Bonjour,

J'ai besoin de votre aide, depuis un bout de temps j'ai sans arrêt des fenêtres intempestives, cela ralentit énormément le pc, quand j'utilise mozilla firefox j'en ai moins, mais quand j'utilise internet explorer j'en ai toutes les deux minutes...

Voila, j'ai effacer l'autre et j'ai refais un scan avec trend...


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:35:53, on 22/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBKE.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.l7ay7a.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.unika.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: BrowsingSoftware - {B886C1F4-D1D3-45F5-F45E-75EB024320AC} - C:\Program Files\BrowsingSoftware\BrowsingSoftware-2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ErrorSafeFree] "C:\Program Files\ErrorSafe Free\uers.exe" /min
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [EPSON Stylus DX7000F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBKE.EXE /FU "C:\WINDOWS\TEMP\E_SE1.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
O4 - HKCU\..\Run: [BAIT SLOW] C:\DOCUME~1\SERKAN~1\APPLIC~1\GRIDGP~1\interaxisstyle.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [none] C:\Program Files\Video ActiveX Object\pmsngr.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamini.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?5ffe0c7c1a3144988f376eae15ac406f
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?5ffe0c7c1a3144988f376eae15ac406f
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {3AEECF42-EFE4-4AC8-AE9E-83C031EC09AB} (GamyunNetToolbar) - http://server.gamyun.net/cert/GamyunIeToolbar.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn. [...] nPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.co [...] 8155672781
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: hirtellous - {fa19bd7e-50bc-4203-80ac-c4edc81ca9a3} - (no file)
O22 - SharedTaskScheduler: hirtellous - {fa19bd7e-50bc-4203-80ac-c4edc81ca9a3} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - http://www.citroen.com/NR/rdonlyre [...] 3_1024.jpg
O24 - Desktop Component 1: (no name) - http://i112.photobucket.com/albums [...] /obese.jpg

--
End of file - 14262 bytes

Je rappelle que j'ai édité mon message et supprimer le "rapport" ad-aware, et j'ai reposté un rappot en utilisant Hijackthis ...

Merci d'avance

1)
-----------------------------[ Lop S&D 2.3.7 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Serkan HIDIR ] [ "C:\Program Files\Lop SD" ]
[ 22/02/2008 | 21:33:28,76 ] [ PC : SY4PPNP16A ]
[ MAJ : 21-02-2008 | 22:45 ]

-------------[ Listing des dossiers dans Application Data ]------------

[06/09/2004|15:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[06/09/2004|15:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[06/09/2004|15:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[22/02/2008|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[22/02/2008|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[07/05/2007|09:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[21/01/2007|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[30/06/2007|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[18/01/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[28/12/2006|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[26/08/2007|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[06/09/2004|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[06/09/2004|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[26/05/2007|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
[04/02/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[10/10/2007|23:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
[19/04/2007|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[05/11/2007|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[22/02/2008|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[11/08/2007|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[18/09/2007|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/02/2008|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[27/12/2006|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[07/09/2004|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[18/02/2007|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[06/09/2004|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[07/09/2007|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[10/01/2007|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[15/03/2007|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[26/05/2007|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[23/01/2007|22:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22/12/2006|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[06/09/2004|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[06/09/2004|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[06/09/2004|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[06/09/2004|14:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[06/09/2004|14:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[06/09/2004|14:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06/09/2004|15:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic

[19/07/2007|19:28] C:\DOCUME~1\Hakan\APPLIC~1\.
[19/07/2007|19:28] C:\DOCUME~1\Hakan\APPLIC~1\..
[06/09/2004|15:40] C:\DOCUME~1\Hakan\APPLIC~1\Adobe
[06/09/2004|14:57] C:\DOCUME~1\Hakan\APPLIC~1\desktop.ini
[06/09/2004|14:23] C:\DOCUME~1\Hakan\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\Hakan\APPLIC~1\InterTrust
[19/07/2007|19:28] C:\DOCUME~1\Hakan\APPLIC~1\Microsoft
[06/09/2004|15:47] C:\DOCUME~1\Hakan\APPLIC~1\Sonic

[07/05/2007|09:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[07/05/2007|09:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[07/05/2007|09:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[12/08/2007|00:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee
[11/08/2007|17:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[07/04/2007|21:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
[07/11/2007|10:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor
[22/12/2006|21:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[06/09/2004|14:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[06/09/2004|14:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[11/08/2007|15:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft


[13/02/2008|15:52] C:\DOCUME~1\SERKAN~1\APPLIC~1\.
[13/02/2008|15:52] C:\DOCUME~1\SERKAN~1\APPLIC~1\..
[16/11/2007|20:24] C:\DOCUME~1\SERKAN~1\APPLIC~1\Adobe
[24/11/2007|19:02] C:\DOCUME~1\SERKAN~1\APPLIC~1\AdobeUM
[21/01/2007|17:15] C:\DOCUME~1\SERKAN~1\APPLIC~1\Ahead
[18/01/2007|22:14] C:\DOCUME~1\SERKAN~1\APPLIC~1\Apple Computer
[17/04/2007|00:14] C:\DOCUME~1\SERKAN~1\APPLIC~1\Camfrog
[29/12/2006|21:43] C:\DOCUME~1\SERKAN~1\APPLIC~1\CopyToDvd
[06/09/2004|14:57] C:\DOCUME~1\SERKAN~1\APPLIC~1\desktop.ini
[06/03/2007|21:07] C:\DOCUME~1\SERKAN~1\APPLIC~1\DriveCleaner Free
[07/02/2008|23:35] C:\DOCUME~1\SERKAN~1\APPLIC~1\EPSON
[29/12/2006|21:37] C:\DOCUME~1\SERKAN~1\APPLIC~1\ezpinst.exe
[22/03/2007|17:53] C:\DOCUME~1\SERKAN~1\APPLIC~1\F-Secure
[16/03/2007|20:35] C:\DOCUME~1\SERKAN~1\APPLIC~1\Google
[11/10/2007|11:39] C:\DOCUME~1\SERKAN~1\APPLIC~1\Grid Gpl
[06/09/2004|14:23] C:\DOCUME~1\SERKAN~1\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\SERKAN~1\APPLIC~1\InterTrust
[15/03/2007|18:51] C:\DOCUME~1\SERKAN~1\APPLIC~1\ispnews
[28/02/2007|21:39] C:\DOCUME~1\SERKAN~1\APPLIC~1\ItsLabel
[19/04/2007|14:26] C:\DOCUME~1\SERKAN~1\APPLIC~1\Jasc
[19/04/2007|13:51] C:\DOCUME~1\SERKAN~1\APPLIC~1\Jasc Software Inc
[27/05/2007|14:20] C:\DOCUME~1\SERKAN~1\APPLIC~1\Lavasoft
[24/12/2006|23:22] C:\DOCUME~1\SERKAN~1\APPLIC~1\Macromedia
[11/08/2007|17:41] C:\DOCUME~1\SERKAN~1\APPLIC~1\McAfee
[07/02/2008|23:29] C:\DOCUME~1\SERKAN~1\APPLIC~1\Microsoft
[28/02/2007|12:24] C:\DOCUME~1\SERKAN~1\APPLIC~1\Mozilla
[04/03/2007|00:25] C:\DOCUME~1\SERKAN~1\APPLIC~1\MSN6
[29/12/2006|21:37] C:\DOCUME~1\SERKAN~1\APPLIC~1\pcouffin.cat
[29/12/2006|21:37] C:\DOCUME~1\SERKAN~1\APPLIC~1\pcouffin.inf
[29/12/2006|21:37] C:\DOCUME~1\SERKAN~1\APPLIC~1\pcouffin.log
[29/12/2006|21:37] C:\DOCUME~1\SERKAN~1\APPLIC~1\pcouffin.sys
[15/03/2007|18:57] C:\DOCUME~1\SERKAN~1\APPLIC~1\PEX
[23/01/2008|09:38] C:\DOCUME~1\SERKAN~1\APPLIC~1\QuickZip45.ini
[02/08/2007|15:24] C:\DOCUME~1\SERKAN~1\APPLIC~1\Real
[18/02/2007|16:48] C:\DOCUME~1\SERKAN~1\APPLIC~1\SecondLife
[13/02/2008|15:52] C:\DOCUME~1\SERKAN~1\APPLIC~1\SecuROM
[06/02/2008|13:01] C:\DOCUME~1\SERKAN~1\APPLIC~1\SiteAdvisor
[22/02/2008|21:18] C:\DOCUME~1\SERKAN~1\APPLIC~1\Skype
[07/02/2008|23:34] C:\DOCUME~1\SERKAN~1\APPLIC~1\Smart Panel
[06/09/2004|15:47] C:\DOCUME~1\SERKAN~1\APPLIC~1\Sonic
[22/12/2006|23:48] C:\DOCUME~1\SERKAN~1\APPLIC~1\Sun
[22/12/2006|19:34] C:\DOCUME~1\SERKAN~1\APPLIC~1\Symantec
[01/02/2008|14:40] C:\DOCUME~1\SERKAN~1\APPLIC~1\Vso

[02/11/2007|12:25] C:\DOCUME~1\Volkan\APPLIC~1\.
[02/11/2007|12:25] C:\DOCUME~1\Volkan\APPLIC~1\..
[06/09/2004|15:40] C:\DOCUME~1\Volkan\APPLIC~1\Adobe
[06/09/2004|14:57] C:\DOCUME~1\Volkan\APPLIC~1\desktop.ini
[19/07/2007|19:37] C:\DOCUME~1\Volkan\APPLIC~1\Google
[06/09/2004|14:23] C:\DOCUME~1\Volkan\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\Volkan\APPLIC~1\InterTrust
[02/11/2007|12:25] C:\DOCUME~1\Volkan\APPLIC~1\Macromedia
[17/08/2007|19:59] C:\DOCUME~1\Volkan\APPLIC~1\McAfee
[21/11/2007|15:06] C:\DOCUME~1\Volkan\APPLIC~1\Microsoft
[19/07/2007|19:38] C:\DOCUME~1\Volkan\APPLIC~1\Mozilla
[17/08/2007|20:00] C:\DOCUME~1\Volkan\APPLIC~1\QuickZip45.ini
[27/07/2007|21:29] C:\DOCUME~1\Volkan\APPLIC~1\Real
[14/02/2008|10:28] C:\DOCUME~1\Volkan\APPLIC~1\SecuROM
[21/11/2007|15:06] C:\DOCUME~1\Volkan\APPLIC~1\SiteAdvisor
[06/09/2004|15:47] C:\DOCUME~1\Volkan\APPLIC~1\Sonic

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[22/02/2008 18:54][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job [--330--]
[15/02/2008 01:13][--a------] C:\WINDOWS\tasks\McDefragTask.job [--376--]
[01/09/2007 00:00][--a------] C:\WINDOWS\tasks\McQcTask.job [--366--]
[19/01/2008 21:23][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
[24/04/2003 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]
[22/02/2008 18:51][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[22/02/2008|21:32] C:\Program Files\.
[22/02/2008|21:32] C:\Program Files\..
[07/05/2007|09:17] C:\Program Files\Adobe
[11/10/2007|11:23] C:\Program Files\Adverts
[21/01/2007|17:08] C:\Program Files\Ahead
[07/05/2007|18:25] C:\Program Files\AntivirusFirewall
[23/07/2007|12:03] C:\Program Files\Anuman Interactive
[30/06/2007|19:41] C:\Program Files\Apple Software Update
[01/02/2007|22:06] C:\Program Files\ArcSoft
[23/07/2007|13:47] C:\Program Files\Auto-‚cole 3D
[26/08/2007|20:07] C:\Program Files\Boonty
[26/08/2007|20:08] C:\Program Files\BoontyGames
[22/02/2008|19:34] C:\Program Files\BrowsingSoftware
[30/05/2007|16:50] C:\Program Files\Camfrog
[06/09/2004|14:13] C:\Program Files\Common Files
[06/09/2004|14:02] C:\Program Files\ComPlus Applications
[06/09/2004|16:47] C:\Program Files\Creative
[07/09/2004|14:59] C:\Program Files\Cr‚ez votre site Web
[06/09/2004|15:42] C:\Program Files\CyberLink
[08/09/2007|15:56] C:\Program Files\directx
[03/08/2007|20:40] C:\Program Files\DivX
[11/10/2007|18:55] C:\Program Files\DK
[13/02/2008|15:33] C:\Program Files\Electronic Arts
[24/01/2008|11:44] C:\Program Files\eMule
[26/05/2007|16:12] C:\Program Files\EPSON
[07/02/2008|18:51] C:\Program Files\FBrowserAdvisor
[08/02/2008|21:56] C:\Program Files\FBrowsingAdvisor
[07/09/2004|15:06] C:\Program Files\FenAffiche
[22/02/2008|19:50] C:\Program Files\Fichiers communs
[07/05/2007|09:16] C:\Program Files\Free
[12/03/2007|21:22] C:\Program Files\FusionSoft DVD Player XP
[16/03/2007|20:33] C:\Program Files\Google
[18/09/2007|19:36] C:\Program Files\Grid Gpl
[01/02/2007|19:29] C:\Program Files\Grisoft
[06/09/2004|14:35] C:\Program Files\HighMAT CD Writing Wizard
[02/11/2007|18:56] C:\Program Files\InstallShield Installation Information
[06/09/2004|15:13] C:\Program Files\Intel
[12/03/2007|20:47] C:\Program Files\InterActual
[13/02/2008|23:33] C:\Program Files\Internet Explorer
[30/06/2007|19:46] C:\Program Files\iPod
[30/06/2007|19:46] C:\Program Files\iTunes
[28/12/2006|20:04] C:\Program Files\IVT Corporation
[31/01/2007|11:53] C:\Program Files\J.H.C. SoftWare
[19/04/2007|14:56] C:\Program Files\Jasc Software Inc
[02/09/2007|11:00] C:\Program Files\Java
[22/02/2008|19:51] C:\Program Files\Lavasoft
[30/11/2007|14:58] C:\Program Files\LimeWire
[22/12/2006|22:23] C:\Program Files\Logitech
[22/02/2008|21:33] C:\Program Files\Lop SD
[22/02/2008|18:51] C:\Program Files\McAfee
[07/05/2007|18:44] C:\Program Files\McAfee.com
[30/06/2007|19:29] C:\Program Files\MediaCoder
[24/01/2007|14:18] C:\Program Files\Messenger
[18/09/2007|19:35] C:\Program Files\Messenger Plus! Live
[08/09/2007|15:51] C:\Program Files\Microids
[06/09/2004|14:24] C:\Program Files\microsoft frontpage
[06/05/2007|15:21] C:\Program Files\Microsoft Office
[06/05/2007|15:19] C:\Program Files\Microsoft.NET
[23/01/2007|22:34] C:\Program Files\Movie Maker
[22/02/2008|19:28] C:\Program Files\Mozilla Firefox
[30/06/2007|18:59] C:\Program Files\MP3 Player Utilities 4.00
[04/03/2007|00:25] C:\Program Files\MSN
[06/09/2004|14:02] C:\Program Files\MSN Gaming Zone
[18/09/2007|19:35] C:\Program Files\MSN Messenger
[05/11/2007|21:21] C:\Program Files\MSN Reaper
[03/11/2007|14:14] C:\Program Files\MSXML 4.0
[23/01/2007|22:28] C:\Program Files\NetMeeting
[15/03/2007|18:48] C:\Program Files\Norton AntiVirus
[07/05/2007|09:14] C:\Program Files\OrangeHSS
[13/06/2007|01:01] C:\Program Files\Outlook Express
[17/04/2007|00:15] C:\Program Files\Pando Networks
[08/09/2004|13:32] C:\Program Files\Phoenix Technologies Ltd
[07/02/2008|18:51] C:\Program Files\PlayMP3z
[30/06/2007|19:49] C:\Program Files\QuickTime
[11/07/2007|19:57] C:\Program Files\QuickZip4
[20/07/2007|11:28] C:\Program Files\Real
[30/06/2007|17:08] C:\Program Files\Replay Converter
[02/11/2007|18:53] C:\Program Files\Samsung
[06/09/2004|14:02] C:\Program Files\Services en ligne
[15/11/2007|22:57] C:\Program Files\SiteAdvisor
[10/01/2007|20:03] C:\Program Files\Skype
[01/02/2007|22:05] C:\Program Files\Smart Panel
[06/09/2004|15:58] C:\Program Files\Sonic
[26/08/2007|20:10] C:\Program Files\T‚l‚chargeur de Singles
[22/02/2008|20:33] C:\Program Files\Trend Micro
[18/07/2007|00:03] C:\Program Files\TypeFaster
[06/09/2004|14:08] C:\Program Files\Uninstall Information
[30/06/2007|19:05] C:\Program Files\USBDisk
[29/08/2007|20:24] C:\Program Files\VSO
[12/02/2007|13:04] C:\Program Files\Wanadoo
[19/01/2007|20:54] C:\Program Files\Wanadoo Messager
[02/08/2007|20:02] C:\Program Files\WebMediaPlayer
[11/08/2007|15:03] C:\Program Files\Windows Defender
[06/09/2004|14:35] C:\Program Files\Windows Journal Viewer
[18/09/2007|19:35] C:\Program Files\Windows Live
[22/12/2006|22:21] C:\Program Files\Windows Live Toolbar
[06/03/2007|20:35] C:\Program Files\Windows Media Connect 2
[06/03/2007|20:35] C:\Program Files\Windows Media Player
[23/01/2007|22:28] C:\Program Files\Windows NT
[30/12/2006|22:43] C:\Program Files\WindowsUpdate
[06/09/2004|14:24] C:\Program Files\xerox
[01/02/2007|19:42] C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[22/02/2008|19:50] C:\Program Files\Fichiers communs\.
[22/02/2008|19:50] C:\Program Files\Fichiers communs\..
[03/01/2007|15:32] C:\Program Files\Fichiers communs\Adobe
[21/01/2007|17:06] C:\Program Files\Fichiers communs\Ahead
[30/06/2007|19:40] C:\Program Files\Fichiers communs\Apple
[26/08/2007|20:08] C:\Program Files\Fichiers communs\BOONTY Shared
[06/05/2007|15:21] C:\Program Files\Fichiers communs\DESIGNER
[06/03/2007|20:20] C:\Program Files\Fichiers communs\DriveCleaner Free
[12/02/2007|13:03] C:\Program Files\Fichiers communs\France Telecom
[23/07/2007|12:10] C:\Program Files\Fichiers communs\GIS
[11/10/2007|18:53] C:\Program Files\Fichiers communs\InstallShield
[19/04/2007|13:53] C:\Program Files\Fichiers communs\Jasc Software Inc
[22/12/2006|23:47] C:\Program Files\Fichiers communs\Java
[22/12/2006|22:23] C:\Program Files\Fichiers communs\Logitech
[23/07/2007|12:10] C:\Program Files\Fichiers communs\mapserv
[14/01/2008|19:50] C:\Program Files\Fichiers communs\McAfee
[13/02/2008|15:32] C:\Program Files\Fichiers communs\Microsoft Shared
[06/09/2004|14:03] C:\Program Files\Fichiers communs\MSSoap
[06/09/2004|14:57] C:\Program Files\Fichiers communs\ODBC
[02/08/2007|15:24] C:\Program Files\Fichiers communs\Real
[06/09/2004|14:03] C:\Program Files\Fichiers communs\Services
[10/01/2007|20:03] C:\Program Files\Fichiers communs\Skype
[06/09/2004|15:47] C:\Program Files\Fichiers communs\Sonic
[06/09/2004|14:57] C:\Program Files\Fichiers communs\SpeechEngines
[15/03/2007|18:54] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|01:01] C:\Program Files\Fichiers communs\System
[22/02/2008|19:50] C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
C:\Program Files\Adverts

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-22 21:37:37
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\vcrzhwvlai_navps.dat
C:\WINDOWS\system32\vcrzhwvlai_nav.dat
C:\WINDOWS\system32\vcrzhwvlai.dat
! EGDACCESS !


/!\ [Fich:2221][Doss:31] C:\DOCUME~1\SERKAN~1\LOCALS~1\Temp
/!\ [Fich:251][Doss:0] C:\DOCUME~1\SERKAN~1\Cookies
/!\ [Fich:16758][Doss:20] C:\DOCUME~1\SERKAN~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 21:39:17,59 ]----------------------

2)SmitFraudFix v2.294

Rapport fait à 21:47:21,89, 22/02/2008
Executé à partir de C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\windows\system32\ixzartobaj.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBKE.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Serkan HIDIR


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Serkan HIDIR\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url PRESENT !
C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\SERKAN~1\Favoris

C:\DOCUME~1\SERKAN~1\Favoris\Online Security Test.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="http://www.citroen.com/NR/rdonlyres/9B0B2B3F-7695-4EED-884C-DC212D1FDA9E/26000/3_1024.jpg"
"SubscribedURL"="http://www.citroen.com/NR/rdonlyres/9B0B2B3F-7695-4EED-884C-DC212D1FDA9E/26000/3_1024.jpg"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="http://i112.photobucket.com/albums/n169/damien44/obese.jpg"
"SubscribedURL"="http://i112.photobucket.com/albums/n169/damien44/obese.jpg"
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{fa19bd7e-50bc-4203-80ac-c4edc81ca9a3}"="hirtellous"



»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

HKLM\SYSTEM\CCS\Services\Tcpip\..\{39F9FB76-2C81-4E31-8E5E-BD68DDED41DE}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{85755769-B15D-45AE-BFCE-38F3D8A0F87B}: DhcpNameServer=195.5.219.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{39F9FB76-2C81-4E31-8E5E-BD68DDED41DE}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{85755769-B15D-45AE-BFCE-38F3D8A0F87B}: DhcpNameServer=195.5.219.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{39F9FB76-2C81-4E31-8E5E-BD68DDED41DE}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{85755769-B15D-45AE-BFCE-38F3D8A0F87B}: DhcpNameServer=195.5.219.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

3)BTFix 1.080 (par bibi26) - 22/02/2008 22:04:45 - Analyse
Lancé depuis C:\Documents and Settings\Serkan HIDIR\Bureau\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés

- C:\Program Files\BrowsingSoftware\
- C:\Program Files\FBrowserAdvisor\
- C:\Program Files\FBrowsingAdvisor\

---> Analyse terminée


Merci d'avance...

En attente de votre aide...

1) -----------------------------[ Lop S&D 2.3.8 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Serkan HIDIR ] [ "C:\Program Files\Lop SD" ]
[ 23/02/2008 | 20:00:19,92 ] [ PC : SY4PPNP16A ]
[ MAJ : 23-02-2008 | 13:27 ]


//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[06/09/2004|15:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[06/09/2004|15:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[06/09/2004|15:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[23/02/2008|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[23/02/2008|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[07/05/2007|09:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[21/01/2007|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[30/06/2007|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[18/01/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[28/12/2006|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[26/08/2007|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[06/09/2004|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[06/09/2004|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[26/05/2007|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
[04/02/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[19/04/2007|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[05/11/2007|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[22/02/2008|22:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[11/08/2007|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[18/09/2007|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/02/2008|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[27/12/2006|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[07/09/2004|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[18/02/2007|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[06/09/2004|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[07/09/2007|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[10/01/2007|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[15/03/2007|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[26/05/2007|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[23/01/2007|22:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22/12/2006|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[06/09/2004|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[06/09/2004|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[06/09/2004|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[06/09/2004|14:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[06/09/2004|14:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[06/09/2004|14:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06/09/2004|15:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic

[19/07/2007|19:28] C:\DOCUME~1\Hakan\APPLIC~1\.
[19/07/2007|19:28] C:\DOCUME~1\Hakan\APPLIC~1\..
[06/09/2004|15:40] C:\DOCUME~1\Hakan\APPLIC~1\Adobe
[06/09/2004|14:57] C:\DOCUME~1\Hakan\APPLIC~1\desktop.ini
[06/09/2004|14:23] C:\DOCUME~1\Hakan\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\Hakan\APPLIC~1\InterTrust
[19/07/2007|19:28] C:\DOCUME~1\Hakan\APPLIC~1\Microsoft
[06/09/2004|15:47] C:\DOCUME~1\Hakan\APPLIC~1\Sonic

[07/05/2007|09:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[07/05/2007|09:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[07/05/2007|09:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[12/08/2007|00:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee
[11/08/2007|17:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[07/04/2007|21:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
[07/11/2007|10:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor
[22/12/2006|21:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[06/09/2004|14:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[06/09/2004|14:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[11/08/2007|15:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft


[23/02/2008|15:08] C:\DOCUME~1\SERKAN~1\APPLIC~1\.
[23/02/2008|15:08] C:\DOCUME~1\SERKAN~1\APPLIC~1\..
[16/11/2007|20:24] C:\DOCUME~1\SERKAN~1\APPLIC~1\Adobe
[24/11/2007|19:02] C:\DOCUME~1\SERKAN~1\APPLIC~1\AdobeUM
[21/01/2007|17:15] C:\DOCUME~1\SERKAN~1\APPLIC~1\Ahead
[18/01/2007|22:14] C:\DOCUME~1\SERKAN~1\APPLIC~1\Apple Computer
[17/04/2007|00:14] C:\DOCUME~1\SERKAN~1\APPLIC~1\Camfrog
[29/12/2006|21:43] C:\DOCUME~1\SERKAN~1\APPLIC~1\CopyToDvd
[06/09/2004|14:57] C:\DOCUME~1\SERKAN~1\APPLIC~1\desktop.ini
[07/02/2008|23:35] C:\DOCUME~1\SERKAN~1\APPLIC~1\EPSON
[29/12/2006|21:37] C:\DOCUME~1\SERKAN~1\APPLIC~1\ezpinst.exe
[22/03/2007|17:53] C:\DOCUME~1\SERKAN~1\APPLIC~1\F-Secure
[16/03/2007|20:35] C:\DOCUME~1\SERKAN~1\APPLIC~1\Google
[06/09/2004|14:23] C:\DOCUME~1\SERKAN~1\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\SERKAN~1\APPLIC~1\InterTrust
[15/03/2007|18:51] C:\DOCUME~1\SERKAN~1\APPLIC~1\ispnews
[28/02/2007|21:39] C:\DOCUME~1\SERKAN~1\APPLIC~1\ItsLabel
[19/04/2007|14:26] C:\DOCUME~1\SERKAN~1\APPLIC~1\Jasc
[19/04/2007|13:51] C:\DOCUME~1\SERKAN~1\APPLIC~1\Jasc Software Inc
[27/05/2007|14:20] C:\DOCUME~1\SERKAN~1\APPLIC~1\Lavasoft
[24/12/2006|23:22] C:\DOCUME~1\SERKAN~1\APPLIC~1\Macromedia
[11/08/2007|17:41] C:\DOCUME~1\SERKAN~1\APPLIC~1\McAfee
[07/02/2008|23:29] C:\DOCUME~1\SERKAN~1\APPLIC~1\Microsoft
[28/02/2007|12:24] C:\DOCUME~1\SERKAN~1\APPLIC~1\Mozilla
[04/03/2007|00:25] C:\DOCUME~1\SERKAN~1\APPLIC~1\MSN6
[29/12/2006|21:37] C:\DOCUME~1\SERKAN~1\APPLIC~1\pcouffin.cat
[29/12/2006|21:37] C:\DOCUME~1\SERKAN~1\APPLIC~1\pcouffin.inf
[29/12/2006|21:37] C:\DOCUME~1\SERKAN~1\APPLIC~1\pcouffin.log
[29/12/2006|21:37] C:\DOCUME~1\SERKAN~1\APPLIC~1\pcouffin.sys
[15/03/2007|18:57] C:\DOCUME~1\SERKAN~1\APPLIC~1\PEX
[23/02/2008|19:49] C:\DOCUME~1\SERKAN~1\APPLIC~1\QuickZip45.ini
[02/08/2007|15:24] C:\DOCUME~1\SERKAN~1\APPLIC~1\Real
[18/02/2007|16:48] C:\DOCUME~1\SERKAN~1\APPLIC~1\SecondLife
[13/02/2008|15:52] C:\DOCUME~1\SERKAN~1\APPLIC~1\SecuROM
[06/02/2008|13:01] C:\DOCUME~1\SERKAN~1\APPLIC~1\SiteAdvisor
[23/02/2008|19:57] C:\DOCUME~1\SERKAN~1\APPLIC~1\Skype
[07/02/2008|23:34] C:\DOCUME~1\SERKAN~1\APPLIC~1\Smart Panel
[06/09/2004|15:47] C:\DOCUME~1\SERKAN~1\APPLIC~1\Sonic
[22/12/2006|23:48] C:\DOCUME~1\SERKAN~1\APPLIC~1\Sun
[22/12/2006|19:34] C:\DOCUME~1\SERKAN~1\APPLIC~1\Symantec
[01/02/2008|14:40] C:\DOCUME~1\SERKAN~1\APPLIC~1\Vso

[02/11/2007|12:25] C:\DOCUME~1\Volkan\APPLIC~1\.
[02/11/2007|12:25] C:\DOCUME~1\Volkan\APPLIC~1\..
[06/09/2004|15:40] C:\DOCUME~1\Volkan\APPLIC~1\Adobe
[06/09/2004|14:57] C:\DOCUME~1\Volkan\APPLIC~1\desktop.ini
[19/07/2007|19:37] C:\DOCUME~1\Volkan\APPLIC~1\Google
[06/09/2004|14:23] C:\DOCUME~1\Volkan\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\Volkan\APPLIC~1\InterTrust
[02/11/2007|12:25] C:\DOCUME~1\Volkan\APPLIC~1\Macromedia
[17/08/2007|19:59] C:\DOCUME~1\Volkan\APPLIC~1\McAfee
[21/11/2007|15:06] C:\DOCUME~1\Volkan\APPLIC~1\Microsoft
[19/07/2007|19:38] C:\DOCUME~1\Volkan\APPLIC~1\Mozilla
[17/08/2007|20:00] C:\DOCUME~1\Volkan\APPLIC~1\QuickZip45.ini
[27/07/2007|21:29] C:\DOCUME~1\Volkan\APPLIC~1\Real
[14/02/2008|10:28] C:\DOCUME~1\Volkan\APPLIC~1\SecuROM
[21/11/2007|15:06] C:\DOCUME~1\Volkan\APPLIC~1\SiteAdvisor
[06/09/2004|15:47] C:\DOCUME~1\Volkan\APPLIC~1\Sonic

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[23/02/2008 19:58][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job [--330--]
[15/02/2008 01:13][--a------] C:\WINDOWS\tasks\McDefragTask.job [--376--]
[01/09/2007 00:00][--a------] C:\WINDOWS\tasks\McQcTask.job [--366--]
[19/01/2008 21:23][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
[24/04/2003 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]
[23/02/2008 19:55][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[23/02/2008|19:53] C:\Program Files\.
[23/02/2008|19:53] C:\Program Files\..
[07/05/2007|09:17] C:\Program Files\Adobe
[21/01/2007|17:08] C:\Program Files\Ahead
[07/05/2007|18:25] C:\Program Files\AntivirusFirewall
[23/07/2007|12:03] C:\Program Files\Anuman Interactive
[30/06/2007|19:41] C:\Program Files\Apple Software Update
[01/02/2007|22:06] C:\Program Files\ArcSoft
[23/07/2007|13:47] C:\Program Files\Auto-‚cole 3D
[22/02/2008|22:10] C:\Program Files\Camfrog
[06/09/2004|14:13] C:\Program Files\Common Files
[06/09/2004|14:02] C:\Program Files\ComPlus Applications
[06/09/2004|16:47] C:\Program Files\Creative
[07/09/2004|14:59] C:\Program Files\Cr‚ez votre site Web
[06/09/2004|15:42] C:\Program Files\CyberLink
[08/09/2007|15:56] C:\Program Files\directx
[03/08/2007|20:40] C:\Program Files\DivX
[11/10/2007|18:55] C:\Program Files\DK
[13/02/2008|15:33] C:\Program Files\Electronic Arts
[24/01/2008|11:44] C:\Program Files\eMule
[26/05/2007|16:12] C:\Program Files\EPSON
[07/09/2004|15:06] C:\Program Files\FenAffiche
[23/02/2008|15:08] C:\Program Files\Fichiers communs
[07/05/2007|09:16] C:\Program Files\Free
[12/03/2007|21:22] C:\Program Files\FusionSoft DVD Player XP
[16/03/2007|20:33] C:\Program Files\Google
[01/02/2007|19:29] C:\Program Files\Grisoft
[06/09/2004|14:35] C:\Program Files\HighMAT CD Writing Wizard
[02/11/2007|18:56] C:\Program Files\InstallShield Installation Information
[06/09/2004|15:13] C:\Program Files\Intel
[12/03/2007|20:47] C:\Program Files\InterActual
[13/02/2008|23:33] C:\Program Files\Internet Explorer
[30/06/2007|19:46] C:\Program Files\iPod
[30/06/2007|19:46] C:\Program Files\iTunes
[28/12/2006|20:04] C:\Program Files\IVT Corporation
[31/01/2007|11:53] C:\Program Files\J.H.C. SoftWare
[19/04/2007|14:56] C:\Program Files\Jasc Software Inc
[02/09/2007|11:00] C:\Program Files\Java
[22/02/2008|22:09] C:\Program Files\Lavasoft
[30/11/2007|14:58] C:\Program Files\LimeWire
[22/12/2006|22:23] C:\Program Files\Logitech
[23/02/2008|20:00] C:\Program Files\Lop SD
[23/02/2008|14:46] C:\Program Files\McAfee
[07/05/2007|18:44] C:\Program Files\McAfee.com
[30/06/2007|19:29] C:\Program Files\MediaCoder
[24/01/2007|14:18] C:\Program Files\Messenger
[18/09/2007|19:35] C:\Program Files\Messenger Plus! Live
[08/09/2007|15:51] C:\Program Files\Microids
[06/09/2004|14:24] C:\Program Files\microsoft frontpage
[06/05/2007|15:21] C:\Program Files\Microsoft Office
[06/05/2007|15:19] C:\Program Files\Microsoft.NET
[23/01/2007|22:34] C:\Program Files\Movie Maker
[23/02/2008|19:57] C:\Program Files\Mozilla Firefox
[30/06/2007|18:59] C:\Program Files\MP3 Player Utilities 4.00
[04/03/2007|00:25] C:\Program Files\MSN
[06/09/2004|14:02] C:\Program Files\MSN Gaming Zone
[18/09/2007|19:35] C:\Program Files\MSN Messenger
[05/11/2007|21:21] C:\Program Files\MSN Reaper
[03/11/2007|14:14] C:\Program Files\MSXML 4.0
[23/01/2007|22:28] C:\Program Files\NetMeeting
[15/03/2007|18:48] C:\Program Files\Norton AntiVirus
[07/05/2007|09:14] C:\Program Files\OrangeHSS
[13/06/2007|01:01] C:\Program Files\Outlook Express
[17/04/2007|00:15] C:\Program Files\Pando Networks
[08/09/2004|13:32] C:\Program Files\Phoenix Technologies Ltd
[07/02/2008|18:51] C:\Program Files\PlayMP3z
[30/06/2007|19:49] C:\Program Files\QuickTime
[11/07/2007|19:57] C:\Program Files\QuickZip4
[20/07/2007|11:28] C:\Program Files\Real
[30/06/2007|17:08] C:\Program Files\Replay Converter
[02/11/2007|18:53] C:\Program Files\Samsung
[06/09/2004|14:02] C:\Program Files\Services en ligne
[15/11/2007|22:57] C:\Program Files\SiteAdvisor
[10/01/2007|20:03] C:\Program Files\Skype
[01/02/2007|22:05] C:\Program Files\Smart Panel
[06/09/2004|15:58] C:\Program Files\Sonic
[26/08/2007|20:10] C:\Program Files\T‚l‚chargeur de Singles
[22/02/2008|20:33] C:\Program Files\Trend Micro
[18/07/2007|00:03] C:\Program Files\TypeFaster
[06/09/2004|14:08] C:\Program Files\Uninstall Information
[30/06/2007|19:05] C:\Program Files\USBDisk
[29/08/2007|20:24] C:\Program Files\VSO
[12/02/2007|13:04] C:\Program Files\Wanadoo
[19/01/2007|20:54] C:\Program Files\Wanadoo Messager
[02/08/2007|20:02] C:\Program Files\WebMediaPlayer
[11/08/2007|15:03] C:\Program Files\Windows Defender
[06/09/2004|14:35] C:\Program Files\Windows Journal Viewer
[18/09/2007|19:35] C:\Program Files\Windows Live
[22/12/2006|22:21] C:\Program Files\Windows Live Toolbar
[06/03/2007|20:35] C:\Program Files\Windows Media Connect 2
[06/03/2007|20:35] C:\Program Files\Windows Media Player
[23/01/2007|22:28] C:\Program Files\Windows NT
[30/12/2006|22:43] C:\Program Files\WindowsUpdate
[06/09/2004|14:24] C:\Program Files\xerox
[01/02/2007|19:42] C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[23/02/2008|15:08] C:\Program Files\Fichiers communs\.
[23/02/2008|15:08] C:\Program Files\Fichiers communs\..
[03/01/2007|15:32] C:\Program Files\Fichiers communs\Adobe
[21/01/2007|17:06] C:\Program Files\Fichiers communs\Ahead
[30/06/2007|19:40] C:\Program Files\Fichiers communs\Apple
[06/05/2007|15:21] C:\Program Files\Fichiers communs\DESIGNER
[12/02/2007|13:03] C:\Program Files\Fichiers communs\France Telecom
[23/07/2007|12:10] C:\Program Files\Fichiers communs\GIS
[11/10/2007|18:53] C:\Program Files\Fichiers communs\InstallShield
[19/04/2007|13:53] C:\Program Files\Fichiers communs\Jasc Software Inc
[22/12/2006|23:47] C:\Program Files\Fichiers communs\Java
[22/12/2006|22:23] C:\Program Files\Fichiers communs\Logitech
[23/07/2007|12:10] C:\Program Files\Fichiers communs\mapserv
[14/01/2008|19:50] C:\Program Files\Fichiers communs\McAfee
[13/02/2008|15:32] C:\Program Files\Fichiers communs\Microsoft Shared
[06/09/2004|14:03] C:\Program Files\Fichiers communs\MSSoap
[06/09/2004|14:57] C:\Program Files\Fichiers communs\ODBC
[02/08/2007|15:24] C:\Program Files\Fichiers communs\Real
[06/09/2004|14:03] C:\Program Files\Fichiers communs\Services
[10/01/2007|20:03] C:\Program Files\Fichiers communs\Skype
[06/09/2004|15:47] C:\Program Files\Fichiers communs\Sonic
[06/09/2004|14:57] C:\Program Files\Fichiers communs\SpeechEngines
[15/03/2007|18:54] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|01:01] C:\Program Files\Fichiers communs\System

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-23 20:04:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\vcrzhwvlai_navps.dat
C:\WINDOWS\system32\vcrzhwvlai_nav.dat
C:\WINDOWS\system32\vcrzhwvlai.dat
! EGDACCESS !


/!\ [Fich:3][Doss:1] C:\DOCUME~1\SERKAN~1\LOCALS~1\Temp
/!\ [Fich:252][Doss:0] C:\DOCUME~1\SERKAN~1\Cookies
/!\ [Fich:1345][Doss:20] C:\DOCUME~1\SERKAN~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 20:06:13,25 ]----------------------

2)File/Folder C:\DOCUME~1\SERKAN~1\APPLIC~1\DriveCleaner Free not found.
File/Folder C:\DOCUME~1\SERKAN~1\APPLIC~1\Grid Gpl not found.
File/Folder C:\Program Files\Boonty not found.
File/Folder C:\Program Files\BoontyGames not found.
File/Folder C:\Program Files\Grid Gpl not found.
File/Folder C:\Program Files\Fichiers communs\BOONTY Shared not found.
File/Folder C:\Program Files\Fichiers communs\DriveCleaner Free not found.
File/Folder C:\Program Files\ErrorSafe Free not found.

OTMoveIt2 v1.0.20 log created on 02232008_200752

3)SmitFraudFix v2.294

Rapport fait à 19:28:08,98, 23/02/2008
Executé à partir de C:\Documents and Settings\Serkan HIDIR\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{fa19bd7e-50bc-4203-80ac-c4edc81ca9a3}"="hirtellous"


»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost







































































»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url supprimé
C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url supprimé
C:\DOCUME~1\SERKAN~1\Favoris\Online Security Test.url supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{39F9FB76-2C81-4E31-8E5E-BD68DDED41DE}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{85755769-B15D-45AE-BFCE-38F3D8A0F87B}: DhcpNameServer=195.5.219.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{39F9FB76-2C81-4E31-8E5E-BD68DDED41DE}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{85755769-B15D-45AE-BFCE-38F3D8A0F87B}: DhcpNameServer=195.5.219.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{39F9FB76-2C81-4E31-8E5E-BD68DDED41DE}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{85755769-B15D-45AE-BFCE-38F3D8A0F87B}: DhcpNameServer=195.5.219.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


4) BTFix 1.080 (par bibi26) - 23/02/2008 19:52:26 - Nettoyage - Mode sans échec
Lancé depuis C:\Documents and Settings\Serkan HIDIR\Bureau\BTFix\BTFix.exe

---> Fichiers/dossiers supprimés (Première passe)

- Fichiers temporaires effacés
- C:\Program Files\BrowsingSoftware\
- C:\Program Files\FBrowserAdvisor\
- C:\Program Files\FBrowsingAdvisor\

---> Nettoyage terminé

je vais effectuer l'étape 5 et 6 dans quelques minutes...

Non je n'ai pas fait de manips personnelles.... J'i juste fait ce que tu m'a recommandé...


6)Search Navipromo version 3.4.6 commencé le 23/02/2008 à 20:25:31,21

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 20.02.2008 à 20h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***


WebMediaPlayer


*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***

C:\Program Files\WebMediaPlayer trouvé !


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




*** Recherche dossiers dans "C:\Documents and Settings\Serkan HIDIR\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\Serkan HIDIR\locals~1\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\Serkan HIDIR\MENUDM~1\PROGRA~1" ***

...\WebMediaPlayer trouvé !

*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Fichier(s) caché(s) :

C:\WINDOWS\system32\ixzartobaj.dat
C:\WINDOWS\system32\ixzartobaj.exe
C:\WINDOWS\system32\ixzartobaj_nav.dat
C:\WINDOWS\system32\ixzartobaj_navps.dat



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

Fichiers suspects :

C:\WINDOWS\system32\imwgnm.exe trouvé !

* Recherche dans "C:\Documents and Settings\Serkan HIDIR\locals~1\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !


*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans C:\WINDOWS\system32 :

ixzartobaj.dat trouvé !
vcrzhwvlai.dat trouvé !

* Dans "C:\Documents and Settings\Serkan HIDIR\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !

4)Recherche fichiers connus :



*** Analyse terminée le 23/02/2008 à 20:36:26,53 ***

Oui, tu as encore une infection, et tu dois encore avoir des pubs.

(tu as/avais deux infections qui apportent des pubs avec elles..)

Peux-tu répondre à ma question précédente ?
(post juste au dessus)

Double clique sur le raccourci de navilog1.
Option 2 puis valide. (entrée)
Laisse toi guider.
Ton ordinateur va redémarrer, sinon fais le manuellement.

Ton bureau va disparaître.

Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"

Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.
Sauvegarde le rapport.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tapes explorer et valides. Cela te fera apparaitre ton bureau

Démarrer -> panneau de configuration -> options internet
Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

electronic-group ; egroup ; Montorgueil ; VIP ; "Sunny Day Design Ltd"

~~> Supprime-les tous <~~

Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.

Re,

Supprime C:\WINDOWS\system32\imwgnm.exe

Télécharge sur ton bureau : Clean (de Malekal) >Tuto<
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé.
Poste le rapport se trouve ici : C:\rapport_clean.txt

Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.

j'ai en effet obtenu C:\upload_moi.zip et je l'ai envoyé au site...

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 19:11:16 25/02/2008

+ Résultat de l'analyse:



HKU\S-1-5-21-2937445674-396712335-2759719312-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} -> Adware.Generic : Aucune action entreprise.
C:\_OTMoveIt\MovedFiles\02232008_150835\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe -> Adware.WinFixer : Aucune action entreprise.
C:\Program Files\PlayMP3z\PlayMP3.exe -> Not-A-Virus.Adware.Agent : Aucune action entreprise.
:mozilla.83:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@247realmedia[1].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.157:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.158:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.159:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.160:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.484:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.699:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.850:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@autoscout24.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.643:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.647:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.553:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adengage : Aucune action entreprise.
:mozilla.554:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adengage : Aucune action entreprise.
:mozilla.555:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adengage : Aucune action entreprise.
:mozilla.286:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.287:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.288:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.289:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.290:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.291:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.292:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.293:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@adrevolver[1].txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.440:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.441:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@adtech[1].txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.37:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.38:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.43:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.44:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@advertising[1].txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.309:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Adviva : Aucune action entreprise.
:mozilla.19:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Volkan\Cookies\volkan@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.181:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.496:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.497:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.498:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.499:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.500:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.501:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@casinotropez[1].txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.712:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.713:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.714:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.182:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.61:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise.
C:\Documents and Settings\Volkan\Cookies\volkan@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.724:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.725:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@fastclick[1].txt -> TrackingCookie.Fastclick : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Aucune action entreprise.
:mozilla.738:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.797:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.151:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.152:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.153:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.615:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@ehg-foxmovies.hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.641:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Hitslink : Aucune action entreprise.
:mozilla.681:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.682:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.482:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Ivwbox : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@ivwbox[1].txt -> TrackingCookie.Ivwbox : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.674:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Masterstats : Aucune action entreprise.
:mozilla.183:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.184:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.185:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@mediaplex[2].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Volkan\Cookies\volkan@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Volkan\Cookies\volkan@auto.search.msn[1].txt -> TrackingCookie.Msn : Aucune action entreprise.
:mozilla.21:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Netflame : Aucune action entreprise.
:mozilla.263:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.264:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.265:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@overture[1].txt -> TrackingCookie.Overture : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.804:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise.
:mozilla.805:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise.
:mozilla.806:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise.
:mozilla.807:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise.
:mozilla.425:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.426:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.427:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.428:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.429:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.430:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.431:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.432:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.792:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.793:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.863:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.864:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.825:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Skype : Aucune action entreprise.
:mozilla.40:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.41:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.42:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.48:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.49:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.255:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.87:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.88:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.89:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.90:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.91:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.586:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Vegasred : Aucune action entreprise.
:mozilla.587:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Vegasred : Aucune action entreprise.
:mozilla.65:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.66:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.67:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.68:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan_hidir@m.webtrends[1].txt -> TrackingCookie.Webtrends : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.471:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.472:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.473:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.474:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.475:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.236:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.237:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.238:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.239:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.240:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.241:C:\Documents and Settings\Serkan HIDIR\Application Data\Mozilla\Firefox\Profiles\pdjqss9s.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
C:\Documents and Settings\Serkan HIDIR\Cookies\serkan hidir@zedo[2].txt -> TrackingCookie.Zedo : Aucune action entreprise.


Fin du rapport

Parcontre je ne peux pas posté le rapport de clean, car à la fin il m'envoie sur un site, et comme en mode sans échec je n'ai pas de connexion l'éxécution se fige et je suis obligé de fermé clean....
J'espère que t'as compris...lol

Voila se qui apparait dans la colonne de droite....

File/Folder C:\Documents and Settings\Serkan HIDIR\Application Data\ezpinst.exe not found.
File/Folder C:\StubInstaller.exe not found.

OTMoveIt2 v1.0.20 log created on 02262008_185715

et puis je n'arrive pas à supprimer la clé que tu m'a demandé de supprimer, je l'a trouve mais il y'a un message d'erreur "erreur lors de la suppression de la clé"...
Parcontre j'ai réussi à supprimer Playmp3z.....

Rapport avec Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:05:31, on 26/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {3AEECF42-EFE4-4AC8-AE9E-83C031EC09AB} (GamyunNetToolbar) - http://server.gamyun.net/cert/GamyunIeToolbar.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn. [...] nPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.co [...] 8155672781
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Service de licence ABBYY FineReader 9.0 (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 11430 bytes

Oui en effet mon pc est beaucoup plus rapide, je n'ai plus de pub ( j'en ai eu qu'une depuis la derniére fois et c'était un site ou il vendait des pc, autrement j'en ai plus....

Merci encore.

je crois que je n'ai pas le programme approprié pour ouvrir "correction" car ca me demande de choisir le prgrm pr l'ouvrir, et une fois que je l'ouvre sa m'affiche la même chose...

REGEDIT4


[-HKU\S-1-5-21-2937445674-396712335-2759719312-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0D045BAA-4BD3-4C94-BE8B-21536BD6B

Oui mdr j'ai mcafee, de plus je paie 5 € par mois pour cet antivirus..Mais comme je ne sais pas quel antivirus choisir...J'ai déjà essayé norton et c'est beaucoup plus pire...

Je suis désolé mais sa ne marche pas quand même ( je l'ouvre ave le bloc note...) :
REGEDIT4

[-HKU\S-1-5-21-2937445674-396712335-2759719312-1006\Software\Microsoft\Internet
Explorer\Toolbar\WebBrowser\\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F}]

lorsque je double clique sur l'icone "correction" sur le bureau, sa me met "choisir le programme pour ouvrir le fichier"....et je choisis le bloc note....

je ne comprend pas....

Merci encore

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 21:28:39 29/02/2008

+ Résultat de l'analyse:



Rien à signaler.



Fin du rapport

Voila merci d'avance, et désolé du retard...