Rapport d'analyse

Question

Bonjour.
Merci à tous ceux qui pourraient interpretrer ce rapport
car je crains d'être infecté aprés avoir récuperer le pc d'un ami.
Merci à tous


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:54:34, on 24/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\JetAudio\JetAudio.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ahmet\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = ?
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {321F38B6-7E5F-470E-B58C-927523B7AF92} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1069_em_XP.cab
O16 - DPF: {5F4D3335-3194-4167-85AE-E7325F2695EF} - http://us2-scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cab
O16 - DPF: {5FD9726A-4977-449D-8352-25FDD8A510B5} - http://us2-scripts.dlv4.com/binaries/egaccess4/egaccess4_1067_em_XP.cab
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1070_em_XP.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {FA1D6D8F-C6ED-4752-8512-A33283240130} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1066_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{22479A09-E5E8-42F2-9BEA-D1F86119BAD9}: NameServer = 213.154.64.13 213.154.95.126
O17 - HKLM\System\CS1\Services\Tcpip\..\{22479A09-E5E8-42F2-9BEA-D1F86119BAD9}: NameServer = 213.154.64.13 213.154.95.126
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

eZula · Answer

Bonjour,

télécharge GenProc http://www.alt-shift-return.org/Info/Fichiers/GenProc_Beta.zip sur ton bureau

dézippe le dossier, double-clique sur GenProc.bat ] et poste le contenu du rapport qui s'ouvre

Aide en images : http://www.alt-shift-return.org/Info/GenProc-HowTo.html

frenetique · Answer

Ok merci de la rapidité.
J'y vais tout de suite

frenetique · Answer

Ezula,j'attend toujours le rapport qui tarde.
Depuis ,il me demande d'appuyer sur 1 touche pour continuer et rien ne se passe

frenetique · Answer

Ok c'est bon
je poste le rapport ci joint

Rapport GenProc  1.48B [1] effectué le 24/04/2008 à 17:58:14,25 - Windows XP   

Dans CCleaner, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. C'est tout.
 
# Etape 1/ Télécharge :  
  
- Lop S&D.exe https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 (d? Eric 71 & Angeldark) sur ton bureau.
Double-clique dessus pour lancer l'installation, puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clic droit -> "Exécuter en tant qu'Administrateur"). Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche ), et patiente jusqu'à la fin du scan

Poste le rapport généré ( C:\lopR.txt ) ainsi qu'un nouveau rapport GenProc

eZula · Answer

poste donc les deux rapports demandés, pas un de moins

frenetique · Answer

Ok j'attend 2eme rapport ds 1 instant
et merci pour la patience

frenetique · Answer

Voila eZula .pense que tout y est


   -----------------------[  Lop S&D 4.1.1-8  XP/Vista  ]---------------------

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : met ] [ "C:\Lop SD" ]
   [ 24/04/2008 | 18:23:39,51 ] [ PC : MET ]
   [ MAJ : 23-04-2008 | 20:06 ]
 
   -------------[ Listing des dossiers dans Application Data ]------------  

   [10/04/2008|22:30] C:\DOCUME~1\met\APPLIC~1\.
   [10/04/2008|22:30] C:\DOCUME~1\met\APPLIC~1\..
   [16/11/2006|11:05] C:\DOCUME~1\met\APPLIC~1\Adobe
   [16/09/2006|18:54] C:\DOCUME~1\met\APPLIC~1\AdobeUM
   [24/04/2008|15:29] C:\DOCUME~1\met\APPLIC~1\Ahead
   [29/12/2007|15:30] C:\DOCUME~1\met\APPLIC~1\COWON
   [19/09/2006|09:51] C:\DOCUME~1\met\APPLIC~1\DataLayer
   [22/01/2007|18:10] C:\DOCUME~1\met\APPLIC~1\DeepBurner
   [16/09/2006|18:14] C:\DOCUME~1\met\APPLIC~1\desktop.ini
   [29/05/2007|17:21] C:\DOCUME~1\met\APPLIC~1\Droppix
   [15/08/2007|21:34] C:\DOCUME~1\met\APPLIC~1\dvdcss
   [31/10/2006|18:01] C:\DOCUME~1\met\APPLIC~1\Grisbi
   [09/04/2008|14:42] C:\DOCUME~1\met\APPLIC~1\Help
   [16/09/2006|17:27] C:\DOCUME~1\met\APPLIC~1\Identities
   [17/09/2006|13:08] C:\DOCUME~1\met\APPLIC~1\Inkscape
   [22/09/2006|19:52] C:\DOCUME~1\met\APPLIC~1\Leadertech
   [15/04/2008|14:09] C:\DOCUME~1\met\APPLIC~1\LimeWire
   [18/09/2006|21:09] C:\DOCUME~1\met\APPLIC~1\loliregister.ini
   [16/09/2006|18:13] C:\DOCUME~1\met\APPLIC~1\Macromedia
   [19/12/2007|21:30] C:\DOCUME~1\met\APPLIC~1\Microsoft
   [08/04/2008|10:30] C:\DOCUME~1\met\APPLIC~1\Mozilla
   [10/04/2008|22:30] C:\DOCUME~1\met\APPLIC~1\Nero
   [03/06/2007|21:20] C:\DOCUME~1\met\APPLIC~1\NetAppel
   [03/02/2008|10:43] C:\DOCUME~1\met\APPLIC~1\NMM-MetaData.db
   [19/09/2006|09:53] C:\DOCUME~1\met\APPLIC~1\Nokia
   [19/09/2006|09:55] C:\DOCUME~1\met\APPLIC~1\Nokia Multimedia Player
   [24/04/2008|11:57] C:\DOCUME~1\met\APPLIC~1\OpenOffice.org2
   [19/09/2006|09:46] C:\DOCUME~1\met\APPLIC~1\PC Suite
   [18/09/2006|21:41] C:\DOCUME~1\met\APPLIC~1\PDFCreator
   [12/04/2008|19:07] C:\DOCUME~1\met\APPLIC~1\Real
   [11/04/2007|22:09] C:\DOCUME~1\met\APPLIC~1\River Past G5
   [07/06/2007|16:32] C:\DOCUME~1\met\APPLIC~1\RVM
   [16/04/2008|15:24] C:\DOCUME~1\met\APPLIC~1\Skype
   [21/03/2008|20:53] C:\DOCUME~1\met\APPLIC~1\Sony Ericsson
   [20/09/2006|09:48] C:\DOCUME~1\met\APPLIC~1\Sun
   [18/09/2006|21:44] C:\DOCUME~1\met\APPLIC~1\Talkback
   [21/03/2008|20:56] C:\DOCUME~1\met\APPLIC~1\Teleca
   [18/09/2006|21:44] C:\DOCUME~1\met\APPLIC~1\Thunderbird
   [29/12/2007|15:01] C:\DOCUME~1\met\APPLIC~1\U3
   [24/02/2008|12:55] C:\DOCUME~1\met\APPLIC~1\vlc
   [22/01/2008|15:28] C:\DOCUME~1\met\APPLIC~1\WinBatch
   [29/05/2007|17:24] C:\DOCUME~1\met\APPLIC~1\Yahoo!
   [09/06/2007|09:43] C:\DOCUME~1\met\APPLIC~1\Yahoo! Messenger

   [29/03/2008|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
   [29/03/2008|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
   [22/01/2008|09:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
   [14/04/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [21/01/2007|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
   [16/09/2006|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [29/05/2007|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
   [17/09/2006|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [31/07/2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jugs Wave Live Base
   [30/04/2007|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
   [12/12/2007|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
   [09/10/2006|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [06/12/2007|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [19/09/2006|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
   [17/04/2007|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
   [01/05/2007|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [21/03/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
   [23/02/2008|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [21/03/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
   [12/04/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tons Chin Up Balm
   [06/05/2007|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoEgg
   [06/12/2006|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [27/02/2008|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [19/05/2007|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
   [29/05/2007|17:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

   [16/09/2006|18:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
   [16/09/2006|18:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
   [16/09/2006|18:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [16/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [08/01/2008|21:51] C:\DOCUME~1\TOUM~2\APPLIC~1\.
   [08/01/2008|21:51] C:\DOCUME~1\TOUM~2\APPLIC~1\..
   [06/12/2007|16:40] C:\DOCUME~1\TOUM~2\APPLIC~1\Adobe
   [16/09/2006|18:14] C:\DOCUME~1\TOUM~2\APPLIC~1\desktop.ini
   [20/01/2007|22:56] C:\DOCUME~1\TOUM~2\APPLIC~1\Google
   [20/01/2007|22:51] C:\DOCUME~1\TOUM~2\APPLIC~1\Identities
   [21/01/2007|18:31] C:\DOCUME~1\TOUM~2\APPLIC~1\Macromedia
   [14/03/2008|14:35] C:\DOCUME~1\TOUM~2\APPLIC~1\Microsoft
   [20/01/2007|22:57] C:\DOCUME~1\TOUM~2\APPLIC~1\Mozilla
   [25/04/2007|12:03] C:\DOCUME~1\TOUM~2\APPLIC~1\OpenOffice.org2
   [20/01/2007|22:52] C:\DOCUME~1\TOUM~2\APPLIC~1\PC Suite
   [15/03/2007|10:38] C:\DOCUME~1\TOUM~2\APPLIC~1\PDFCreator
   [14/11/2007|10:50] C:\DOCUME~1\TOUM~2\APPLIC~1\Real
   [08/01/2008|21:51] C:\DOCUME~1\TOUM~2\APPLIC~1\Search Settings
   [20/04/2008|16:10] C:\DOCUME~1\TOUM~2\APPLIC~1\Skype
   [15/03/2007|10:46] C:\DOCUME~1\TOUM~2\APPLIC~1\vlc
   [14/07/2007|11:21] C:\DOCUME~1\TOUM~2\APPLIC~1\Yahoo!

   [24/02/2008|13:17] C:\DOCUME~1\TOUM~1\APPLIC~1\.
   [24/02/2008|13:17] C:\DOCUME~1\TOUM~1\APPLIC~1\..
   [14/01/2007|21:14] C:\DOCUME~1\TOUM~1\APPLIC~1\Macromedia
   [20/01/2007|19:09] C:\DOCUME~1\TOUM~1\APPLIC~1\Microsoft
   [14/01/2007|20:59] C:\DOCUME~1\TOUM~1\APPLIC~1\Mozilla
   [20/01/2007|10:24] C:\DOCUME~1\TOUM~1\APPLIC~1\OpenOffice.org2
   [20/01/2007|19:09] C:\DOCUME~1\TOUM~1\APPLIC~1\PC Suite

   [20/01/2007|19:09] C:\DOCUME~1\INVIT~1\APPLIC~1\.
   [20/01/2007|19:09] C:\DOCUME~1\INVIT~1\APPLIC~1\..
   [20/01/2007|19:09] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
   [14/01/2007|20:01] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
   [20/01/2007|19:09] C:\DOCUME~1\INVIT~1\APPLIC~1\PC Suite


   [16/09/2006|17:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
   [16/09/2006|17:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
   [16/09/2006|17:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [16/09/2006|17:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
   [16/09/2006|17:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
   [16/09/2006|17:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   ----------------[ Tâches planifiées dans C:\WINDOWS	asks ]---------------

   [24/04/2008 18:00][--ah-----] C:\WINDOWS	asks\ADB93C899196B031.job
   [08/01/2008 18:27][--a------] C:\WINDOWS	asks\Nettoyage de disque.job
   [24/04/2008 18:19][--ah-----] C:\WINDOWS	asks\SA.DAT
   [28/08/2001 12:00][-r-h-----] C:\WINDOWS	asks\desktop.ini
 
   ---------------[ Listing des dossiers dans C:\Program Files ]--------------
 
   [24/04/2008|14:26] C:\Program Files\.
   [24/04/2008|14:26] C:\Program Files\..
   [01/04/2007|19:26] C:\Program Files\.mcfl.dat
   [26/10/2007|20:07] C:\Program Files\Adobe
   [31/07/2007|12:43] C:\Program Files\Adverts
   [19/12/2007|14:35] C:\Program Files\Ahead
   [20/01/2007|19:06] C:\Program Files\Ahead(2)
   [21/04/2007|20:36] C:\Program Files\AKVIS
   [16/09/2006|17:48] C:\Program Files\Alwil Software
   [02/08/2007|12:21] C:\Program Files\Ares
   [15/04/2008|14:09] C:\Program Files\AresFlashDownloader
   [12/12/2007|16:58] C:\Program Files\AskTBar
   [06/12/2007|16:43] C:\Program Files\Astonsoft
   [04/08/2007|19:13] C:\Program Files\Athan
   [12/04/2008|12:12] C:\Program Files\bendbashdownload
   [02/04/2008|13:09] C:\Program Files\CCleaner
   [06/04/2008|19:14] C:\Program Files\Circle Developement
   [16/09/2006|17:08] C:\Program Files\ComPlus Applications
   [14/10/2006|21:03] C:\Program Files\Delta-Expert
   [19/09/2006|09:46] C:\Program Files\DIFX
   [18/12/2006|21:10] C:\Program Files\Epinoisis Software
   [12/04/2008|19:00] C:\Program Files\Fichiers communs
   [15/04/2008|14:09] C:\Program Files\FlashGet
   [16/12/2006|15:28] C:\Program Files\Fonezy
   [19/12/2007|20:59] C:\Program Files\FreeMind
   [06/12/2007|16:41] C:\Program Files\GIMP-2.0
   [15/04/2008|08:33] C:\Program Files\InstallShield Installation Information
   [20/03/2008|23:26] C:\Program Files\Internet Explorer
   [08/04/2008|10:10] C:\Program Files\Java
   [29/12/2007|15:30] C:\Program Files\JetAudio
   [21/02/2008|16:47] C:\Program Files\LimeWire
   [18/09/2006|21:35] C:\Program Files\loliwin
   [16/09/2006|23:44] C:\Program Files\Messenger
   [12/04/2008|12:09] C:\Program Files\Messenger Plus! Live
   [16/09/2006|17:16] C:\Program Files\microsoft frontpage
   [19/12/2007|18:32] C:\Program Files\Microsoft SQL Server Compact Edition
   [25/09/2006|19:54] C:\Program Files\MOBILedit!
   [16/09/2006|17:10] C:\Program Files\Movie Maker
   [24/04/2008|18:23] C:\Program Files\Mozilla Firefox
   [16/09/2006|17:07] C:\Program Files\MSN
   [16/09/2006|17:08] C:\Program Files\MSN Gaming Zone
   [15/04/2008|14:09] C:\Program Files\MSN Messenger
   [17/11/2006|20:58] C:\Program Files\MSXML 4.0
   [19/12/2007|15:32] C:\Program Files\Nero
   [16/09/2006|17:11] C:\Program Files\NetMeeting
   [19/09/2006|09:45] C:\Program Files\Nokia
   [16/09/2006|17:08] C:\Program Files\Online Services
   [27/02/2007|18:31] C:\Program Files\OpenOffice.org 2.0
   [13/03/2008|10:38] C:\Program Files\OpenOffice.org 2.1
   [13/03/2008|18:17] C:\Program Files\OpenOffice.org 2.3
   [14/06/2007|08:38] C:\Program Files\Outlook Express
   [29/05/2007|17:20] C:\Program Files\PhotoDeluxe BE 1.0 TO
   [12/04/2008|18:48] C:\Program Files\Real
   [10/10/2006|07:55] C:\Program Filesnamfler
   [29/05/2007|17:22] C:\Program Files\SAGEM
   [16/09/2006|17:12] C:\Program Files\Services en ligne
   [26/07/2007|14:45] C:\Program Files\setupfre.exe
   [29/05/2007|17:22] C:\Program Files\Skype
   [21/01/2008|16:05] C:\Program Files\SlySoft
   [20/03/2008|23:44] C:\Program Files\Sony Ericsson
   [23/02/2008|21:32] C:\Program Files\Spybot - Search & Destroy
   [18/12/2006|20:30] C:\Program Files\TallStick
   [01/06/2007|12:24] C:\Program Files\The Koran
   [15/04/2008|08:33] C:\Program Files\ToniArts
   [16/09/2006|17:27] C:\Program Files\Uninstall Information
   [20/01/2007|19:07] C:\Program Files\VCW VicMan's Photo Editor
   [29/05/2007|17:22] C:\Program Files\VideoEgg
   [24/02/2008|13:09] C:\Program Files\VideoLAN
   [16/12/2006|15:21] C:\Program Files\VVSN
   [15/12/2007|19:19] C:\Program Files\Windows Live
   [19/12/2007|18:30] C:\Program Files\Windows Live Toolbar
   [20/01/2007|19:10] C:\Program Files\Windows Media Connect 2
   [29/03/2008|10:44] C:\Program Files\Windows Media Player
   [16/09/2006|17:08] C:\Program Files\Windows NT
   [16/09/2006|17:12] C:\Program Files\WindowsUpdate
   [30/07/2007|13:44] C:\Program Files\WinRAR
   [30/07/2007|18:16] C:\Program Files\Wondershare
   [20/12/2007|16:34] C:\Program Files\WordBiz
   [16/09/2006|17:16] C:\Program Files\xerox
   [16/09/2006|18:06] C:\Program Files\Yahoo!
   [16/01/2007|10:30] C:\Program Files\Zinf
   [28/07/2007|09:52] C:\Program Files\zlsSetup_70_337_000_fr.exe
   [12/12/2007|20:18] C:\Program Files\Zone Labs
  
   ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
   
   [12/04/2008|19:00] C:\Program Files\Fichiers communs\.
   [12/04/2008|19:00] C:\Program Files\Fichiers communs\..
   [26/10/2007|20:09] C:\Program Files\Fichiers communs\Adobe
   [19/12/2007|15:38] C:\Program Files\Fichiers communs\Ahead
   [20/01/2007|19:06] C:\Program Files\Fichiers communs\Ahead(2)
   [18/09/2006|21:37] C:\Program Files\Fichiers communs\GTK
   [16/12/2007|20:05] C:\Program Files\Fichiers communs\InstallShield
   [16/09/2006|18:02] C:\Program Files\Fichiers communs\Java
   [29/05/2007|17:21] C:\Program Files\Fichiers communs\LightScribe
   [19/12/2007|18:21] C:\Program Files\Fichiers communs\Microsoft Shared
   [16/09/2006|17:10] C:\Program Files\Fichiers communs\MSSoap
   [16/09/2006|18:31] C:\Program Files\Fichiers communs\Nero
   [19/09/2006|09:45] C:\Program Files\Fichiers communs\Nokia
   [16/09/2006|18:14] C:\Program Files\Fichiers communs\ODBC
   [19/09/2006|09:45] C:\Program Files\Fichiers communs\PCSuite
   [12/04/2008|18:59] C:\Program Files\Fichiers communs\Real
   [16/09/2006|17:11] C:\Program Files\Fichiers communs\Services
   [29/05/2007|17:22] C:\Program Files\Fichiers communs\Skype
   [16/12/2007|20:08] C:\Program Files\Fichiers communs\snpstd
   [21/03/2008|19:50] C:\Program Files\Fichiers communs\Sony Ericsson Shared
   [16/09/2006|18:14] C:\Program Files\Fichiers communs\SpeechEngines
   [28/12/2007|20:33] C:\Program Files\Fichiers communs\SWF Studio
   [14/06/2007|08:38] C:\Program Files\Fichiers communs\System
   [21/03/2008|19:50] C:\Program Files\Fichiers communs\Teleca Shared
   [15/12/2007|19:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [12/04/2008|19:00] C:\Program Files\Fichiers communs\xing shared

   ----------------------[ Recherche avec S_Lop ]---------------------

   Aucun fichier / dossier Lop trouvé ! 
 
   -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

   C:\Program Files\Adverts
   C:\Program Files\Circle Developement
   C:\Program Files\Circle Developement\Uninstall.exe
   C:\WINDOWS\Tasks\ADB93C899196B031.job
 
   ----------------------[ Verification du Registre ]----------------------
 
   ..... OK !

   --------------------[ Verification du fichier Hosts ]---------------------

   Fichier Hosts MODIFIE

   127.0.0.1 bin.errorprotector.com ## added by CiD
   127.0.0.1 br.errorsafe.com ## added by CiD
   127.0.0.1 br.winantivirus.com ## added by CiD
   127.0.0.1 br.winfixer.com ## added by CiD
   127.0.0.1 de.errorsafe.com ## added by CiD
   127.0.0.1 de.winantivirus.com ## added by CiD
   127.0.0.1 download.cdn.winsoftware.com ## added by CiD
   127.0.0.1 download.errorsafe.com ## added by CiD
   127.0.0.1 download.systemdoctor.com ## added by CiD
   127.0.0.1 download.winantispyware.com ## added by CiD
   127.0.0.1 download.windrivecleaner.com ## added by CiD
   127.0.0.1 download.winfixer.com ## added by CiD
   127.0.0.1 drivecleaner.com ## added by CiD
   127.0.0.1 dynamique.drivecleaner.com ## added by CiD
   127.0.0.1 errorprotector.com ## added by CiD
   127.0.0.1 errorsafe.com ## added by CiD
   127.0.0.1 es.winantivirus.com ## added by CiD
   127.0.0.1 fr.winantivirus.com ## added by CiD
   127.0.0.1 fr.winfixer.com ## added by CiD
   127.0.0.1 go.drivecleaner.com ## added by CiD
   127.0.0.1 go.errorsafe.com ## added by CiD
   127.0.0.1 go.winantispyware.com ## added by CiD
   127.0.0.1 go.winantivirus.com ## added by CiD
   127.0.0.1 hk.winantivirus.com ## added by CiD
   127.0.0.1 instlog.errorsafe.com ## added by CiD
   127.0.0.1 instlog.winantivirus.com ## added by CiD
   127.0.0.1 jsp.drivecleaner.com ## added by CiD
   127.0.0.1 kb.errorsafe.com ## added by CiD
   127.0.0.1 kb.winantivirus.com ## added by CiD
   127.0.0.1 nl.errorsafe.com ## added by CiD
   127.0.0.1 se.errorsafe.com ## added by CiD
   127.0.0.1 secure.drivecleaner.com ## added by CiD
   127.0.0.1 secure.errorsafe.com ## added by CiD
   127.0.0.1 secure.winantispam.com ## added by CiD
   127.0.0.1 secure.winantispy.com ## added by CiD
   127.0.0.1 secure.winantivirus.com ## added by CiD
   127.0.0.1 support.winantivirus.com ## added by CiD
   127.0.0.1 ulog.winantivirus.com ## added by CiD
   127.0.0.1 utils.errorsafe.com ## added by CiD
   127.0.0.1 utils.winantivirus.com ## added by CiD
   127.0.0.1 winantispyware.com ## added by CiD
   127.0.0.1 winantivirus.com ## added by CiD
   127.0.0.1 winfixer.com ## added by CiD
   127.0.0.1 www.drivecleaner.com ## added by CiD
   127.0.0.1 www.errorprotector.com ## added by CiD
   127.0.0.1 www.errorsafe.com ## added by CiD
   127.0.0.1 www.systemdoctor.com ## added by CiD
   127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
   127.0.0.1 www.win-virus-pro.com ## added by CiD
   127.0.0.1 www.winantispam.com ## added by CiD
   127.0.0.1 www.winantispy.com ## added by CiD
   127.0.0.1 www.winantispyware.com ## added by CiD
   127.0.0.1 www.winantivirus.com ## added by CiD
   127.0.0.1 www.winantiviruspro.com ## added by CiD
   127.0.0.1 www.windrivecleaner.com ## added by CiD
   127.0.0.1 www.windrivesafe.com ## added by CiD
   127.0.0.1 www.winfixer.com ## added by CiD
   127.0.0.1 cdn.drivecleaner.com ## added by CiD
   127.0.0.1 cdn.errorsafe.com ## added by CiD
   127.0.0.1 cdn.winsoftware.com ## added by CiD
   127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
   127.0.0.1 download.cdn.errorsafe.com ## added by CiD
   127.0.0.1 instlog.winfixer.com ## added by CiD
   127.0.0.1 trial.updates.winsoftware.com ## added by CiD
   127.0.0.1 utils.winfixer.com ## added by CiD
   127.0.0.1 winfixer2006.com ## added by CiD
   127.0.0.1 winsoftware.com ## added by CiD
   127.0.0.1 www.utils.winfixer.com ## added by CiD
   127.0.0.1 www.winfixer2006.com ## added by CiD
   127.0.0.1 www.winsoftware.com ## added by CiD

   -> 72 ( 70 ## added by CiD )

   /!\ 1 Not 127.0.0.1  !!

   ----------------[ Recherche de fichiers avec Catchme ]-----------------
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-04-24 18:28:56
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------[ Recherche d'autres infections ]---------------------

   C:\WINDOWS\pack.epk
   C:\WINDOWS\system32\pqkvvfuq_navps.dat  
   C:\WINDOWS\system32\uubinjekaq_navps.dat  
   C:\WINDOWS\system32\pqkvvfuq_nav.dat 
   C:\WINDOWS\system32\pqkvvfuq.dat  
   C:\WINDOWS\system32\uubinjekaq_nav.dat 
   C:\WINDOWS\system32\uubinjekaq.dat  
   [b]! EGDACCESS !/b
 

   /!\ [Fich:55][Doss:13] C:\WINDOWS\TEMP
   /!\ [Fich:5][Doss:0] C:\DOCUME~1\met\Cookies
   /!\ [Fich:401][Doss:4] C:\DOCUME~1\met\LOCALS~1\TEMPOR~1\content.IE5

   --------------------[ Fin du rapport a 18:32:03,28  ]----------------------

eZula · Answer

Il manque le deuxième rapport GenProc

frenetique · Answer

eZula voudra bien excuser ma lenteur due à l'inexpérience informatique.
 Pense que tout est là

Rapport GenProc  1.48B [2] effectué le 24/04/2008 à 18:53:27,93 - Windows XP   

# Etape 1/ Télécharge :  
  
- Navilog1 (par IL_MAFIOSO) http://il.mafioso.pagesperso-orange.fr/Navifix/Navilog1.exe sur ton bureau. Double clique sur navilog1.exe pour lancer l'installation, et suis les instructions jusqu'à  la fin de l'installation.  C'est tout pour le moment. 
 
- BTFix (de Bibi26) http://cluster1.easy-hebergement.net/ et dézippe l'archive sur ton Bureau. 
 
- MSNFix.zip (de !aur3n7) http://sosvirus.changelog.fr/MSNFix.zip et décompresse-le sur le Bureau. 
 
 
***** Copie ce qui suit dans un fichier texte et redémarre en mode sans échec comme indiqué ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ (choisis ta session courante "Ahmet") ***** 
 
 
# Etape 2/ 
 
* Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider ; choisis ta langue et valide, le fix va s'exécuter automatiquement. Patiente jusqu'au message : *** Nettoyage Termine le ..... ***, le bloc note va s'ouvrir : sauvegarde le rapport de manière à le retrouver, puis referme le blocnote. Ton bureau va réapparaitre
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches, puis rends-toi à l'onglet "processus" ; clique en haut à gauche sur fichiers et choisis "exécuter", tape explorer et valide. Celà fera apparaitre ton bureau.

* Démarrer -> panneau de configuration -> options internet
Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

electronic-group - egroup - Montorgueil - VIP - "Sunny Day Design Ltd" - oooFavorite

=> Supprime-les tous 
 
# Etape 3/ 
 
Ouvre BTFix, puis clique sur Nettoyer. Un rapport va apparaître, sauvegarde-le sur ton bureau. 
 
# Etape 4/ 
 
Lance le fichier MSNFix.bat qui se trouve dans le dossier MSNfix, sur le bureau.
- Exécute l'option R.
- Si l'infection est détectée, exécute l'option N.
- Sauvegarde ce rapport sur ton bureau. 
 
# Etape 5/ 
 
Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout. 
 
# Etape 6/ 

Redémarre normalement et poste : 
- Un nouveau rapport HijackThis, toutes fenêtres et applications fermées http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis.exe ; 
- Le contenu du fichier cleannavi.txt  qui se trouve dans Poste de travail  C:\ ; 
- Le contenu du rapport MSNfix situé sur le Bureau ; 
- Le contenu du rapport BTFix que tu as sauvegardé ; 


Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.

eZula · Answer

alors voilà la suite : tu suis toutesles étapes décrtites par GenProc. Juste avant l'étape 6, et toujours en mode sans échec, Relance Lop S&D

# Choisis cette fois ci l'Option 2 ( Suppression )
# Ne ferme pas la fenêtre lors de la suppression !
# Poste le rapport généré ( C:\lopR.txt )

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Tu passes ensuite à l'étape 6, puis tu reviens avec TOUS les rapports demandés, en précisant l'évolution de la situtation comme indiqué. Je compte sur toi pour ne rien oublier.

frenetique · Answer

Bien compris . Ainsi vais le faire comme indiqué et je reviens

frenetique · Answer

Ah!! suis désolé pour ce retard du encore à l'inexpérience.
J'ai du tout reprendre.
Pense que cette fois c'est la bonne.
Si toutefois vs n'etes plus en ligne, je comprendrais et consulterai
demain matin pour connaitre résultat final
Encore merci pour l'assistance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:44:25, on 24/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\SoftwareDistribution\Download\d05de61e582a01d1969c7442eab9add6\update\update.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = ?
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {321F38B6-7E5F-470E-B58C-927523B7AF92} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1069_em_XP.cab
O16 - DPF: {5F4D3335-3194-4167-85AE-E7325F2695EF} - http://us2-scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cab
O16 - DPF: {5FD9726A-4977-449D-8352-25FDD8A510B5} - http://us2-scripts.dlv4.com/binaries/egaccess4/egaccess4_1067_em_XP.cab
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1070_em_XP.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {FA1D6D8F-C6ED-4752-8512-A33283240130} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1066_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{22479A09-E5E8-42F2-9BEA-D1F86119BAD9}: NameServer = 213.154.64.13 213.154.95.126
O17 - HKLM\System\CS1\Services\Tcpip\..\{22479A09-E5E8-42F2-9BEA-D1F86119BAD9}: NameServer = 213.154.64.13 213.154.95.126
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

eZula · Answer

- le rapport CCleaner n'était pas demandé
- il manque le rapport cleannavi.txt
- il manque le rapport lopSD
- il manque tes commentaires sur "Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation."

frenetique · Answer

Bonjour ezula.

Merci encore de  la patience...

rapports et commentaire






   -----------------------[  Lop S&D 4.1.1-8  XP/Vista  ]---------------------

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : met ] [ "C:\Lop SD" ]
   [ 24/04/2008 | 18:23:39,51 ] [ PC : METH ]
   [ MAJ : 23-04-2008 | 20:06 ]
 
   -------------[ Listing des dossiers dans Application Data ]------------  

   [10/04/2008|22:30] C:\DOCUME~1\met\APPLIC~1\.
   [10/04/2008|22:30] C:\DOCUME~1\met\APPLIC~1\..
   [16/11/2006|11:05] C:\DOCUME~1\met\APPLIC~1\Adobe
   [16/09/2006|18:54] C:\DOCUME~1\met\APPLIC~1\AdobeUM
   [24/04/2008|15:29] C:\DOCUME~1\met\APPLIC~1\Ahead
   [29/12/2007|15:30] C:\DOCUME~1\met\APPLIC~1\COWON
   [19/09/2006|09:51] C:\DOCUME~1\met\APPLIC~1\DataLayer
   [22/01/2007|18:10] C:\DOCUME~1\met\APPLIC~1\DeepBurner
   [16/09/2006|18:14] C:\DOCUME~1\met\APPLIC~1\desktop.ini
   [29/05/2007|17:21] C:\DOCUME~1\met\APPLIC~1\Droppix
   [15/08/2007|21:34] C:\DOCUME~1\met\APPLIC~1\dvdcss
   [31/10/2006|18:01] C:\DOCUME~1\met\APPLIC~1\Grisbi
   [09/04/2008|14:42] C:\DOCUME~1\met\APPLIC~1\Help
   [16/09/2006|17:27] C:\DOCUME~1\met\APPLIC~1\Identities
   [17/09/2006|13:08] C:\DOCUME~1\met\APPLIC~1\Inkscape
   [22/09/2006|19:52] C:\DOCUME~1\met\APPLIC~1\Leadertech
   [15/04/2008|14:09] C:\DOCUME~1\met\APPLIC~1\LimeWire
   [18/09/2006|21:09] C:\DOCUME~1\met\APPLIC~1\loliregister.ini
   [16/09/2006|18:13] C:\DOCUME~1\met\APPLIC~1\Macromedia
   [19/12/2007|21:30] C:\DOCUME~1\met\APPLIC~1\Microsoft
   [08/04/2008|10:30] C:\DOCUME~1\met\APPLIC~1\Mozilla
   [10/04/2008|22:30] C:\DOCUME~1\met\APPLIC~1\Nero
   [03/06/2007|21:20] C:\DOCUME~1\met\APPLIC~1\NetAppel
   [03/02/2008|10:43] C:\DOCUME~1\met\APPLIC~1\NMM-MetaData.db
   [19/09/2006|09:53] C:\DOCUME~1\met\APPLIC~1\Nokia
   [19/09/2006|09:55] C:\DOCUME~1\met\APPLIC~1\Nokia Multimedia Player
   [24/04/2008|11:57] C:\DOCUME~1\met\APPLIC~1\OpenOffice.org2
   [19/09/2006|09:46] C:\DOCUME~1\met\APPLIC~1\PC Suite
   [18/09/2006|21:41] C:\DOCUME~1\met\APPLIC~1\PDFCreator
   [12/04/2008|19:07] C:\DOCUME~1\met\APPLIC~1\Real
   [11/04/2007|22:09] C:\DOCUME~1\met\APPLIC~1\River Past G5
   [07/06/2007|16:32] C:\DOCUME~1\met\APPLIC~1\RVM
   [16/04/2008|15:24] C:\DOCUME~1\met\APPLIC~1\Skype
   [21/03/2008|20:53] C:\DOCUME~1\met\APPLIC~1\Sony Ericsson
   [20/09/2006|09:48] C:\DOCUME~1\met\APPLIC~1\Sun
   [18/09/2006|21:44] C:\DOCUME~1\met\APPLIC~1\Talkback
   [21/03/2008|20:56] C:\DOCUME~1\met\APPLIC~1\Teleca
   [18/09/2006|21:44] C:\DOCUME~1\met\APPLIC~1\Thunderbird
   [29/12/2007|15:01] C:\DOCUME~1\met\APPLIC~1\U3
   [24/02/2008|12:55] C:\DOCUME~1\met\APPLIC~1\vlc
   [22/01/2008|15:28] C:\DOCUME~1\met\APPLIC~1\WinBatch
   [29/05/2007|17:24] C:\DOCUME~1\met\APPLIC~1\Yahoo!
   [09/06/2007|09:43] C:\DOCUME~1\met\APPLIC~1\Yahoo! Messenger

   [29/03/2008|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
   [29/03/2008|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
   [22/01/2008|09:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
   [14/04/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [21/01/2007|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
   [16/09/2006|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [29/05/2007|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
   [17/09/2006|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [31/07/2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jugs Wave Live Base
   [30/04/2007|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
   [12/12/2007|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
   [09/10/2006|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [06/12/2007|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [19/09/2006|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
   [17/04/2007|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
   [01/05/2007|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [21/03/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
   [23/02/2008|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [21/03/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
   [12/04/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tons Chin Up Balm
   [06/05/2007|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoEgg
   [06/12/2006|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [27/02/2008|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [19/05/2007|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
   [29/05/2007|17:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

   [16/09/2006|18:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
   [16/09/2006|18:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
   [16/09/2006|18:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [16/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [08/01/2008|21:51] C:\DOCUME~1\TOUM~2\APPLIC~1\.
   [08/01/2008|21:51] C:\DOCUME~1\TOUM~2\APPLIC~1\..
   [06/12/2007|16:40] C:\DOCUME~1\TOUM~2\APPLIC~1\Adobe
   [16/09/2006|18:14] C:\DOCUME~1\TOUM~2\APPLIC~1\desktop.ini
   [20/01/2007|22:56] C:\DOCUME~1\TOUM~2\APPLIC~1\Google
   [20/01/2007|22:51] C:\DOCUME~1\TOUM~2\APPLIC~1\Identities
   [21/01/2007|18:31] C:\DOCUME~1\TOUM~2\APPLIC~1\Macromedia
   [14/03/2008|14:35] C:\DOCUME~1\TOUM~2\APPLIC~1\Microsoft
   [20/01/2007|22:57] C:\DOCUME~1\TOUM~2\APPLIC~1\Mozilla
   [25/04/2007|12:03] C:\DOCUME~1\TOUM~2\APPLIC~1\OpenOffice.org2
   [20/01/2007|22:52] C:\DOCUME~1\TOUM~2\APPLIC~1\PC Suite
   [15/03/2007|10:38] C:\DOCUME~1\TOUM~2\APPLIC~1\PDFCreator
   [14/11/2007|10:50] C:\DOCUME~1\TOUM~2\APPLIC~1\Real
   [08/01/2008|21:51] C:\DOCUME~1\TOUM~2\APPLIC~1\Search Settings
   [20/04/2008|16:10] C:\DOCUME~1\TOUM~2\APPLIC~1\Skype
   [15/03/2007|10:46] C:\DOCUME~1\TOUM~2\APPLIC~1\vlc
   [14/07/2007|11:21] C:\DOCUME~1\TOUM~2\APPLIC~1\Yahoo!

   [24/02/2008|13:17] C:\DOCUME~1\TOUM~1\APPLIC~1\.
   [24/02/2008|13:17] C:\DOCUME~1\TOUM~1\APPLIC~1\..
   [14/01/2007|21:14] C:\DOCUME~1\TOUM~1\APPLIC~1\Macromedia
   [20/01/2007|19:09] C:\DOCUME~1\TOUM~1\APPLIC~1\Microsoft
   [14/01/2007|20:59] C:\DOCUME~1\TOUM~1\APPLIC~1\Mozilla
   [20/01/2007|10:24] C:\DOCUME~1TOUM~1\APPLIC~1\OpenOffice.org2
   [20/01/2007|19:09] C:\DOCUME~1\TOUM~1\APPLIC~1\PC Suite

   [20/01/2007|19:09] C:\DOCUME~1\INVIT~1\APPLIC~1\.
   [20/01/2007|19:09] C:\DOCUME~1\INVIT~1\APPLIC~1\..
   [20/01/2007|19:09] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
   [14/01/2007|20:01] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
   [20/01/2007|19:09] C:\DOCUME~1\INVIT~1\APPLIC~1\PC Suite


   [16/09/2006|17:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
   [16/09/2006|17:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
   [16/09/2006|17:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [16/09/2006|17:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
   [16/09/2006|17:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
   [16/09/2006|17:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   ----------------[ Tâches planifiées dans C:\WINDOWS	asks ]---------------

   [24/04/2008 18:00][--ah-----] C:\WINDOWS	asks\ADB93C899196B031.job
   [08/01/2008 18:27][--a------] C:\WINDOWS	asks\Nettoyage de disque.job
   [24/04/2008 18:19][--ah-----] C:\WINDOWS	asks\SA.DAT
   [28/08/2001 12:00][-r-h-----] C:\WINDOWS	asks\desktop.ini
 
   ---------------[ Listing des dossiers dans C:\Program Files ]--------------
 
   [24/04/2008|14:26] C:\Program Files\.
   [24/04/2008|14:26] C:\Program Files\..
   [01/04/2007|19:26] C:\Program Files\.mcfl.dat
   [26/10/2007|20:07] C:\Program Files\Adobe
   [31/07/2007|12:43] C:\Program Files\Adverts
   [19/12/2007|14:35] C:\Program Files\Ahead
   [20/01/2007|19:06] C:\Program Files\Ahead(2)
   [21/04/2007|20:36] C:\Program Files\AKVIS
   [16/09/2006|17:48] C:\Program Files\Alwil Software
   [02/08/2007|12:21] C:\Program Files\Ares
   [15/04/2008|14:09] C:\Program Files\AresFlashDownloader
   [12/12/2007|16:58] C:\Program Files\AskTBar
   [06/12/2007|16:43] C:\Program Files\Astonsoft
   [04/08/2007|19:13] C:\Program Files\Athan
   [12/04/2008|12:12] C:\Program Files\bendbashdownload
   [02/04/2008|13:09] C:\Program Files\CCleaner
   [06/04/2008|19:14] C:\Program Files\Circle Developement
   [16/09/2006|17:08] C:\Program Files\ComPlus Applications
   [14/10/2006|21:03] C:\Program Files\Delta-Expert
   [19/09/2006|09:46] C:\Program Files\DIFX
   [18/12/2006|21:10] C:\Program Files\Epinoisis Software
   [12/04/2008|19:00] C:\Program Files\Fichiers communs
   [15/04/2008|14:09] C:\Program Files\FlashGet
   [16/12/2006|15:28] C:\Program Files\Fonezy
   [19/12/2007|20:59] C:\Program Files\FreeMind
   [06/12/2007|16:41] C:\Program Files\GIMP-2.0
   [15/04/2008|08:33] C:\Program Files\InstallShield Installation Information
   [20/03/2008|23:26] C:\Program Files\Internet Explorer
   [08/04/2008|10:10] C:\Program Files\Java
   [29/12/2007|15:30] C:\Program Files\JetAudio
   [21/02/2008|16:47] C:\Program Files\LimeWire
   [18/09/2006|21:35] C:\Program Files\loliwin
   [16/09/2006|23:44] C:\Program Files\Messenger
   [12/04/2008|12:09] C:\Program Files\Messenger Plus! Live
   [16/09/2006|17:16] C:\Program Files\microsoft frontpage
   [19/12/2007|18:32] C:\Program Files\Microsoft SQL Server Compact Edition
   [25/09/2006|19:54] C:\Program Files\MOBILedit!
   [16/09/2006|17:10] C:\Program Files\Movie Maker
   [24/04/2008|18:23] C:\Program Files\Mozilla Firefox
   [16/09/2006|17:07] C:\Program Files\MSN
   [16/09/2006|17:08] C:\Program Files\MSN Gaming Zone
   [15/04/2008|14:09] C:\Program Files\MSN Messenger
   [17/11/2006|20:58] C:\Program Files\MSXML 4.0
   [19/12/2007|15:32] C:\Program Files\Nero
   [16/09/2006|17:11] C:\Program Files\NetMeeting
   [19/09/2006|09:45] C:\Program Files\Nokia
   [16/09/2006|17:08] C:\Program Files\Online Services
   [27/02/2007|18:31] C:\Program Files\OpenOffice.org 2.0
   [13/03/2008|10:38] C:\Program Files\OpenOffice.org 2.1
   [13/03/2008|18:17] C:\Program Files\OpenOffice.org 2.3
   [14/06/2007|08:38] C:\Program Files\Outlook Express
   [29/05/2007|17:20] C:\Program Files\PhotoDeluxe BE 1.0 TO
   [12/04/2008|18:48] C:\Program Files\Real
   [10/10/2006|07:55] C:\Program Filesnamfler
   [29/05/2007|17:22] C:\Program Files\SAGEM
   [16/09/2006|17:12] C:\Program Files\Services en ligne
   [26/07/2007|14:45] C:\Program Files\setupfre.exe
   [29/05/2007|17:22] C:\Program Files\Skype
   [21/01/2008|16:05] C:\Program Files\SlySoft
   [20/03/2008|23:44] C:\Program Files\Sony Ericsson
   [23/02/2008|21:32] C:\Program Files\Spybot - Search & Destroy
   [18/12/2006|20:30] C:\Program Files\TallStick
   [01/06/2007|12:24] C:\Program Files\The Koran
   [15/04/2008|08:33] C:\Program Files\ToniArts
   [16/09/2006|17:27] C:\Program Files\Uninstall Information
   [20/01/2007|19:07] C:\Program Files\VCW VicMan's Photo Editor
   [29/05/2007|17:22] C:\Program Files\VideoEgg
   [24/02/2008|13:09] C:\Program Files\VideoLAN
   [16/12/2006|15:21] C:\Program Files\VVSN
   [15/12/2007|19:19] C:\Program Files\Windows Live
   [19/12/2007|18:30] C:\Program Files\Windows Live Toolbar
   [20/01/2007|19:10] C:\Program Files\Windows Media Connect 2
   [29/03/2008|10:44] C:\Program Files\Windows Media Player
   [16/09/2006|17:08] C:\Program Files\Windows NT
   [16/09/2006|17:12] C:\Program Files\WindowsUpdate
   [30/07/2007|13:44] C:\Program Files\WinRAR
   [30/07/2007|18:16] C:\Program Files\Wondershare
   [20/12/2007|16:34] C:\Program Files\WordBiz
   [16/09/2006|17:16] C:\Program Files\xerox
   [16/09/2006|18:06] C:\Program Files\Yahoo!
   [16/01/2007|10:30] C:\Program Files\Zinf
   [28/07/2007|09:52] C:\Program Files\zlsSetup_70_337_000_fr.exe
   [12/12/2007|20:18] C:\Program Files\Zone Labs
  
   ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
   
   [12/04/2008|19:00] C:\Program Files\Fichiers communs\.
   [12/04/2008|19:00] C:\Program Files\Fichiers communs\..
   [26/10/2007|20:09] C:\Program Files\Fichiers communs\Adobe
   [19/12/2007|15:38] C:\Program Files\Fichiers communs\Ahead
   [20/01/2007|19:06] C:\Program Files\Fichiers communs\Ahead(2)
   [18/09/2006|21:37] C:\Program Files\Fichiers communs\GTK
   [16/12/2007|20:05] C:\Program Files\Fichiers communs\InstallShield
   [16/09/2006|18:02] C:\Program Files\Fichiers communs\Java
   [29/05/2007|17:21] C:\Program Files\Fichiers communs\LightScribe
   [19/12/2007|18:21] C:\Program Files\Fichiers communs\Microsoft Shared
   [16/09/2006|17:10] C:\Program Files\Fichiers communs\MSSoap
   [16/09/2006|18:31] C:\Program Files\Fichiers communs\Nero
   [19/09/2006|09:45] C:\Program Files\Fichiers communs\Nokia
   [16/09/2006|18:14] C:\Program Files\Fichiers communs\ODBC
   [19/09/2006|09:45] C:\Program Files\Fichiers communs\PCSuite
   [12/04/2008|18:59] C:\Program Files\Fichiers communs\Real
   [16/09/2006|17:11] C:\Program Files\Fichiers communs\Services
   [29/05/2007|17:22] C:\Program Files\Fichiers communs\Skype
   [16/12/2007|20:08] C:\Program Files\Fichiers communs\snpstd
   [21/03/2008|19:50] C:\Program Files\Fichiers communs\Sony Ericsson Shared
   [16/09/2006|18:14] C:\Program Files\Fichiers communs\SpeechEngines
   [28/12/2007|20:33] C:\Program Files\Fichiers communs\SWF Studio
   [14/06/2007|08:38] C:\Program Files\Fichiers communs\System
   [21/03/2008|19:50] C:\Program Files\Fichiers communs\Teleca Shared
   [15/12/2007|19:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [12/04/2008|19:00] C:\Program Files\Fichiers communs\xing shared

   ----------------------[ Recherche avec S_Lop ]---------------------

   Aucun fichier / dossier Lop trouvé ! 
 
   -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

   C:\Program Files\Adverts
   C:\Program Files\Circle Developement
   C:\Program Files\Circle Developement\Uninstall.exe
   C:\WINDOWS\Tasks\ADB93C899196B031.job
 
   ----------------------[ Verification du Registre ]----------------------
 
   ..... OK !

   --------------------[ Verification du fichier Hosts ]---------------------

   Fichier Hosts MODIFIE

   127.0.0.1 bin.errorprotector.com ## added by CiD
   127.0.0.1 br.errorsafe.com ## added by CiD
   127.0.0.1 br.winantivirus.com ## added by CiD
   127.0.0.1 br.winfixer.com ## added by CiD
   127.0.0.1 de.errorsafe.com ## added by CiD
   127.0.0.1 de.winantivirus.com ## added by CiD
   127.0.0.1 download.cdn.winsoftware.com ## added by CiD
   127.0.0.1 download.errorsafe.com ## added by CiD
   127.0.0.1 download.systemdoctor.com ## added by CiD
   127.0.0.1 download.winantispyware.com ## added by CiD
   127.0.0.1 download.windrivecleaner.com ## added by CiD
   127.0.0.1 download.winfixer.com ## added by CiD
   127.0.0.1 drivecleaner.com ## added by CiD
   127.0.0.1 dynamique.drivecleaner.com ## added by CiD
   127.0.0.1 errorprotector.com ## added by CiD
   127.0.0.1 errorsafe.com ## added by CiD
   127.0.0.1 es.winantivirus.com ## added by CiD
   127.0.0.1 fr.winantivirus.com ## added by CiD
   127.0.0.1 fr.winfixer.com ## added by CiD
   127.0.0.1 go.drivecleaner.com ## added by CiD
   127.0.0.1 go.errorsafe.com ## added by CiD
   127.0.0.1 go.winantispyware.com ## added by CiD
   127.0.0.1 go.winantivirus.com ## added by CiD
   127.0.0.1 hk.winantivirus.com ## added by CiD
   127.0.0.1 instlog.errorsafe.com ## added by CiD
   127.0.0.1 instlog.winantivirus.com ## added by CiD
   127.0.0.1 jsp.drivecleaner.com ## added by CiD
   127.0.0.1 kb.errorsafe.com ## added by CiD
   127.0.0.1 kb.winantivirus.com ## added by CiD
   127.0.0.1 nl.errorsafe.com ## added by CiD
   127.0.0.1 se.errorsafe.com ## added by CiD
   127.0.0.1 secure.drivecleaner.com ## added by CiD
   127.0.0.1 secure.errorsafe.com ## added by CiD
   127.0.0.1 secure.winantispam.com ## added by CiD
   127.0.0.1 secure.winantispy.com ## added by CiD
   127.0.0.1 secure.winantivirus.com ## added by CiD
   127.0.0.1 support.winantivirus.com ## added by CiD
   127.0.0.1 ulog.winantivirus.com ## added by CiD
   127.0.0.1 utils.errorsafe.com ## added by CiD
   127.0.0.1 utils.winantivirus.com ## added by CiD
   127.0.0.1 winantispyware.com ## added by CiD
   127.0.0.1 winantivirus.com ## added by CiD
   127.0.0.1 winfixer.com ## added by CiD
   127.0.0.1 www.drivecleaner.com ## added by CiD
   127.0.0.1 www.errorprotector.com ## added by CiD
   127.0.0.1 www.errorsafe.com ## added by CiD
   127.0.0.1 www.systemdoctor.com ## added by CiD
   127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
   127.0.0.1 www.win-virus-pro.com ## added by CiD
   127.0.0.1 www.winantispam.com ## added by CiD
   127.0.0.1 www.winantispy.com ## added by CiD
   127.0.0.1 www.winantispyware.com ## added by CiD
   127.0.0.1 www.winantivirus.com ## added by CiD
   127.0.0.1 www.winantiviruspro.com ## added by CiD
   127.0.0.1 www.windrivecleaner.com ## added by CiD
   127.0.0.1 www.windrivesafe.com ## added by CiD
   127.0.0.1 www.winfixer.com ## added by CiD
   127.0.0.1 cdn.drivecleaner.com ## added by CiD
   127.0.0.1 cdn.errorsafe.com ## added by CiD
   127.0.0.1 cdn.winsoftware.com ## added by CiD
   127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
   127.0.0.1 download.cdn.errorsafe.com ## added by CiD
   127.0.0.1 instlog.winfixer.com ## added by CiD
   127.0.0.1 trial.updates.winsoftware.com ## added by CiD
   127.0.0.1 utils.winfixer.com ## added by CiD
   127.0.0.1 winfixer2006.com ## added by CiD
   127.0.0.1 winsoftware.com ## added by CiD
   127.0.0.1 www.utils.winfixer.com ## added by CiD
   127.0.0.1 www.winfixer2006.com ## added by CiD
   127.0.0.1 www.winsoftware.com ## added by CiD

   -> 72 ( 70 ## added by CiD )

   /!\ 1 Not 127.0.0.1  !!

   ----------------[ Recherche de fichiers avec Catchme ]-----------------
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-04-24 18:28:56
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------[ Recherche d'autres infections ]---------------------

   C:\WINDOWS\pack.epk
   C:\WINDOWS\system32\pqkvvfuq_navps.dat  
   C:\WINDOWS\system32\uubinjekaq_navps.dat  
   C:\WINDOWS\system32\pqkvvfuq_nav.dat 
   C:\WINDOWS\system32\pqkvvfuq.dat  
   C:\WINDOWS\system32\uubinjekaq_nav.dat 
   C:\WINDOWS\system32\uubinjekaq.dat  
   [b]! EGDACCESS !/b
 

   /!\ [Fich:55][Doss:13] C:\WINDOWS\TEMP
   /!\ [Fich:5][Doss:0] C:\DOCUME~1\met\Cookies
   /!\ [Fich:401][Doss:4] C:\DOCUME~1\met\LOCALS~1\TEMPOR~1\content.IE5

   --------------------[ Fin du rapport a 18:32:03,28  ]----------------------


Alors ,j'ai beau chercher dans C ,impossible de trouver fichier CLEANNAVI.TXT.
Si ce n'est pas celui en dessous...



NETTOYAGE COMPLET - (14.482 secs)
------------------------------------------------------------------------------------------
11,8MB supprimés.
------------------------------------------------------------------------------------------

Détails des fichiers effacés
------------------------------------------------------------------------------------------
Fichiers Temporaires d'Internet Explorer (fichiers 395) 3,08MB
C:\Documents and Settings\met\Cookies\met@darfstation[1].txt 115 bytes
C:\Documents and Settings\met\Cookies\met@real[1].txt 344 bytes
C:\Documents and Settings\met\Cookies\met@mysearch[2].txt 102 bytes
C:\Documents and Settings\met\Cookies\met@batanga[1].txt 500 bytes
Marqué pour l'effacement: C:\Documents and Settings\met\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Marqué pour l'effacement: C:\Documents and Settings\met\Cookies\index.dat
Marqué pour l'effacement: C:\Documents and Settings\met\Local Settings\Historique\History.IE5\index.dat
Marqué pour l'effacement: C:\Documents and Settings\met\Local Settings\Historique\History.IE5\MSHist012008042420080425\index.dat
Poubelle vidée (5 fichiers) 6,22MB
C:\WINDOWS\system32\wbem\Logs\wbemess.log 13,80KB
C:\WINDOWS\system32\wbem\Logs\wbemprox.log 404 bytes
C:\WINDOWS\system32\wbem\Logs\wmiprov.log 335 bytes
C:\WINDOWS\0.log 0 bytes
C:\WINDOWS
tbtlog.txt 99,13KB
C:\WINDOWS\Debug\UserMode\userenv.log 6,36KB
Cache Internet de Firefox/Mozilla (17 fichiers) 2,22MB
Cookie supprimé: xiti.com
Cookie supprimé: commentcamarche.net
Cookie supprimé: google.com
Cookie supprimé: google.fr
Cookie supprimé: lelogiciellibre.net
Cookie supprimé: www.assistepc.com
Cookie supprimé: atdmt.com
Cookie supprimé: sdv.fr
Cookie supprimé: doubleclick.net
Cookie supprimé: google.sn
Cookie supprimé: zebulon.fr
Cookie supprimé: i2as.idregie.com
Cookie supprimé: www.zebulon.fr
Cookie supprimé: idregie.com
Cookie supprimé: adviva.net
Cookie supprimé: smartadserver.com
Cookie supprimé: sur-la-toile.com
Cookie supprimé: www.infos-du-net.com
Cookie supprimé: www.01net.com
Cookie supprimé: cybermonitor.com
Cookie supprimé: www.trendsecure.com
Cookie supprimé: mediaplex.com
Cookie supprimé: bluestreak.com
Cookie supprimé: searchmobile.solution.weborama.fr
Cookie supprimé: media.adrevolver.com
Cookie supprimé: adrevolver.com
Cookie supprimé: weborama.fr
Cookie supprimé: advertising.com
Cookie supprimé: fr.brothersoft.com
Cookie supprimé: intellitxt.com
Cookie supprimé: ads.bestofmedia.com
Cookie supprimé: entraide.aceboard.fr
Cookie supprimé: ovh.com
Cookie supprimé: tradedoubler.com
Cookie supprimé: fluxrss.fr
Cookie supprimé: forum.malekal.com
Cookie supprimé: www.malekal.com
Cookie supprimé: framasoft.net
Cookie supprimé: clubic.com
Cookie supprimé: www.clubic.com
Cookie supprimé: multimedia.ftpk.net
Cookie supprimé: reactivpub.fr
Cookie supprimé: ads.ftpk.net
C:\Documents and Settings\met\Application Data\Mozilla\Firefox\Profiles\0m9e7lo3.default\history.dat 7,52KB
C:\Documents and Settings\met\Application Data\Mozilla\Firefox\Profiles\0m9e7lo3.default\downloads.rdf 2,55KB
C:\WINDOWS\Internet Logs\ZALog2008.04.23.txt 96,40KB
C:\DOCUME~1\met\APPLIC~1\Macromedia\Flash Player\#SharedObjects\M88U3H43\pagead2.googlesyndication.com\pagead\googleadplayer.swf\mediaPlayerUserSettings.sol 94 bytes
C:\DOCUME~1\met\APPLIC~1\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#pagead2.googlesyndication.com\settings.sol 99 bytes
C:\DOCUME~1\met\APPLIC~1\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 395 bytes
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\cookies.txt 241 bytes
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayerealplayer.ste 774 bytes
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\History\Musique - www.real.com.lnk 1,74KB
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\History\Musique latino - Musique - www.real.com.lnk 1,79KB
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\History\Radio Progeso.lnk 1,78KB
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\History\Radio Taino.lnk 1,78KB
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\Historyadiotaino.lnk 1,78KB
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\Historyadprogreso.lnk 1,78KB
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\History\Recherche - www.real.com.lnk 1,95KB
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\History\Son Del Cauto - Musique latino - Musique - www.real.com.lnk 1,83KB
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\History\Vidéo - www.real.com.lnk 1,75KB
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\History\vTuner - Live Internet Broadcasting Stations from Cuba.lnk 1,87KB
C:\DOCUME~1\met\APPLIC~1\Real\RealPlayer\History\vTuner - Live Internet Broadcasting Stations from Internet Only.lnk 1,93KB
------------------------------------------------------------------------------------------

Débutant en informatique et seul j'ai eu des difficultés pour démarrer en MODE SANS ECHEC. Il me fallait bien sur consulter le forum pour voir comment procéder. Il est évident qu'après l'avoir réussi et que les raccourcis du bureau aient augmenté de volume ( tailles impréssionnantes),je me devais de marquer 1 temps d'arret à chaque fois pour comprendre ce phénomène. Mais je devais poursuivre. Aussi 1 PAGE RESTAURATION s''est affichée;j'ai dû annuler.
Entre installation et lancement des logiciels demandés,j'avoue que j'avais beaucoup d'inquiètudes,car il m'était dit à chaque fois: NOTRE RESPONSABILITE N'EST PAS ENGAGE EN CAS DE PROBLEME. Pour 1 novice qui n'a que 8 mois de connection çelà peut se comprendre.
Parfois aussi il n'est pas évident que les gens se comprennent par écrit. Raison pour laquelle je dis que les BENEVOLES ont vraiment du mérite...A quand le FORUM AUDIO....!!!! 
P.S...ce matin je constate entre autre 1 certaine lenteur pour l'ouverture des pages et autres.

Rapport d'analyse

14 réponses

Votre réponse

Discussions similaires

Newsletters