01net    Web


Actuellement en ligne : 913 Utilisateurs dont 104 dans Sécurité, virus et assimilés >S'inscrire      >S'identifier      >Recherche      >Aide  
modéré par A.Ouloube, naheulbeuk, bibou0007, totoftotof, IL-MAFIOSO  
01net > Forum de 01net > Sécurité, virus et assimilés > Virus
> hotmail, msn et autres sites indispo : virus sans doute
Auteur
Message
 
<     1   2       >
ericnol
  
   
      ?   @     Posté le 13/07/2008 18:23:48  
Voter pour ce message
j'ai posté précédemment le extra.txt mais voici le main.txt

Deckard's System Scanner v20071014.68
Run by HP_Propriétaire on 2008-07-13 18:01:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 3 Restore Point(s) --
3: 2008-07-13 16:02:06 UTC - RP3 - Deckard's System Scanner Restore Point
2: 2008-07-12 16:37:18 UTC - RP2 - Le KB947864 pour Windows XP a été installé.
1: 2008-07-11 17:31:53 UTC - RP1 - Point de vérification système


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as HP_Propriétaire.exe) -------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:03:40, on 13/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Foto.com\Editeur Foto.com\dd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\dss exe\dss.exe
C:\DOCUME~1\HP_PRO~1\Bureau\HIJACK~1\HP_Propriétaire.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Device Detection] C:\Program Files\Foto.com\Editeur Foto.com\dd.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1182755107-2753928046-904019101-1010\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Eric')
O4 - HKUS\S-1-5-21-1182755107-2753928046-904019101-1010\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Eric')
O4 - HKUS\S-1-5-21-1182755107-2753928046-904019101-1010\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (User 'Eric')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuw(...)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.fnacphoto.com/ectelechargement/xupload/XUpload.ocx
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 10877 bytes

-- HijackThis Fixed Entries (C:\DOCUME~1\HP_PRO~1\Bureau\HIJACK~1\backups\) ----

backup-20080629-145027-564 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20080629-145027-581 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20080629-145211-892 O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/2.0.6.9/cab/aolpPlugins.10.6.0.4.ca(...)
backup-20080629-145212-271 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://notreanniv.spaces.live.com//PhotoUpload/MsnPUpld.cab
backup-20080629-145212-313 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_s(...)
backup-20080629-145212-379 O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
backup-20080629-145212-844 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.ca.com/securityadvisor/pestscan/pestscan.cab
backup-20080629-145212-867 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
backup-20080629-145213-144 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb(...)
backup-20080629-145213-773 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
backup-20080629-145213-884 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/Newuploader/ImageUploader4.cab
backup-20080629-145213-956 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
backup-20080629-145214-301 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
backup-20080629-145214-511 O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
.vbs - XingMpeg - DefaultIcon - C:\Program Files\Xing\XingMPEG Player\xmplayer.exe
.vbs - XingMpeg - shell\open\command - "C:\Program Files\Xing\XingMPEG Player\xmplayer.exe" %1
.vbs - XingMpeg - shell\edit\command - unable to read value


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 INO_FLPY - c:\windows\system32\drivers\ino_flpy.sys <Not Verified; Computer Associates; CA eTrust eTrust Antivirus/InoculateIT version 7.X/6.X/4.X>
R2 INO_FLTR - c:\windows\system32\drivers\ino_fltr.sys <Not Verified; Computer Associates; CA eTrust Antivirus/InoculateIT version 7.X/6.X>

S3 catchme - c:\docume~1\hp_pro~1\locals~1\temp\catchme.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 InoRPC (Serveur RPC eTrust Antivirus) - "c:\program files\ca\etrust antivirus\inorpc.exe" <Not Verified; Computer Associates International, Inc.; eTrust Antivirus>
R2 InoRT (Serveur eTrust Antivirus Temps réel) - "c:\program files\ca\etrust antivirus\inort.exe" <Not Verified; Computer Associates International, Inc.; eTrust Antivirus>
R2 InoTask (Serveur de jobs eTrust Antivirus) - "c:\program files\ca\etrust antivirus\inotask.exe" <Not Verified; Computer Associates International, Inc.; eTrust Antivirus>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-07-13 18:00:03 442 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E63B7AFB-9AAB-4C73-A632-1FED380D90E3}.job
2008-04-14 15:36:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-06-13 and 2008-07-13 -----------------------------

2008-07-12 17:36:21 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-12 17:36:15 0 d-------- C:\Documents and Settings\Eric\Application Data\Mozilla
2008-07-12 17:34:50 0 d-------- C:\Program Files\Firefox
2008-07-12 11:29:17 0 d-------- C:\WINDOWS\BDOSCAN8
2008-07-06 19:26:51 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-06 12:37:26 0 d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes
2008-07-06 12:37:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-06 12:37:22 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-29 10:47:25 0 d-------- C:\Program Files\MSNServersX
2008-06-28 11:50:05 69632 -ra------ C:\WINDOWS\system32\xmltok.dll
2008-06-28 11:50:05 36864 -ra------ C:\WINDOWS\system32\xmlparse.dll
2008-06-28 11:50:04 24576 -ra------ C:\WINDOWS\system32\msxml3a.dll <Not Verified; Microsoft Corporation; Microsoft XML Core Services>
2008-06-28 11:39:58 0 d-------- C:\Program Files\Ubisoft


-- Find3M Report ---------------------------------------------------------------

2008-07-12 17:39:01 0 d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla
2008-06-29 18:44:16 0 d-------- C:\Program Files\Google
2008-06-29 14:18:19 0 d-------- C:\Program Files\Messenger
2008-06-28 16:19:38 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-28 14:14:15 0 d-------- C:\Program Files\Ubi Soft
2008-06-16 22:45:08 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-12 19:07:57 0 d-------- C:\Program Files\Fichiers communs\Adobe
2008-06-04 22:06:28 0 d-------- C:\Program Files\Microsoft Games
2008-06-04 10:38:26 0 d-------- C:\Program Files\ViaMichelin
2008-05-27 21:50:00 361081 --a------ C:\Documents and Settings\HP_Propriétaire\Application Data\mdbu.bin
2008-05-16 21:00:31 0 d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\AdobeUM
2008-04-13 22:02:17 479242 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-04-13 22:02:17 79406 --a------ C:\WINDOWS\system32\perfc00C.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [07/05/1998 18:04]
"RTHDCPL"="RTHDCPL.EXE" [18/08/2005 16:20 C:\WINDOWS\RTHDCPL.EXE]
"Alcmtr"="ALCMTR.EXE" [04/05/2005 03:43 C:\WINDOWS\ALCMTR.EXE]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [04/11/2005 18:03]
"nwiz"="nwiz.exe" [04/11/2005 18:03 C:\WINDOWS\system32\nwiz.exe]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [02/06/2005 08:35]
"Home Theater SchSvr"="C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe" [18/07/2005 20:12]
"WINREMOTE"="C:\Program Files\InterVideo\Common\Bin\WinRemote.exe" [18/07/2005 19:05]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [14/04/2004 22:43]
"PCDrProfiler"="" []
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [12/05/2005 07:12]
"Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [26/06/2004 01:17]
"KBD"="C:\HP\KBD\KBD.EXE" [02/02/2005 16:44]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [28/07/2004 00:50]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [28/07/2004 00:50]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [25/10/2007 17:37]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [25/10/2007 17:33]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [28/03/2008 23:37]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [30/03/2008 10:36]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" []
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [25/02/2007 13:29]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 20:00]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [26/06/2006 21:45]
"Device Detection"="C:\Program Files\Foto.com\Editeur Foto.com\dd.exe" [20/07/2007 11:13]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480




-- Hosts -----------------------------------------------------------------------

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

60 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-07-13 18:04:40 ------------

dédétraqué
  
  :-)
      ?   @     Posté le 13/07/2008 19:36:42  
Voter pour ce message
Salut ericnol


Voir avec une réparation de Windows :

http://forum.telecharger.01net.com/microhebdo/windows_et_les_autres/windows_x(...)


@++
ericnol
  
   
      ?   @     Posté le 13/07/2008 22:20:41  
Voter pour ce message
j'ai 2 disques de réinstall créés lors de la mise en marche du PC, ce sont bien ceux là que je dois utiliser ?
dédétraqué
  
  :-)
      ?   @     Posté le 13/07/2008 22:33:06  
Voter pour ce message
Salut ericnol


Désinstalle via Ajout/Suppression de programmes si présent :

Cid help
Circle Developement
Adverts
Le sponsor de MSN Plus!



Télécharge Lop S&D sur ton bureau ici :

http://eric.71.mespages.googlepages.com/LopSD.exe


- Double clique sur LopSD.exe qui est sur le bureau pour lancer l'installation

- Double clique sur le raccourci Lop S&D créé sur ton Bureau

- Sélectionne la langue souhaitée et choisis l'option 1 (Recherche)

- Poste le rapport (C:\lopR.txt) dans ton prochain poste

Note : Si le bureau ne réapparaît pas appuis sur Ctrl + Alt + Suppr , le gestionnaire des tâche apparaît. Dans le haut clique sur Fichier/Nouvelle tâche, tape explorer.exe et OK pour valider

Tutoriel : http://www.malekal.com/tutorial_Lop_SD.php


@++
ericnol
  
   
      ?   @     Posté le 14/07/2008 21:53:59  
Voter pour ce message
Bonsoir !

Et voilà le rapport :


-----------------------[ Lop S&D 4.2.2-1 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : HP_Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 14/07/2008 | 21:45:43,57 ] [ PC : NATHA ]
[ MAJ : 09-07-2008 | 21:02 ]

-------------[ Listing des dossiers dans Application Data ]------------

[16/05/2008|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/11/2007|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[28/08/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[09/04/2007|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[29/06/2008|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/01/2005|06:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[14/07/2006|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[03/01/2005|06:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[03/01/2005|06:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[29/12/2007|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[07/11/2006|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[06/07/2008|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/12/2006|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[21/08/2006|14:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[01/03/2008|22:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping
[16/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[03/01/2005|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[03/01/2005|06:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[03/01/2005|06:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[14/07/2006|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[24/01/2007|21:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[31/08/2006|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/07/2008|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[03/01/2005|06:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[25/11/2004|05:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[03/01/2005|06:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[03/01/2005|07:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[03/01/2005|06:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[03/01/2005|07:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[13/01/2008|21:36] C:\DOCUME~1\Eric\APPLIC~1\$_hpcst$.hpc
[27/03/2008|23:18] C:\DOCUME~1\Eric\APPLIC~1\Adobe
[24/01/2007|23:43] C:\DOCUME~1\Eric\APPLIC~1\AdobeUM
[03/01/2005|06:50] C:\DOCUME~1\Eric\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\Eric\APPLIC~1\desktop.ini
[03/11/2006|16:01] C:\DOCUME~1\Eric\APPLIC~1\Google
[03/09/2006|20:49] C:\DOCUME~1\Eric\APPLIC~1\HP
[25/11/2004|05:26] C:\DOCUME~1\Eric\APPLIC~1\Identities
[19/01/2008|20:39] C:\DOCUME~1\Eric\APPLIC~1\InstallShield
[03/01/2005|06:47] C:\DOCUME~1\Eric\APPLIC~1\Intervideo
[11/08/2006|14:59] C:\DOCUME~1\Eric\APPLIC~1\Macromedia
[06/07/2008|09:11] C:\DOCUME~1\Eric\APPLIC~1\Microsoft
[12/07/2008|17:36] C:\DOCUME~1\Eric\APPLIC~1\Mozilla
[03/01/2005|06:55] C:\DOCUME~1\Eric\APPLIC~1\SampleView
[24/01/2007|23:20] C:\DOCUME~1\Eric\APPLIC~1\Sun
[03/01/2005|07:07] C:\DOCUME~1\Eric\APPLIC~1\Symantec

[15/12/2007|14:18] C:\DOCUME~1\Honorine\APPLIC~1\$_hpcst$.hpc
[22/03/2008|16:29] C:\DOCUME~1\Honorine\APPLIC~1\Adobe
[07/02/2007|16:31] C:\DOCUME~1\Honorine\APPLIC~1\AdobeUM
[16/12/2007|18:10] C:\DOCUME~1\Honorine\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\Honorine\APPLIC~1\desktop.ini
[18/09/2006|20:54] C:\DOCUME~1\Honorine\APPLIC~1\Google
[20/07/2006|15:54] C:\DOCUME~1\Honorine\APPLIC~1\HbTools_Icons
[03/02/2007|13:15] C:\DOCUME~1\Honorine\APPLIC~1\Help
[03/09/2006|20:50] C:\DOCUME~1\Honorine\APPLIC~1\HP
[29/12/2007|15:08] C:\DOCUME~1\Honorine\APPLIC~1\HPQ
[25/11/2004|05:26] C:\DOCUME~1\Honorine\APPLIC~1\Identities
[03/01/2005|06:47] C:\DOCUME~1\Honorine\APPLIC~1\Intervideo
[16/12/2007|18:10] C:\DOCUME~1\Honorine\APPLIC~1\Leadertech
[17/07/2006|11:56] C:\DOCUME~1\Honorine\APPLIC~1\Macromedia
[22/12/2007|17:35] C:\DOCUME~1\Honorine\APPLIC~1\Microsoft
[02/09/2006|16:04] C:\DOCUME~1\Honorine\APPLIC~1\Real
[03/01/2005|06:55] C:\DOCUME~1\Honorine\APPLIC~1\SampleView
[16/12/2007|18:10] C:\DOCUME~1\Honorine\APPLIC~1\Sonic
[10/01/2007|15:27] C:\DOCUME~1\Honorine\APPLIC~1\Sun
[03/01/2005|07:07] C:\DOCUME~1\Honorine\APPLIC~1\Symantec

[06/04/2007|20:34] C:\DOCUME~1\HP_PRO~2\APPLIC~1\SecondLife

[22/09/2007|16:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\$_hpcst$.hpc
[21/03/2008|19:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[16/05/2008|21:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[03/01/2005|06:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[31/05/2007|15:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\BitDownload
[24/11/2004|00:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\desktop.ini
[15/08/2006|10:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[22/06/2006|20:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[09/04/2006|14:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[26/12/2005|18:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[03/12/2005|19:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[15/08/2006|10:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPSU_48BitScanUpdate.log
[25/11/2004|05:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[14/07/2006|11:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
[24/11/2005|22:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[01/07/2006|14:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[06/07/2008|12:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
[01/11/2007|16:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\mdb.bin
[27/05/2008|21:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\mdbu.bin
[04/06/2008|11:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[12/07/2008|17:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[15/08/2006|10:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_HP_CounterReport_Update_HPSU.log
[15/08/2006|10:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_HP_ISRegionListUpdatelog_HPSU.log
[15/08/2006|10:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_InstantShareJPG.log
[15/08/2006|10:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_IZClosingDiscError.log
[03/09/2006|10:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[24/11/2005|21:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Roxio
[03/01/2005|06:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[06/04/2007|20:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SecondLife
[24/11/2005|22:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[12/01/2006|21:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[14/07/2006|11:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[15/08/2006|10:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log
[30/06/2006|22:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Vso

[11/05/2007|22:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[11/07/2007|08:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[15/08/2006|18:40] C:\DOCUME~1\VICTOR~1\APPLIC~1\Adobe
[15/08/2006|18:41] C:\DOCUME~1\VICTOR~1\APPLIC~1\AdobeUM
[03/01/2005|06:50] C:\DOCUME~1\VICTOR~1\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\VICTOR~1\APPLIC~1\desktop.ini
[13/11/2006|22:57] C:\DOCUME~1\VICTOR~1\APPLIC~1\Google
[20/07/2006|15:57] C:\DOCUME~1\VICTOR~1\APPLIC~1\HbTools_Icons
[03/09/2006|20:50] C:\DOCUME~1\VICTOR~1\APPLIC~1\HP
[25/11/2004|05:26] C:\DOCUME~1\VICTOR~1\APPLIC~1\Identities
[03/01/2005|06:47] C:\DOCUME~1\VICTOR~1\APPLIC~1\Intervideo
[20/07/2006|15:57] C:\DOCUME~1\VICTOR~1\APPLIC~1\Macromedia
[11/07/2007|07:50] C:\DOCUME~1\VICTOR~1\APPLIC~1\Microsoft
[03/01/2005|06:55] C:\DOCUME~1\VICTOR~1\APPLIC~1\SampleView
[03/01/2005|07:07] C:\DOCUME~1\VICTOR~1\APPLIC~1\Symantec
[06/08/2006|11:27] C:\DOCUME~1\VICTOR~1\APPLIC~1\TuxPaint

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[14/07/2008 21:45][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E63B7AFB-9AAB-4C73-A632-1FED380D90E3}.job
[14/04/2008 15:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/07/2008 21:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[19/01/2008|20:41] C:\Program Files\2K Games
[03/12/2005|20:06] C:\Program Files\Acclaim Entertainment
[27/12/2007|14:57] C:\Program Files\Activision
[12/06/2008|19:07] C:\Program Files\Adobe
[18/02/2007|23:02] C:\Program Files\AIST
[20/02/2007|23:24] C:\Program Files\AnvSoft
[07/06/2007|22:28] C:\Program Files\AOL Pictures
[16/10/2007|22:21] C:\Program Files\Apple Software Update
[19/03/2006|11:23] C:\Program Files\CA
[16/12/2007|20:07] C:\Program Files\Call of Duty
[24/11/2004|03:37] C:\Program Files\ComPlus Applications
[13/06/2006|21:51] C:\Program Files\CRASH
[11/06/2006|12:04] C:\Program Files\DIFX
[03/12/2005|19:36] C:\Program Files\directx
[05/04/2006|22:30] C:\Program Files\DivX
[17/06/2007|18:40] C:\Program Files\EA GAMES
[06/04/2007|20:41] C:\Program Files\Easy Internet signup
[22/12/2007|19:19] C:\Program Files\eMule
[07/12/2007|23:36] C:\Program Files\Fichiers communs
[20/07/2006|15:51] C:\Program Files\filesubmit
[12/07/2008|17:35] C:\Program Files\Firefox
[24/12/2006|16:36] C:\Program Files\flight2
[01/02/2008|20:22] C:\Program Files\FMS
[02/03/2008|16:18] C:\Program Files\Foto.com
[01/03/2008|22:30] C:\Program Files\GameSpy Arcade
[29/06/2008|18:44] C:\Program Files\Google
[24/12/2006|17:21] C:\Program Files\Harry Potter II
[03/01/2005|06:45] C:\Program Files\Hewlett-Packard
[03/01/2005|06:32] C:\Program Files\HP
[28/06/2008|16:19] C:\Program Files\InstallShield Installation Information
[12/06/2008|19:23] C:\Program Files\Internet Explorer
[03/01/2005|06:46] C:\Program Files\InterVideo
[13/04/2008|14:52] C:\Program Files\iPod
[13/04/2008|14:53] C:\Program Files\iTunes
[18/03/2008|21:28] C:\Program Files\Java
[13/11/2006|22:29] C:\Program Files\Larousse Multim‚dia
[15/10/2006|20:20] C:\Program Files\LeConjugueur
[29/12/2007|13:52] C:\Program Files\Logitech
[21/10/2007|12:20] C:\Program Files\LucasArts
[03/01/2005|06:47] C:\Program Files\Macrovision Corp
[06/07/2008|12:37] C:\Program Files\Malwarebytes' Anti-Malware
[27/12/2006|16:09] C:\Program Files\Maxis
[21/02/2007|22:05] C:\Program Files\MeeSoft
[15/05/2007|22:13] C:\Program Files\Mes Cr‚ations
[29/06/2008|14:18] C:\Program Files\Messenger
[24/12/2006|16:26] C:\Program Files\Microprose
[16/06/2008|22:45] C:\Program Files\Microsoft ActiveSync
[11/05/2007|22:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[25/11/2004|05:27] C:\Program Files\microsoft frontpage
[04/06/2008|22:06] C:\Program Files\Microsoft Games
[05/02/2006|19:31] C:\Program Files\Microsoft Money 2005
[29/03/2007|22:17] C:\Program Files\Microsoft Office
[03/01/2005|06:49] C:\Program Files\Microsoft Works
[26/12/2005|19:30] C:\Program Files\Microsoft.NET
[15/11/2006|14:41] C:\Program Files\Mindscape
[11/11/2007|17:14] C:\Program Files\monAlbumPhoto
[25/11/2004|05:27] C:\Program Files\Movie Maker
[14/07/2008|21:42] C:\Program Files\Mozilla Firefox
[29/03/2007|22:17] C:\Program Files\MSECache
[13/09/2006|12:52] C:\Program Files\MSN
[07/06/2006|12:58] C:\Program Files\MSN Games
[25/11/2004|05:27] C:\Program Files\MSN Gaming Zone
[11/02/2007|12:04] C:\Program Files\MSN Messenger
[29/06/2008|11:20] C:\Program Files\MSNServersX
[15/10/2006|09:47] C:\Program Files\MSXML 4.0
[03/01/2005|06:53] C:\Program Files\muvee Technologies
[14/07/2006|19:53] C:\Program Files\NetMeeting
[25/11/2004|05:27] C:\Program Files\Online Services
[18/02/2007|14:35] C:\Program Files\OriaSoft
[13/06/2007|22:38] C:\Program Files\Outlook Express
[03/01/2005|07:06] C:\Program Files\PC-Doctor 5 for Windows
[24/10/2007|22:01] C:\Program Files\Picasa2
[06/04/2007|20:40] C:\Program Files\Popims
[13/04/2008|14:50] C:\Program Files\QuickTime
[30/08/2006|20:31] C:\Program Files\Real
[13/04/2008|14:55] C:\Program Files\Safari
[03/01/2005|07:03] C:\Program Files\Services en ligne
[19/01/2008|14:50] C:\Program Files\SLIM-Data
[03/01/2005|06:44] C:\Program Files\Sonic
[14/07/2006|12:05] C:\Program Files\Symantec
[18/02/2007|22:45] C:\Program Files\t@b
[23/12/2006|19:32] C:\Program Files\Terminal Reality
[06/08/2006|11:13] C:\Program Files\TuxPaint
[28/06/2008|14:14] C:\Program Files\Ubi Soft
[28/06/2008|11:50] C:\Program Files\Ubisoft
[24/11/2004|03:37] C:\Program Files\Uninstall Information
[04/06/2008|10:38] C:\Program Files\ViaMichelin
[10/01/2007|22:23] C:\Program Files\Viewpoint
[30/06/2006|22:13] C:\Program Files\vso
[07/12/2007|23:41] C:\Program Files\Windows Live
[11/05/2007|21:33] C:\Program Files\Windows Media Connect 2
[11/05/2007|21:33] C:\Program Files\Windows Media Player
[14/07/2006|19:53] C:\Program Files\Windows NT
[24/11/2004|03:37] C:\Program Files\WindowsUpdate
[26/03/2007|22:03] C:\Program Files\WinZip
[25/11/2004|05:28] C:\Program Files\xerox
[13/11/2006|22:57] C:\Program Files\Xing

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[12/06/2008|19:07] C:\Program Files\Fichiers communs\Adobe
[28/08/2007|22:24] C:\Program Files\Fichiers communs\Apple
[02/12/1996|19:44] C:\Program Files\Fichiers communs\dao350.dll
[26/12/2005|19:31] C:\Program Files\Fichiers communs\DESIGNER
[03/01/2005|06:39] C:\Program Files\Fichiers communs\Hewlett-Packard
[03/01/2005|06:35] C:\Program Files\Fichiers communs\HP
[03/01/2005|06:50] C:\Program Files\Fichiers communs\InstallShield
[03/01/2005|06:46] C:\Program Files\Fichiers communs\InterVideo
[03/01/2005|06:15] C:\Program Files\Fichiers communs\Java
[29/12/2007|14:01] C:\Program Files\Fichiers communs\LogiShrd
[29/12/2007|13:56] C:\Program Files\Fichiers communs\Logitech
[07/12/2007|23:42] C:\Program Files\Fichiers communs\Microsoft Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\MSSoap
[03/01/2005|06:53] C:\Program Files\Fichiers communs\muvee Technologies
[25/11/2004|05:26] C:\Program Files\Fichiers communs\ODBC
[03/09/2006|10:16] C:\Program Files\Fichiers communs\Real
[14/07/2006|19:53] C:\Program Files\Fichiers communs\Services
[03/01/2005|06:43] C:\Program Files\Fichiers communs\Sonic Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\SpeechEngines
[03/01/2005|06:43] C:\Program Files\Fichiers communs\SureThing Shared
[13/06/2007|22:38] C:\Program Files\Fichiers communs\System
[03/01/2005|06:44] C:\Program Files\Fichiers communs\TiVo Shared
[19/06/2006|11:01] C:\Program Files\Fichiers communs\Vitalize
[07/12/2007|23:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 51

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Bitdownload
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Bitdownload\Data
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@www.adserver5[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adultfriendfinder[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@search.adultfriendfinder[2].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adin.bigpoint[2].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@bigpoint[2].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@banner.cotedazurpalace[2].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@cotedazurpalace[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adopt.euroclick[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@pacificpoker[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@seafight[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@32vegas[2].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@banner.32vegas[2].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@vegas-millions[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@vegasred[2].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@www.vegasred[2].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@2xmoinscher[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@www.2xmoinscher[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@facebook[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@888[2].txt

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 72 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-14 21:46:55
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\Pack.epk
! EGDACCESS !

=> C:\DOCUME~1\HP_PRO~1\MESDOC~1\Nathalie\Anniversaire Nathalie\All the Music\Dossier Nath\Jacques Dutronc - Crack Boum Hue.MP3
=> C:\Documents and Settings\HP_Propri‚taire\Mes documents\Nathalie\Anniversaire Nathalie\All the Music\Dossier Nath\Jacques Dutronc - Crack Boum Hue.MP3
=> C:\Documents and Settings\HP_Propri‚taire\Recent\Atomix Virtual DJ 3.2 + crack + 38 skins + 109 effects + 123 samples.lnk
=> C:\Documents and Settings\All Users\Documents\Ma musique\Jacques Dutronc - Crack Boum Hue.MP3


[F:11][D:2]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:2267][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:4513][D:22]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 21:50:06,21 ]----------------------
dédétraqué
  
  :-)
      ?   @     Posté le 14/07/2008 23:00:15  
Voter pour ce message
Salut ericnol


- Double clique sur le raccourci Lop S&D créé sur ton Bureau

- Choisis l'Option 2 (Suppression)

- Poste le rapport (C:\lopR.txt) dans ton prochain poste

Note : Si le bureau ne réapparaît pas appuis sur Ctrl + Alt + Suppr , le gestionnaire des tâche apparaît. Dans le haut clique sur Fichier/Nouvelle tâche, tape explorer.exe et OK pour valider


@++
ericnol
  
   
      ?   @     Posté le 15/07/2008 08:20:23  
Voter pour ce message
bonjour dédétraqué !


-----------------------[ Lop S&D 4.2.2-1 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : HP_Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 15/07/2008 | 8:09:43,93 ] [ PC : NATHA ]
[ MAJ : 09-07-2008 | 21:02 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Echec ! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Bitdownload\Data
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@www.adserver5[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@search.adultfriendfinder[2].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@bigpoint[2].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@seafight[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@32vegas[2].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@vegas-millions[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@vegasred[2].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@www.vegasred[2].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@facebook[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@888[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Bitdownload
RestaurÚ! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[16/05/2008|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/11/2007|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[28/08/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[09/04/2007|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[29/06/2008|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/01/2005|06:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[14/07/2006|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[03/01/2005|06:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[03/01/2005|06:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[29/12/2007|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[07/11/2006|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[06/07/2008|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/12/2006|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[21/08/2006|14:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[16/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[03/01/2005|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[03/01/2005|06:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[03/01/2005|06:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[14/07/2006|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[31/08/2006|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/07/2008|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[03/01/2005|06:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[25/11/2004|05:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[03/01/2005|06:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[03/01/2005|07:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[03/01/2005|06:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[03/01/2005|07:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[13/01/2008|21:36] C:\DOCUME~1\Eric\APPLIC~1\$_hpcst$.hpc
[27/03/2008|23:18] C:\DOCUME~1\Eric\APPLIC~1\Adobe
[24/01/2007|23:43] C:\DOCUME~1\Eric\APPLIC~1\AdobeUM
[03/01/2005|06:50] C:\DOCUME~1\Eric\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\Eric\APPLIC~1\desktop.ini
[03/11/2006|16:01] C:\DOCUME~1\Eric\APPLIC~1\Google
[03/09/2006|20:49] C:\DOCUME~1\Eric\APPLIC~1\HP
[25/11/2004|05:26] C:\DOCUME~1\Eric\APPLIC~1\Identities
[19/01/2008|20:39] C:\DOCUME~1\Eric\APPLIC~1\InstallShield
[03/01/2005|06:47] C:\DOCUME~1\Eric\APPLIC~1\Intervideo
[11/08/2006|14:59] C:\DOCUME~1\Eric\APPLIC~1\Macromedia
[06/07/2008|09:11] C:\DOCUME~1\Eric\APPLIC~1\Microsoft
[12/07/2008|17:36] C:\DOCUME~1\Eric\APPLIC~1\Mozilla
[03/01/2005|06:55] C:\DOCUME~1\Eric\APPLIC~1\SampleView
[24/01/2007|23:20] C:\DOCUME~1\Eric\APPLIC~1\Sun
[03/01/2005|07:07] C:\DOCUME~1\Eric\APPLIC~1\Symantec

[15/12/2007|14:18] C:\DOCUME~1\Honorine\APPLIC~1\$_hpcst$.hpc
[22/03/2008|16:29] C:\DOCUME~1\Honorine\APPLIC~1\Adobe
[07/02/2007|16:31] C:\DOCUME~1\Honorine\APPLIC~1\AdobeUM
[16/12/2007|18:10] C:\DOCUME~1\Honorine\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\Honorine\APPLIC~1\desktop.ini
[18/09/2006|20:54] C:\DOCUME~1\Honorine\APPLIC~1\Google
[20/07/2006|15:54] C:\DOCUME~1\Honorine\APPLIC~1\HbTools_Icons
[03/02/2007|13:15] C:\DOCUME~1\Honorine\APPLIC~1\Help
[03/09/2006|20:50] C:\DOCUME~1\Honorine\APPLIC~1\HP
[29/12/2007|15:08] C:\DOCUME~1\Honorine\APPLIC~1\HPQ
[25/11/2004|05:26] C:\DOCUME~1\Honorine\APPLIC~1\Identities
[03/01/2005|06:47] C:\DOCUME~1\Honorine\APPLIC~1\Intervideo
[16/12/2007|18:10] C:\DOCUME~1\Honorine\APPLIC~1\Leadertech
[17/07/2006|11:56] C:\DOCUME~1\Honorine\APPLIC~1\Macromedia
[22/12/2007|17:35] C:\DOCUME~1\Honorine\APPLIC~1\Microsoft
[02/09/2006|16:04] C:\DOCUME~1\Honorine\APPLIC~1\Real
[03/01/2005|06:55] C:\DOCUME~1\Honorine\APPLIC~1\SampleView
[16/12/2007|18:10] C:\DOCUME~1\Honorine\APPLIC~1\Sonic
[10/01/2007|15:27] C:\DOCUME~1\Honorine\APPLIC~1\Sun
[03/01/2005|07:07] C:\DOCUME~1\Honorine\APPLIC~1\Symantec

[06/04/2007|20:34] C:\DOCUME~1\HP_PRO~2\APPLIC~1\SecondLife

[22/09/2007|16:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\$_hpcst$.hpc
[21/03/2008|19:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[16/05/2008|21:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[03/01/2005|06:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\desktop.ini
[15/08/2006|10:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[22/06/2006|20:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[09/04/2006|14:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[26/12/2005|18:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[03/12/2005|19:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[15/08/2006|10:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPSU_48BitScanUpdate.log
[25/11/2004|05:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[14/07/2006|11:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
[24/11/2005|22:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[01/07/2006|14:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[06/07/2008|12:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
[01/11/2007|16:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\mdb.bin
[27/05/2008|21:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\mdbu.bin
[04/06/2008|11:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[12/07/2008|17:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[15/08/2006|10:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_HP_CounterReport_Update_HPSU.log
[15/08/2006|10:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_HP_ISRegionListUpdatelog_HPSU.log
[15/08/2006|10:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_InstantShareJPG.log
[15/08/2006|10:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_IZClosingDiscError.log
[03/09/2006|10:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[24/11/2005|21:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Roxio
[03/01/2005|06:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[06/04/2007|20:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SecondLife
[24/11/2005|22:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[12/01/2006|21:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[14/07/2006|11:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[15/08/2006|10:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log
[30/06/2006|22:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Vso

[11/05/2007|22:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[11/07/2007|08:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[15/08/2006|18:40] C:\DOCUME~1\VICTOR~1\APPLIC~1\Adobe
[15/08/2006|18:41] C:\DOCUME~1\VICTOR~1\APPLIC~1\AdobeUM
[03/01/2005|06:50] C:\DOCUME~1\VICTOR~1\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\VICTOR~1\APPLIC~1\desktop.ini
[13/11/2006|22:57] C:\DOCUME~1\VICTOR~1\APPLIC~1\Google
[20/07/2006|15:57] C:\DOCUME~1\VICTOR~1\APPLIC~1\HbTools_Icons
[03/09/2006|20:50] C:\DOCUME~1\VICTOR~1\APPLIC~1\HP
[25/11/2004|05:26] C:\DOCUME~1\VICTOR~1\APPLIC~1\Identities
[03/01/2005|06:47] C:\DOCUME~1\VICTOR~1\APPLIC~1\Intervideo
[20/07/2006|15:57] C:\DOCUME~1\VICTOR~1\APPLIC~1\Macromedia
[11/07/2007|07:50] C:\DOCUME~1\VICTOR~1\APPLIC~1\Microsoft
[03/01/2005|06:55] C:\DOCUME~1\VICTOR~1\APPLIC~1\SampleView
[03/01/2005|07:07] C:\DOCUME~1\VICTOR~1\APPLIC~1\Symantec
[06/08/2006|11:27] C:\DOCUME~1\VICTOR~1\APPLIC~1\TuxPaint

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[15/07/2008 08:10][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E63B7AFB-9AAB-4C73-A632-1FED380D90E3}.job
[14/04/2008 15:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/07/2008 08:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[19/01/2008|20:41] C:\Program Files\2K Games
[03/12/2005|20:06] C:\Program Files\Acclaim Entertainment
[27/12/2007|14:57] C:\Program Files\Activision
[12/06/2008|19:07] C:\Program Files\Adobe
[18/02/2007|23:02] C:\Program Files\AIST
[20/02/2007|23:24] C:\Program Files\AnvSoft
[07/06/2007|22:28] C:\Program Files\AOL Pictures
[16/10/2007|22:21] C:\Program Files\Apple Software Update
[19/03/2006|11:23] C:\Program Files\CA
[16/12/2007|20:07] C:\Program Files\Call of Duty
[24/11/2004|03:37] C:\Program Files\ComPlus Applications
[13/06/2006|21:51] C:\Program Files\CRASH
[11/06/2006|12:04] C:\Program Files\DIFX
[03/12/2005|19:36] C:\Program Files\directx
[05/04/2006|22:30] C:\Program Files\DivX
[17/06/2007|18:40] C:\Program Files\EA GAMES
[06/04/2007|20:41] C:\Program Files\Easy Internet signup
[22/12/2007|19:19] C:\Program Files\eMule
[07/12/2007|23:36] C:\Program Files\Fichiers communs
[20/07/2006|15:51] C:\Program Files\filesubmit
[12/07/2008|17:35] C:\Program Files\Firefox
[24/12/2006|16:36] C:\Program Files\flight2
[01/02/2008|20:22] C:\Program Files\FMS
[02/03/2008|16:18] C:\Program Files\Foto.com
[01/03/2008|22:30] C:\Program Files\GameSpy Arcade
[29/06/2008|18:44] C:\Program Files\Google
[24/12/2006|17:21] C:\Program Files\Harry Potter II
[03/01/2005|06:45] C:\Program Files\Hewlett-Packard
[03/01/2005|06:32] C:\Program Files\HP
[28/06/2008|16:19] C:\Program Files\InstallShield Installation Information
[12/06/2008|19:23] C:\Program Files\Internet Explorer
[03/01/2005|06:46] C:\Program Files\InterVideo
[13/04/2008|14:52] C:\Program Files\iPod
[13/04/2008|14:53] C:\Program Files\iTunes
[18/03/2008|21:28] C:\Program Files\Java
[13/11/2006|22:29] C:\Program Files\Larousse Multim‚dia
[15/10/2006|20:20] C:\Program Files\LeConjugueur
[29/12/2007|13:52] C:\Program Files\Logitech
[21/10/2007|12:20] C:\Program Files\LucasArts
[03/01/2005|06:47] C:\Program Files\Macrovision Corp
[06/07/2008|12:37] C:\Program Files\Malwarebytes' Anti-Malware
[27/12/2006|16:09] C:\Program Files\Maxis
[21/02/2007|22:05] C:\Program Files\MeeSoft
[15/05/2007|22:13] C:\Program Files\Mes Cr‚ations
[29/06/2008|14:18] C:\Program Files\Messenger
[24/12/2006|16:26] C:\Program Files\Microprose
[16/06/2008|22:45] C:\Program Files\Microsoft ActiveSync
[11/05/2007|22:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[25/11/2004|05:27] C:\Program Files\microsoft frontpage
[04/06/2008|22:06] C:\Program Files\Microsoft Games
[05/02/2006|19:31] C:\Program Files\Microsoft Money 2005
[29/03/2007|22:17] C:\Program Files\Microsoft Office
[03/01/2005|06:49] C:\Program Files\Microsoft Works
[26/12/2005|19:30] C:\Program Files\Microsoft.NET
[15/11/2006|14:41] C:\Program Files\Mindscape
[11/11/2007|17:14] C:\Program Files\monAlbumPhoto
[25/11/2004|05:27] C:\Program Files\Movie Maker
[14/07/2008|22:20] C:\Program Files\Mozilla Firefox
[29/03/2007|22:17] C:\Program Files\MSECache
[13/09/2006|12:52] C:\Program Files\MSN
[07/06/2006|12:58] C:\Program Files\MSN Games
[25/11/2004|05:27] C:\Program Files\MSN Gaming Zone
[11/02/2007|12:04] C:\Program Files\MSN Messenger
[29/06/2008|11:20] C:\Program Files\MSNServersX
[15/10/2006|09:47] C:\Program Files\MSXML 4.0
[03/01/2005|06:53] C:\Program Files\muvee Technologies
[14/07/2006|19:53] C:\Program Files\NetMeeting
[25/11/2004|05:27] C:\Program Files\Online Services
[18/02/2007|14:35] C:\Program Files\OriaSoft
[13/06/2007|22:38] C:\Program Files\Outlook Express
[03/01/2005|07:06] C:\Program Files\PC-Doctor 5 for Windows
[24/10/2007|22:01] C:\Program Files\Picasa2
[06/04/2007|20:40] C:\Program Files\Popims
[13/04/2008|14:50] C:\Program Files\QuickTime
[30/08/2006|20:31] C:\Program Files\Real
[13/04/2008|14:55] C:\Program Files\Safari
[03/01/2005|07:03] C:\Program Files\Services en ligne
[19/01/2008|14:50] C:\Program Files\SLIM-Data
[03/01/2005|06:44] C:\Program Files\Sonic
[14/07/2006|12:05] C:\Program Files\Symantec
[18/02/2007|22:45] C:\Program Files\t@b
[23/12/2006|19:32] C:\Program Files\Terminal Reality
[06/08/2006|11:13] C:\Program Files\TuxPaint
[28/06/2008|14:14] C:\Program Files\Ubi Soft
[28/06/2008|11:50] C:\Program Files\Ubisoft
[24/11/2004|03:37] C:\Program Files\Uninstall Information
[04/06/2008|10:38] C:\Program Files\ViaMichelin
[30/06/2006|22:13] C:\Program Files\vso
[07/12/2007|23:41] C:\Program Files\Windows Live
[11/05/2007|21:33] C:\Program Files\Windows Media Connect 2
[11/05/2007|21:33] C:\Program Files\Windows Media Player
[14/07/2006|19:53] C:\Program Files\Windows NT
[24/11/2004|03:37] C:\Program Files\WindowsUpdate
[26/03/2007|22:03] C:\Program Files\WinZip
[25/11/2004|05:28] C:\Program Files\xerox
[13/11/2006|22:57] C:\Program Files\Xing

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[12/06/2008|19:07] C:\Program Files\Fichiers communs\Adobe
[28/08/2007|22:24] C:\Program Files\Fichiers communs\Apple
[02/12/1996|19:44] C:\Program Files\Fichiers communs\dao350.dll
[26/12/2005|19:31] C:\Program Files\Fichiers communs\DESIGNER
[03/01/2005|06:39] C:\Program Files\Fichiers communs\Hewlett-Packard
[03/01/2005|06:35] C:\Program Files\Fichiers communs\HP
[03/01/2005|06:50] C:\Program Files\Fichiers communs\InstallShield
[03/01/2005|06:46] C:\Program Files\Fichiers communs\InterVideo
[03/01/2005|06:15] C:\Program Files\Fichiers communs\Java
[29/12/2007|14:01] C:\Program Files\Fichiers communs\LogiShrd
[29/12/2007|13:56] C:\Program Files\Fichiers communs\Logitech
[07/12/2007|23:42] C:\Program Files\Fichiers communs\Microsoft Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\MSSoap
[03/01/2005|06:53] C:\Program Files\Fichiers communs\muvee Technologies
[25/11/2004|05:26] C:\Program Files\Fichiers communs\ODBC
[03/09/2006|10:16] C:\Program Files\Fichiers communs\Real
[14/07/2006|19:53] C:\Program Files\Fichiers communs\Services
[03/01/2005|06:43] C:\Program Files\Fichiers communs\Sonic Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\SpeechEngines
[03/01/2005|06:43] C:\Program Files\Fichiers communs\SureThing Shared
[13/06/2007|22:38] C:\Program Files\Fichiers communs\System
[03/01/2005|06:44] C:\Program Files\Fichiers communs\TiVo Shared
[19/06/2006|11:01] C:\Program Files\Fichiers communs\Vitalize
[07/12/2007|23:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 53

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-15 08:11:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\Pack.epk
! EGDACCESS !

=> C:\DOCUME~1\HP_PRO~1\MESDOC~1\Nathalie\Anniversaire Nathalie\All the Music\Dossier Nath\Jacques Dutronc - Crack Boum Hue.MP3
=> C:\Documents and Settings\HP_Propri‚taire\Mes documents\Nathalie\Anniversaire Nathalie\All the Music\Dossier Nath\Jacques Dutronc - Crack Boum Hue.MP3
=> C:\Documents and Settings\HP_Propri‚taire\Recent\Atomix Virtual DJ 3.2 + crack + 38 skins + 109 effects + 123 samples.lnk
=> C:\Documents and Settings\All Users\Documents\Ma musique\Jacques Dutronc - Crack Boum Hue.MP3


[F:13][D:1]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:2248][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:4555][D:22]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 8:14:33,98 ]----------------------
dédétraqué
  
  :-)
      ?   @     Posté le 15/07/2008 12:24:36  
Voter pour ce message
Salut ericnol


- Double clic sur navilog1 présent sur le bureau

- Appuie sur F ou f valide par Entrée

- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options

- Choisis l'option 1 appuie sur la touche Entrée pour valider ton choix.

- Patiente jusqu'au message : *** Analyse Termine le ..... ***

- Le scan fini un rapport portant ce fixnavi.txt sera affiché poste le contenu de ce rapport.
- Si le résultat du scan ne s'affiche pas tu le trouvera dans C:\fixnavi.txt.

N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan


@++
ericnol
  
   
      ?   @     Posté le 15/07/2008 19:11:18  
Voter pour ce message
désolé mais je ne trouve pas de navilog1 même en faisant une recherche....
dédétraqué
  
  :-)
      ?   @     Posté le 15/07/2008 19:12:30  
Voter pour ce message
Salut ericnol


Télécharge Navilog1 (de IL-MAFIOSO) sur le bureau http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

- Double clic sur Navilog1.exe afin de lancer l'installation

- Si le fix ne lance pas automatiquement aprés son installation

- Double clic sur navilog1 présent sur le bureau

- Appuie sur F ou f valide par Entrée

- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options

- Choisis l'option 1 appuie sur la touche Entrée pour valider ton choix.

- Patiente jusqu'au message : *** Analyse Termine le ..... ***

- Le scan fini un rapport portant ce fixnavi.txt sera affiché poste le contenu de ce rapport.
- Si le résultat du scan ne s'affiche pas tu le trouvera dans C:\fixnavi.txt.

N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan


@++
ericnol
  
   
      ?   @     Posté le 15/07/2008 20:19:40  
Voter pour ce message
Search Navipromo version 3.6.0 commencé le 15/07/2008 à 19:33:23,92

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "HP_Propriétaire"

Mise à jour le 27.06.2008 à 23h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\menudÉ~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Eric\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Honorine\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\HP_PRO~2\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\VICTOR~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Eric\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Honorine\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\VICTOR~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Eric\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Honorine\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\VICTOR~1\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\Eric\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\Honorine\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\VICTOR~1\locals~1\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !

*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" :


* Dans "C:\DOCUME~1\Eric\locals~1\applic~1" :


* Dans "C:\DOCUME~1\Honorine\locals~1\applic~1" :


* Dans "C:\DOCUME~1\VICTOR~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 15/07/2008 à 19:45:58,54 ***
dédétraqué
  
  :-)
      ?   @     Posté le 15/07/2008 20:30:15  
Voter pour ce message
Salut ericnol


- Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valide.

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandée.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau

Redémarres normalement et poste le rapport cleannavi.txt, avec un nouveau rapport HijackThis


@++
ericnol
  
   
      ?   @     Posté le 15/07/2008 20:50:14  
Voter pour ce message
voici les 2 rapports :

fixnavi

Search Navipromo version 3.6.0 commencé le 15/07/2008 à 19:33:23,92

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "HP_Propriétaire"

Mise à jour le 27.06.2008 à 23h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\menudÉ~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Eric\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Honorine\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\HP_PRO~2\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\VICTOR~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Eric\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Honorine\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\VICTOR~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Eric\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Honorine\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\VICTOR~1\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\Eric\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\Honorine\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\VICTOR~1\locals~1\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !

*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" :


* Dans "C:\DOCUME~1\Eric\locals~1\applic~1" :


* Dans "C:\DOCUME~1\Honorine\locals~1\applic~1" :


* Dans "C:\DOCUME~1\VICTOR~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 15/07/2008 à 19:45:58,54 ***



HiJackTHis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:47:25, on 15/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\NOTEPAD.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Foto.com\Editeur Foto.com\dd.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe <