07/2007|10:05] C:\Program Files\Fichiers communs\Sandlot Shared
      [27/01/2007|17:33] C:\Program Files\Fichiers communs\ScanSoft Shared
      [27/01/2007|01:35] C:\Program Files\Fichiers communs\Services
      [16/02/2007|19:23] C:\Program Files\Fichiers communs\SightSpeed
      [31/05/2008|11:02] C:\Program Files\Fichiers communs\Skype
      [04/12/2007|18:15] C:\Program Files\Fichiers communs\Softwin
      [16/02/2007|19:27] C:\Program Files\Fichiers communs\Sonic Shared
      [27/01/2007|01:48] C:\Program Files\Fichiers communs\SpeechEngines
      [16/02/2007|19:27] C:\Program Files\Fichiers communs\SureThing Shared
      [08/02/2007|16:51] C:\Program Files\Fichiers communs\SWF Studio
      [13/10/2008|16:48] C:\Program Files\Fichiers communs\System
      [10/11/2007|12:28] C:\Program Files\Fichiers communs\WindowsLiveInstaller

      --------------------\\ Process

      ( 53 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Verification du Registre

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-03-14 06:51:31
      Windows 5.1.2600 Service Pack 3 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 374

      --------------------\\ Recherche d'autres infections

      C:\Program Files\MessengerSkinner
      C:\Program Files\MessengerSkinner\download
      C:\Program Files\MessengerSkinner\MessengerSkinnerDll.dll
      C:\Program Files\MessengerSkinner\resources
      C:\Program Files\MessengerSkinner\uninst.exe
      C:\Program Files\MessengerSkinner\updates
      C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
      C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner\Userdata
      C:\WINDOWS\System32\nvs2.inf

      C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene.dat
      C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene_nav.dat
      C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\pialjeene_navps.dat
      [b]==> EGDACCESS <==/b



      [F:14][D:15]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
      [F:2][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
      [F:6][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

      1 - "C:\Lop SD\LopR_1.txt" - 12/03/2009|16:35 - Option : [1]
      2 - "C:\Lop SD\LopR_2.txt" - 14/03/2009| 6:52 - Option : [2]

      --------------------\\ Fin du rapport a 6:52:36
      voilà
      0
  18. hi jack Messages postés 22 Statut Membre
     
    je crois que j'ai inversé les opérations !!!

    Clean Navipromo version 3.7.5 commencé le 14/03/2009 à 7:08:23,45

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 26.02.2009 à 18h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Propriétaire ( Administrator )
    BOOT : Normal boot

    Antivirus : avast! antivirus 4.8.1229 [VPS 090306-0] 4.8.1229 (Activated)

    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:156 Go (Free:125 Go)
    D:\ (Local Disk) - NTFS - Total:141 Go (Free:137 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS

    Nettoyage exécuté au redémarrage de l'ordinateur

    *** fsbl1.txt non trouvé ***
    (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans "C:\WINDOWS\System32" *

    * Suppression dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *

    * Suppression dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" *

    * Suppression dans "C:\DOCUME~1\Justine\locals~1\applic~1" *

    *** Suppression dossiers dans "C:\WINDOWS" ***

    *** Suppression dossiers dans "C:\Program Files" ***

    ...\MessengerSkinner ...suppression...
    ...\MessengerSkinner supprimé !

    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

    *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***

    *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" ***

    ...\MessengerSkinner ...suppression...
    ...\MessengerSkinner supprimé !

    *** Suppression dossiers dans "C:\DOCUME~1\COMPTE~1\applic~1" ***

    *** Suppression dossiers dans "C:\DOCUME~1\INVIT~1\applic~1" ***

    *** Suppression dossiers dans "C:\DOCUME~1\JuJu\applic~1" ***

    *** Suppression dossiers dans "C:\DOCUME~1\Justine\applic~1" ***

    *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" ***

    *** Suppression dossiers dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" ***

    *** Suppression dossiers dans "C:\DOCUME~1\Justine\locals~1\applic~1" ***

    *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" ***

    ...\MessengerSkinner ...suppression...
    ...\MessengerSkinner supprimé !

    *** Suppression dossiers dans "C:\DOCUME~1\INVIT~1\menudm~1\progra~1" ***

    *** Suppression dossiers dans "C:\DOCUME~1\Justine\menudm~1\progra~1" ***

    *** Suppression fichiers ***

    C:\WINDOWS\system32\nvs2.inf supprimé !

    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Propri‚taire\locals~1\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :

    * Dans "C:\WINDOWS\system32" *

    * Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *

    pialjeene.dat trouvé !
    Copie pialjeene.dat réalisée avec succès !
    pialjeene.dat supprimé !

    pialjeene_nav.dat trouvé !
    Copie pialjeene_nav.dat réalisée avec succès !
    pialjeene_nav.dat supprimé !

    pialjeene_navps.dat trouvé !
    Copie pialjeene_navps.dat réalisée avec succès !
    pialjeene_navps.dat supprimé !

    * Dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" *

    * Dans "C:\DOCUME~1\Justine\locals~1\applic~1" *

    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok

    *** Certificats ***

    Certificat Egroup supprimé !
    Certificat Electronic-Group supprimé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit supprimé !
    Certificat Sunny-Day-Design-Ltdt absent !

    *** Recherche autres dossiers et fichiers connus ***

    *** Nettoyage terminé le 14/03/2009 à 7:12:17
    0
  19. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    bonjour,

    il reste sa :

    * Relance Lop S&D

    * Choisis cette fois-ci l'option 2 (Suppression)

    * Ne ferme pas la fenêtre lors de la suppression !

    * Poste le rapport généré (C:\lopR.txt)

    * (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

    puis poste un nouveau RSIT juste le log.txt
    0
    1. hi jack Messages postés 22 Statut Membre
       
      Resalut, Plopus,voilà , me revoici


      --------------------\\ Lop S&D 4.2.5-0 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
      BIOS : Phoenix - AwardBIOS v6.00PG
      USER : Propriétaire ( Administrator )
      BOOT : Normal boot
      Antivirus : avast! antivirus 4.8.1229 [VPS 090306-0] 4.8.1229 (Activated)
      A:\ (USB)
      C:\ (Local Disk) - NTFS - Total:156 Go (Free:125 Go)
      D:\ (Local Disk) - NTFS - Total:141 Go (Free:137 Go)
      E:\ (CD or DVD)
      F:\ (CD or DVD)
      G:\ (USB)
      H:\ (USB)
      I:\ (USB)
      J:\ (USB)

      "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
      Option : [2] ( 14/03/2009|19:40 )


      \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


      --------------------\\ Listing des dossiers dans APPLIC~1

      [10/11/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
      [15/02/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
      [27/01/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
      [27/01/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
      [30/12/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
      [14/03/2009|06:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
      [27/01/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
      [08/03/2009|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
      [21/07/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
      [21/07/2007|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
      [06/01/2008|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
      [07/03/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
      [18/02/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
      [17/04/2008|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
      [14/02/2007|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
      [02/02/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G4
      [16/02/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
      [17/06/2007|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
      [27/01/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
      [31/05/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
      [16/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
      [06/03/2009|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
      [11/11/2007|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
      [27/01/2007|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
      [03/03/2007|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
      [04/07/2007|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
      [16/04/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
      [13/11/2007|07:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
      [02/03/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
      [11/07/2008|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

      [12/11/2007|17:27] C:\DOCUME~1\COMPTE~1\APPLIC~1\Roxio

      [06/02/2008|13:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
      [12/12/2007|16:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

      [17/11/2007|07:53] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
      [17/11/2007|07:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
      [17/11/2007|07:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Logitech
      [15/02/2008|20:00] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
      [17/11/2007|07:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Roxio
      [17/11/2007|07:53] C:\DOCUME~1\INVIT~1\APPLIC~1\SlySoft

      [07/02/2008|18:07] C:\DOCUME~1\JuJu\APPLIC~1\Roxio

      [26/06/2008|17:00] C:\DOCUME~1\Justine\APPLIC~1\Adobe
      [25/02/2009|16:07] C:\DOCUME~1\Justine\APPLIC~1\Canon
      [15/01/2008|07:43] C:\DOCUME~1\Justine\APPLIC~1\Google
      [06/01/2008|17:31] C:\DOCUME~1\Justine\APPLIC~1\Identities
      [06/01/2008|17:44] C:\DOCUME~1\Justine\APPLIC~1\Macromedia
      [17/01/2009|22:57] C:\DOCUME~1\Justine\APPLIC~1\Microsoft
      [10/09/2008|16:52] C:\DOCUME~1\Justine\APPLIC~1\Mozilla
      [24/04/2008|09:40] C:\DOCUME~1\Justine\APPLIC~1\Nero
      [23/02/2009|21:51] C:\DOCUME~1\Justine\APPLIC~1\OpenOffice.org
      [07/04/2008|14:56] C:\DOCUME~1\Justine\APPLIC~1\Roxio
      [14/07/2008|14:01] C:\DOCUME~1\Justine\APPLIC~1\Skype
      [06/01/2008|20:16] C:\DOCUME~1\Justine\APPLIC~1\SlySoft
      [03/05/2008|10:58] C:\DOCUME~1\Justine\APPLIC~1\Sun
      [17/07/2008|18:27] C:\DOCUME~1\Justine\APPLIC~1\Talkback
      [04/03/2009|18:57] C:\DOCUME~1\Justine\APPLIC~1\Windows Live Writer
      [07/04/2008|17:14] C:\DOCUME~1\Justine\APPLIC~1\Yahoo!
      [16/07/2008|19:52] C:\DOCUME~1\Justine\APPLIC~1\ZoomBrowser EX

      [15/02/2008|20:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
      [01/12/2007|20:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\PhotoParade
      [16/02/2007|19:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Roxio

      [15/02/2008|20:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
      [14/11/2007|17:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Roxio

      [27/01/2007|15:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
      [07/11/2007|14:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
      [06/02/2007|16:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
      [21/02/2009|09:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\CameraWindowDC
      [18/02/2009|22:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Canon
      [21/02/2009|09:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\CANON INC
      [09/02/2007|13:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink
      [16/02/2007|21:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Elaborate Bytes
      [17/05/2007|11:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\eMule
      [27/01/2007|17:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
      [14/10/2007|09:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
      [11/11/2007|08:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
      [27/01/2007|01:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
      [21/07/2007|10:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
      [23/02/2009|12:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intelore
      [30/01/2009|22:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
      [21/07/2007|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
      [30/01/2007|18:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
      [17/04/2008|14:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
      [10/09/2008|11:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
      [17/04/2008|00:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nero
      [23/02/2009|19:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org
      [02/02/2007|21:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\River Past G4
      [16/02/2007|19:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Roxio
      [27/01/2007|17:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\ScanSoft
      [31/01/2007|18:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
      [01/02/2009|11:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
      [01/02/2009|08:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM
      [25/06/2007|19:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
      [02/03/2008|10:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Yahoo!
      [13/03/2009|14:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\ZoomBrowser EX

      --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

      [13/03/2009 23:11][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
      [14/03/2009 19:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
      [02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

      --------------------\\ Listing des dossiers dans C:\Program Files

      [10/11/2008|12:14] C:\Program Files\Adobe
      [10/03/2009|16:40] C:\Program Files\Ad-remover
      [16/02/2007|18:39] C:\Program Files\Ahead
      [11/11/2007|07:51] C:\Program Files\Alwil Software
      [27/01/2007|17:30] C:\Program Files\ArcSoft
      [27/01/2007|11:39] C:\Program Files\AvRack
      [11/07/2008|18:08] C:\Program Files\Canon
      [27/01/2007|17:26] C:\Program Files\CanonBJ
      [27/01/2007|01:34] C:\Program Files\ComPlus Applications
      [27/01/2007|12:01] C:\Program Files\CyberLink
      [16/02/2007|19:23] C:\Program Files\DivX
      [01/02/2008|12:31] C:\Program Files\EA GAMES
      [16/02/2007|20:21] C:\Program Files\Elaborate Bytes
      [09/12/2008|09:10] C:\Program Files\eMule
      [17/04/2008|00:03] C:\Program Files\EPSON
      [02/02/2007|21:17] C:\Program Files\FairStars Audio Converter
      [10/03/2009|22:08] C:\Program Files\Fichiers communs
      [17/04/2008|00:25] C:\Program Files\Foxit Software
      [08/12/2007|08:54] C:\Program Files\Gamenext
      [30/12/2008|15:33] C:\Program Files\Google
      [27/01/2007|12:02] C:\Program Files\Grisoft
      [02/02/2007|21:06] C:\Program Files\Illustrate
      [30/03/2007|19:44] C:\Program Files\IncrediMail
      [17/04/2008|14:51] C:\Program Files\InstallShield Installation Information
      [04/12/2007|07:33] C:\Program Files\InterActual
      [14/02/2009|22:57] C:\Program Files\Internet Explorer
      [16/02/2007|20:28] C:\Program Files\InterVideo
      [17/12/2008|08:22] C:\Program Files\Java
      [23/02/2009|18:59] C:\Program Files\JRE
      [17/04/2008|14:51] C:\Program Files\Kit ADSL
      [08/03/2009|09:56] C:\Program Files\Lavasoft
      [18/01/2009|19:46] C:\Program Files\LimeWire
      [21/07/2007|10:23] C:\Program Files\Logitech
      [18/01/2009|19:46] C:\Program Files\Messenger
      [04/01/2009|19:21] C:\Program Files\Messenger Plus! Live
      [02/03/2008|12:35] C:\Program Files\MessengerPlus! 3
      [27/01/2007|10:32] C:\Program Files\Microsoft Calculatrice Plus
      [09/05/2007|20:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [27/01/2007|01:38] C:\Program Files\microsoft frontpage
      [02/02/2007|18:07] C:\Program Files\Microsoft Office
      [12/02/2007|14:54] C:\Program Files\Microsoft R‚f‚rence
      [10/11/2007|12:37] C:\Program Files\Microsoft SQL Server Compact Edition
      [02/02/2007|18:07] C:\Program Files\Microsoft Visual Studio
      [02/02/2007|18:05] C:\Program Files\Microsoft Visual Studio 8
      [02/02/2007|18:07] C:\Program Files\Microsoft Works
      [02/02/2007|18:06] C:\Program Files\Microsoft.NET
      [13/10/2008|16:51] C:\Program Files\Movie Maker
      [14/03/2009|19:36] C:\Program Files\Mozilla Firefox
      [24/07/2007|10:38] C:\Program Files\MSBuild
      [27/01/2007|01:32] C:\Program Files\MSN
      [27/01/2007|01:33] C:\Program Files\MSN Gaming Zone
      [04/07/2007|20:31] C:\Program Files\MSN Messenger
      [27/01/2007|10:38] C:\Program Files\MSXML 4.0
      [24/07/2007|10:40] C:\Program Files\MSXML 6.0
      [24/11/2007|06:28] C:\Program Files\Musicmatch
      [14/03/2009|07:12] C:\Program Files\Navilog1
      [17/04/2008|00:47] C:\Program Files\Nero
      [13/10/2008|16:49] C:\Program Files\NetMeeting
      [16/04/2008|22:05] C:\Program Files\Neuf
      [27/01/2007|01:33] C:\Program Files\Online Services
      [23/02/2009|18:59] C:\Program Files\OpenOffice.org 3
      [13/10/2008|16:49] C:\Program Files\Outlook Express
      [11/11/2007|08:34] C:\Program Files\Papeterie
      [27/01/2007|10:37] C:\Program Files\Pro Imaging Powertoys
      [27/01/2007|11:39] C:\Program Files\Realtek AC97
      [27/01/2007|11:39] C:\Program Files\Realtek Sound Manager
      [24/07/2007|10:35] C:\Program Files\Reference Assemblies
      [02/02/2007|21:10] C:\Program Files\River Past
      [20/02/2007|12:26] C:\Program Files\Roxio
      [27/01/2007|17:33] C:\Program Files\ScanSoft
      [27/01/2007|01:36] C:\Program Files\Services en ligne
      [16/02/2007|19:26] C:\Program Files\SightSpeed
      [01/02/2009|09:21] C:\Program Files\Skype
      [02/02/2007|19:27] C:\Program Files\SlySoft
      [07/03/2009|16:30] C:\Program Files\Spybot - Search & Destroy
      [06/11/2007|18:45] C:\Program Files\Thomson
      [16/02/2009|17:58] C:\Program Files\Trend Micro
      [31/01/2007|18:21] C:\Program Files\UbiSoft
      [27/01/2007|01:44] C:\Program Files\Uninstall Information
      [27/01/2007|10:37] C:\Program Files\UPHClean
      [27/01/2007|10:09] C:\Program Files\VIA
      [11/11/2007|08:14] C:\Program Files\WinAce
      [27/01/2007|10:33] C:\Program Files\Windows Journal Viewer
      [27/02/2008|23:27] C:\Program Files\Windows Live
      [18/01/2009|19:46] C:\Program Files\Windows Live Toolbar
      [18/01/2009|19:46] C:\Program Files\Windows Media Connect 2
      [18/01/2009|19:46] C:\Program Files\Windows Media Player
      [13/10/2008|16:49] C:\Program Files\Windows NT
      [27/01/2007|01:36] C:\Program Files\WindowsUpdate
      [02/02/2007|18:26] C:\Program Files\WinRAR
      [16/04/2008|23:32] C:\Program Files\WinZip
      [27/01/2007|01:38] C:\Program Files\xerox
      [02/03/2008|10:28] C:\Program Files\Yahoo!

      --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

      [10/11/2008|12:14] C:\Program Files\Fichiers communs\Adobe
      [17/04/2008|00:36] C:\Program Files\Fichiers communs\Ahead
      [11/07/2008|18:05] C:\Program Files\Fichiers communs\Canon
      [02/02/2007|18:07] C:\Program Files\Fichiers communs\DESIGNER
      [02/02/2007|21:01] C:\Program Files\Fichiers communs\FotoNation
      [27/01/2007|17:10] C:\Program Files\Fichiers communs\FotoWire
      [27/01/2007|17:33] C:\Program Files\Fichiers communs\InstallShield
      [14/05/2007|22:21] C:\Program Files\Fichiers communs\Java
      [21/07/2007|10:23] C:\Program Files\Fichiers communs\Logitech
      [07/03/2009|17:10] C:\Program Files\Fichiers communs\Microsoft Shared
      [27/01/2007|01:35] C:\Program Files\Fichiers communs\MSSoap
      [17/04/2008|00:49] C:\Program Files\Fichiers communs\Nero
      [27/01/2007|10:36] C:\Program Files\Fichiers communs\Nikon
      [27/01/2007|01:48] C:\Program Files\Fichiers communs\ODBC
      [02/02/2007|21:10] C:\Program Files\Fichiers communs\River Past
      [16/02/2007|19:24] C:\Program Files\Fichiers communs\Roxio Shared
      [24/07/2007|10:05] C:\Program Files\Fichiers communs\Sandlot Shared
      [27/01/2007|17:33] C:\Program Files\Fichiers communs\ScanSoft Shared
      [27/01/2007|01:35] C:\Program Files\Fichiers communs\Services
      [16/02/2007|19:23] C:\Program Files\Fichiers communs\SightSpeed
      [31/05/2008|11:02] C:\Program Files\Fichiers communs\Skype
      [04/12/2007|18:15] C:\Program Files\Fichiers communs\Softwin
      [16/02/2007|19:27] C:\Program Files\Fichiers communs\Sonic Shared
      [27/01/2007|01:48] C:\Program Files\Fichiers communs\SpeechEngines
      [16/02/2007|19:27] C:\Program Files\Fichiers communs\SureThing Shared
      [08/02/2007|16:51] C:\Program Files\Fichiers communs\SWF Studio
      [13/10/2008|16:48] C:\Program Files\Fichiers communs\System
      [10/11/2007|12:28] C:\Program Files\Fichiers communs\WindowsLiveInstaller

      --------------------\\ Process

      ( 52 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Verification du Registre

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-03-14 19:42:24
      Windows 5.1.2600 Service Pack 3 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 374

      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !

      [F:2][D:3]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
      [F:2][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
      [F:6][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

      1 - "C:\Lop SD\LopR_1.txt" - 12/03/2009|16:35 - Option : [1]
      2 - "C:\Lop SD\LopR_2.txt" - 14/03/2009| 6:52 - Option : [2]
      3 - "C:\Lop SD\LopR_3.txt" - 14/03/2009|19:43 - Option : [2]

      --------------------\\ Fin du rapport a 19:43:27
      0
    2. hi jack Messages postés 22 Statut Membre
       
      C'est ça le log txt ?
      Logfile of random's system information tool 1.05 (written by random/random)
      Run by Propriétaire at 2009-03-14 19:48:36
      Microsoft Windows XP Édition familiale Service Pack 3
      System drive C: has 128 GB (80%) free of 160 GB
      Total RAM: 1022 MB (57% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 19:48:44, on 14/03/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16791)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\UPHClean\uphclean.exe
      C:\Program Files\Canon\CAL\CALMAIN.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\taskswitch.exe
      C:\WINDOWS\system32\fast.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\WINDOWS\system32\LVCOMSX.EXE
      C:\Program Files\Logitech\Video\LogiTray.exe
      C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
      C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
      C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
      C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Logitech\Video\FxSvr2.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Windows Media Player\WMPNSCFG.exe
      C:\Program Files\OpenOffice.org 3\program\soffice.exe
      C:\Program Files\OpenOffice.org 3\program\soffice.bin
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
      C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
      O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe
      O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
      O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
      O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
      O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
      O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
      O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
      O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
      O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
      O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe
      O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe
      O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
      O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
      O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
      0
  20. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    re

    as tu encore des problemes ?

    en controle :7

    Fais un scan en ligne Kaspersky :

    • Désactive ton antivirus

    • Rends toi sur ce site : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr (avec Internet Explorer uniquement)

    • En bas à droite, clique sur Démarrer Online-scanner

    • Dans la nouvelle fenêtre qui s'affiche clique sur J'accepte

    • Accepte les Contrôle ActiveX

    • Choisis Poste de travail pour le scan.

    • Celui-ci terminé, sauvegarde le rapport (choisis fichier texte) et poste le dans ta prochaine réponse.

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

    puis

    * Télécharge Malwarebytes https://www.androidworld.fr/
    * Tu auras un tutoriel à ta disposition pour l'installer et l'utiliser correctement.
    * Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
    * Lance une analyse complète en cliquant sur "Exécuter un examen RAPIDE"
    * Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
    * L'analyse peut durer un bon moment.....
    * Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
    * Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
    * Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum

    * Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
    0
    1. hi jack Messages postés 22 Statut Membre
       
      Salut Plopus
      Désolé mais ça ne marche pas , impossible d'ouvrir ou d'ACCEPTER comme Kaspersky me le demande , je suis bloqué.
      J'ai regardé, ce Kaspersky n'est pas déjà sur l'ordi.
      Jack aïe !
      Sinon, oui, j'ai l'impression qu'il m'est toujours impossible de changer de page d'acceuil.
      0
  21. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    ok dans ce cas passe a malwarebyte
    0
    1. hi jack Messages postés 22 Statut Membre
       
      le malwarebytes maintenant
      Malwarebytes' Anti-Malware 1.34
      Version de la base de données: 1851
      Windows 5.1.2600 Service Pack 3

      15/03/2009 12:46:47
      mbam-log-2009-03-15 (12-46-47).txt

      Type de recherche: Examen rapide
      Eléments examinés: 90182
      Temps écoulé: 27 minute(s), 10 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 0
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 1
      Dossier(s) infecté(s): 1
      Fichier(s) infecté(s): 17

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Hijack.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

      Dossier(s) infecté(s):
      C:\WINDOWS\system32\GroupPolicyManifest (Worm.P2P) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\WINDOWS\system32\deploytk32.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\1.music.mp3 (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\1.music.mp3.kwd (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\2.crack.zip (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\2.crack.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\3.video.zip (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\3.video.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\4.setup.zip (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\4.setup.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\5.unpack.zip (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\5.unpack.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\6.limepro.zip (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\6.limepro.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\7.keygen.zip (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\7.keygen.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\8.mpgvideo.mpg (Worm.P2P) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GroupPolicyManifest\8.mpgvideo.mpg.kwd (Worm.P2P) -> Quarantined and deleted successfully.

      A plus
      0
  • 1
  • 2