Au secours, j'y comprend rien aux fichier lop

Fermé
Groseille - 1 févr. 2009 à 15:46
 Utilisateur anonyme - 1 févr. 2009 à 20:20
Bonjour,
Il faut que je nettoie mon pc, mais suite au rapport lop, j'ai peur de faire des bêtises. Est ce que quelqu'un peut m'aider ? D'avance merci. Voici le rapport :
Ah oui et depuis quelque temps, c'est pour ça que je nettoie, il ya des fichiers thumbs et desktops qui sont apparu dans tous mes autres fichiers mais on dirait qu'ils sont un peu transparents... ????


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03
USER : gaelle ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:32 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 01/02/2009|13:48 )

--------------------\\ Listing des dossiers dans APPLIC~1

[13/07/2007|13:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[01/06/2008|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/07/2007|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[06/07/2007|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[31/01/2009|21:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[11/03/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Broderbund Software
[07/07/2007|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[05/07/2007|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/02/2008|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Defy Memo Find Trust
[16/01/2009|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[13/07/2007|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft(2)
[04/11/2008|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[07/07/2007|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[26/08/2008|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[13/07/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[31/12/2008|07:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memeo
[20/07/2007|06:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/12/2008|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/05/2008|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[08/01/2008|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Recisio
[07/07/2007|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[14/06/2008|08:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel
[06/07/2007|08:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/07/2007|20:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[24/06/2008|14:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[05/07/2007|09:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[10/09/2008|19:45] C:\DOCUME~1\Franck\APPLIC~1\Adobe
[06/07/2007|10:13] C:\DOCUME~1\Franck\APPLIC~1\Apple Computer
[16/09/2008|12:31] C:\DOCUME~1\Franck\APPLIC~1\AVGTOOLBAR
[05/07/2007|15:51] C:\DOCUME~1\Franck\APPLIC~1\DivX
[19/10/2007|16:41] C:\DOCUME~1\Franck\APPLIC~1\Google
[05/07/2007|09:37] C:\DOCUME~1\Franck\APPLIC~1\Identities
[07/07/2007|14:02] C:\DOCUME~1\Franck\APPLIC~1\Macromedia
[14/06/2008|08:33] C:\DOCUME~1\Franck\APPLIC~1\Microsoft
[07/07/2007|13:54] C:\DOCUME~1\Franck\APPLIC~1\OpenOffice.org2
[10/09/2008|19:44] C:\DOCUME~1\Franck\APPLIC~1\PC Suite
[05/07/2007|15:50] C:\DOCUME~1\Franck\APPLIC~1\Real
[07/07/2007|14:24] C:\DOCUME~1\Franck\APPLIC~1\ScanSoft
[05/07/2007|15:08] C:\DOCUME~1\Franck\APPLIC~1\Sun

[01/06/2008|22:14] C:\DOCUME~1\gaelle\APPLIC~1\Adobe
[08/07/2007|16:44] C:\DOCUME~1\gaelle\APPLIC~1\Apple Computer
[16/04/2008|13:12] C:\DOCUME~1\gaelle\APPLIC~1\ArcSoft
[08/07/2008|13:21] C:\DOCUME~1\gaelle\APPLIC~1\AVGTOOLBAR
[05/10/2007|18:39] C:\DOCUME~1\gaelle\APPLIC~1\BitDownload
[01/08/2007|21:39] C:\DOCUME~1\gaelle\APPLIC~1\Canon
[31/10/2007|13:12] C:\DOCUME~1\gaelle\APPLIC~1\CyberLink
[07/07/2007|15:17] C:\DOCUME~1\gaelle\APPLIC~1\DivX
[10/07/2007|17:05] C:\DOCUME~1\gaelle\APPLIC~1\FunWebProducts
[18/03/2008|17:47] C:\DOCUME~1\gaelle\APPLIC~1\GlobalSCAPE
[02/02/2008|09:09] C:\DOCUME~1\gaelle\APPLIC~1\Glue Mess
[18/10/2007|17:55] C:\DOCUME~1\gaelle\APPLIC~1\Google
[06/12/2008|21:27] C:\DOCUME~1\gaelle\APPLIC~1\gtk-2.0
[09/12/2008|22:03] C:\DOCUME~1\gaelle\APPLIC~1\HiYo
[07/07/2007|15:09] C:\DOCUME~1\gaelle\APPLIC~1\Identities
[17/01/2009|19:34] C:\DOCUME~1\gaelle\APPLIC~1\InstallShield
[26/08/2008|13:09] C:\DOCUME~1\gaelle\APPLIC~1\Leadertech
[17/10/2007|11:54] C:\DOCUME~1\gaelle\APPLIC~1\Macromedia
[07/07/2007|15:47] C:\DOCUME~1\gaelle\APPLIC~1\MessengerSkinner
[23/12/2008|11:57] C:\DOCUME~1\gaelle\APPLIC~1\Microsoft
[07/07/2007|19:46] C:\DOCUME~1\gaelle\APPLIC~1\Microsoft Web Folders
[07/07/2007|20:14] C:\DOCUME~1\gaelle\APPLIC~1\Mozilla
[11/06/2008|18:33] C:\DOCUME~1\gaelle\APPLIC~1\Nokia
[01/02/2009|08:31] C:\DOCUME~1\gaelle\APPLIC~1\OpenOffice.org2
[30/05/2008|17:58] C:\DOCUME~1\gaelle\APPLIC~1\PC Suite
[24/09/2007|18:39] C:\DOCUME~1\gaelle\APPLIC~1\Real
[08/07/2007|18:16] C:\DOCUME~1\gaelle\APPLIC~1\Sun
[07/07/2007|16:22] C:\DOCUME~1\gaelle\APPLIC~1\Thunderbird
[07/07/2007|19:28] C:\DOCUME~1\gaelle\APPLIC~1\WinRAR

[14/06/2008|08:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/06/2008|15:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

[14/06/2008|08:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[01/02/2009 13:00][--ah-----] C:\WINDOWS\tasks\AE63707E9194E0BE.job
[01/02/2009 13:01][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[01/02/2009 08:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( AE63707E9194E0BE.job )=( c:\docume~1\gaelle\applic~1\glueme~1\BaitBatWeb.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[01/06/2008|22:12] C:\Program Files\Adobe
[25/07/2007|10:40] C:\Program Files\Ahead
[05/07/2007|14:31] C:\Program Files\Anuman Interactive
[06/07/2007|09:36] C:\Program Files\Apple Software Update
[03/02/2008|12:28] C:\Program Files\ArcSoft
[02/07/2008|06:42] C:\Program Files\AVG
[24/06/2008|14:55] C:\Program Files\BitDownload
[11/03/2008|09:33] C:\Program Files\Broderbund
[06/12/2008|10:03] C:\Program Files\Cadeauphoto
[07/07/2007|14:26] C:\Program Files\Canon
[07/07/2007|14:20] C:\Program Files\CanonBJ
[18/07/2007|11:10] C:\Program Files\CEDP Stealer 5.0 for Messenger
[07/01/2008|10:16] C:\Program Files\Circle Developement
[05/07/2007|13:50] C:\Program Files\codepost
[05/07/2007|09:21] C:\Program Files\ComPlus Applications
[26/10/2008|20:04] C:\Program Files\Conduit
[05/07/2007|12:24] C:\Program Files\CONEXANT
[05/07/2007|14:30] C:\Program Files\CyberLink
[30/05/2008|17:52] C:\Program Files\DIFX
[24/06/2008|14:52] C:\Program Files\DivX
[28/10/2007|11:05] C:\Program Files\DV BibliothŠque2
[28/01/2009|10:51] C:\Program Files\eMule
[31/12/2008|07:14] C:\Program Files\Fichiers communs
[13/07/2007|13:03] C:\Program Files\FunWebProducts
[05/07/2007|15:44] C:\Program Files\Gimp
[17/01/2008|11:56] C:\Program Files\Glue Mess
[16/01/2009|19:38] C:\Program Files\Google
[07/07/2007|19:31] C:\Program Files\Grisoft
[02/02/2008|11:21] C:\Program Files\IncrediMail
[17/01/2009|19:34] C:\Program Files\InstallShield Installation Information
[05/07/2007|12:44] C:\Program Files\Intel
[11/12/2008|22:42] C:\Program Files\Internet Explorer
[12/07/2007|20:47] C:\Program Files\Inventel
[05/07/2007|15:13] C:\Program Files\Java
[24/06/2008|14:55] C:\Program Files\JntMeego
[08/01/2008|16:35] C:\Program Files\KaraFun
[26/08/2008|13:05] C:\Program Files\Logitech
[12/07/2007|09:35] C:\Program Files\Macrogaming
[30/10/2008|17:24] C:\Program Files\MAGIX
[27/07/2007|06:25] C:\Program Files\mcoinstall
[13/08/2008|20:25] C:\Program Files\Messenger
[16/01/2009|11:46] C:\Program Files\Messenger Plus! Live
[13/07/2007|13:02] C:\Program Files\MessengerPlus! 3
[16/04/2008|11:07] C:\Program Files\Micro Application
[20/12/2008|20:49] C:\Program Files\Microsoft
[09/07/2007|02:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[07/07/2007|19:45] C:\Program Files\microsoft frontpage
[07/07/2007|19:46] C:\Program Files\Microsoft Office
[20/12/2008|20:52] C:\Program Files\Microsoft Silverlight
[20/12/2008|20:50] C:\Program Files\Microsoft SQL Server Compact Edition
[20/12/2008|20:51] C:\Program Files\Microsoft Sync Framework
[05/07/2007|09:22] C:\Program Files\Movie Maker
[08/07/2007|15:25] C:\Program Files\Mozilla Firefox
[22/12/2008|22:10] C:\Program Files\Mozilla Thunderbird
[06/07/2007|08:55] C:\Program Files\MSBuild
[05/07/2007|09:20] C:\Program Files\MSN
[05/07/2007|09:21] C:\Program Files\MSN Gaming Zone
[16/01/2009|11:46] C:\Program Files\MSN Messenger
[13/07/2007|19:16] C:\Program Files\MSN Reaper
[09/07/2007|02:00] C:\Program Files\MSXML 4.0
[06/07/2007|09:36] C:\Program Files\MSXML 6.0
[26/10/2008|21:53] C:\Program Files\Multi_Media_France
[24/06/2008|14:53] C:\Program Files\MyWebSearch
[05/07/2007|09:22] C:\Program Files\NetMeeting
[10/11/2008|13:15] C:\Program Files\NewDotNet
[04/11/2008|15:33] C:\Program Files\Nokia
[05/07/2007|09:21] C:\Program Files\Online Services
[05/07/2007|14:30] C:\Program Files\OpenOffice.org 2.2
[05/07/2007|17:14] C:\Program Files\Outlook Express
[08/11/2007|13:40] C:\Program Files\Ovulation Calendar Calculator
[14/06/2008|08:56] C:\Program Files\Panda Security
[04/11/2008|15:32] C:\Program Files\PC Connectivity Solution
[22/12/2008|22:11] C:\Program Files\Picasa2
[10/07/2007|15:20] C:\Program Files\Player Tool
[24/09/2007|19:02] C:\Program Files\Plus!
[23/08/2007|15:47] C:\Program Files\POSTERIZA
[05/07/2007|15:45] C:\Program Files\QuickTime
[05/07/2007|15:44] C:\Program Files\Real
[06/07/2007|08:51] C:\Program Files\Reference Assemblies
[07/07/2007|19:53] C:\Program Files\Samsung
[07/07/2007|14:23] C:\Program Files\ScanSoft
[13/07/2007|13:04] C:\Program Files\Securitoo
[05/07/2007|09:23] C:\Program Files\Services en ligne
[14/06/2008|10:11] C:\Program Files\Share_Accelerator_MM
[05/07/2007|12:36] C:\Program Files\SigmaTel
[05/07/2007|13:51] C:\Program Files\SLD Codec Pack
[29/09/2007|14:12] C:\Program Files\TGTSoft
[19/04/2008|06:23] C:\Program Files\thriXXX
[05/12/2008|12:40] C:\Program Files\TKexe
[13/10/2007|08:44] C:\Program Files\TopThemesXP
[07/06/2008|19:37] C:\Program Files\Ulead Systems
[05/07/2007|09:37] C:\Program Files\Uninstall Information
[17/01/2009|19:34] C:\Program Files\VTech
[13/07/2007|13:03] C:\Program Files\Wanadoo
[02/07/2008|18:35] C:\Program Files\Web Publish
[22/12/2008|22:09] C:\Program Files\Western Digital
[22/12/2008|22:07] C:\Program Files\Western Digital Technologies
[20/12/2008|20:52] C:\Program Files\Windows Live
[30/11/2007|22:21] C:\Program Files\Windows Live Favorites
[20/12/2008|20:48] C:\Program Files\Windows Live SkyDrive
[20/12/2008|20:51] C:\Program Files\Windows Live Toolbar
[06/07/2007|08:50] C:\Program Files\Windows Media Connect 2
[06/07/2007|08:50] C:\Program Files\Windows Media Player
[05/07/2007|09:20] C:\Program Files\Windows NT
[05/07/2007|09:23] C:\Program Files\WindowsUpdate
[07/07/2007|19:26] C:\Program Files\WinRAR
[05/07/2007|09:25] C:\Program Files\xerox
[07/07/2007|19:52] C:\Program Files\XviD
[24/06/2008|14:52] C:\Program Files\Yahoo!
[08/09/2008|22:02] C:\Program Files\YesMessenger
[19/03/2008|19:18] C:\Program Files\Zapu

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[01/06/2008|22:13] C:\Program Files\Fichiers communs\Adobe
[25/07/2007|10:40] C:\Program Files\Fichiers communs\Ahead
[06/07/2007|10:13] C:\Program Files\Fichiers communs\Apple
[03/02/2008|12:29] C:\Program Files\Fichiers communs\ArcSoft
[11/03/2008|09:33] C:\Program Files\Fichiers communs\Broderbund
[07/07/2007|19:47] C:\Program Files\Fichiers communs\Designer
[07/07/2007|14:24] C:\Program Files\Fichiers communs\InstallShield
[05/07/2007|15:12] C:\Program Files\Fichiers communs\Java
[26/08/2008|13:08] C:\Program Files\Fichiers communs\LogiShrd
[22/11/2007|21:07] C:\Program Files\Fichiers communs\Logitech
[20/12/2008|20:48] C:\Program Files\Fichiers communs\Microsoft Shared
[05/07/2007|09:22] C:\Program Files\Fichiers communs\MSSoap
[04/11/2008|15:33] C:\Program Files\Fichiers communs\Nokia
[05/07/2007|11:12] C:\Program Files\Fichiers communs\ODBC
[18/06/2008|18:00] C:\Program Files\Fichiers communs\Panda Software
[04/11/2008|15:33] C:\Program Files\Fichiers communs\PCSuite
[24/09/2007|18:39] C:\Program Files\Fichiers communs\Real
[07/07/2007|14:24] C:\Program Files\Fichiers communs\ScanSoft Shared
[05/07/2007|09:22] C:\Program Files\Fichiers communs\Services
[05/07/2007|11:12] C:\Program Files\Fichiers communs\SpeechEngines
[07/07/2007|19:47] C:\Program Files\Fichiers communs\System
[24/06/2008|14:55] C:\Program Files\Fichiers communs\Ulead Systems
[20/12/2008|20:29] C:\Program Files\Fichiers communs\Windows Live

--------------------\\ Process

( 66 Processes )

IEXPLORE.EXE ~ [PID:3652]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Defy Memo Find Trust
C:\DOCUME~1\gaelle\APPLIC~1\glueme~1
C:\Program Files\glueme~1
C:\DOCUME~1\gaelle\LOCALS~1\Temp\nsb7.tmp
C:\DOCUME~1\gaelle\LOCALS~1\Temp\nsf158.tmp
C:\DOCUME~1\gaelle\LOCALS~1\Temp\nsh155.tmp
C:\DOCUME~1\gaelle\LOCALS~1\Temp\nsh3F.tmp
C:\DOCUME~1\gaelle\LOCALS~1\Temp\nsr153.tmp
C:\DOCUME~1\gaelle\LOCALS~1\Temp\nsr154.tmp
C:\DOCUME~1\gaelle\LOCALS~1\Temp\nss28.tmp
C:\DOCUME~1\gaelle\LOCALS~1\Temp\nsx156.tmp
C:\DOCUME~1\gaelle\LOCALS~1\Temp\nsx157.tmp
C:\DOCUME~1\gaelle\APPLIC~1\Bitdownload
C:\DOCUME~1\gaelle\APPLIC~1\BitDownload
C:\DOCUME~1\gaelle\APPLIC~1\BitDownload\Data
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\Uninstall BitDownload.lnk
C:\Program Files\BitDownload
C:\Program Files\BitDownload\BitDownload.exe
C:\Program Files\BitDownload\BitDownload.TRC
C:\Program Files\BitDownload\settings.ini
C:\Program Files\BitDownload\settings.stp
C:\Program Files\BitDownload\SkinCrafterDll.dll
C:\Program Files\BitDownload\Skins
C:\Program Files\BitDownload\Support
C:\Program Files\BitDownload\TorrentManager.dll
C:\Program Files\BitDownload\unins000.exe
C:\Program Files\BitDownload\ZM
C:\Program Files\Circle Developement
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\Program Files\Multi_Media_France\Multi_Media_FranceToolbarHelper.exe
C:\Program Files\Multi_Media_France\tbMul0.dll
C:\Program Files\Multi_Media_France\tbMul1.dll
C:\Program Files\Multi_Media_France\tbMult.dll
C:\Program Files\Multi_Media_France\toolbar.cfg
C:\Program Files\Multi_Media_France\UNWISE.EXE
C:\Program Files\Multi_Media_France\UNWISE.INI
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\Program Files\Multi_Media_France\Multi_Media_FranceToolbarHelper.exe
C:\Program Files\Multi_Media_France\tbMul0.dll
C:\Program Files\Multi_Media_France\tbMul1.dll
C:\Program Files\Multi_Media_France\tbMult.dll
C:\Program Files\Multi_Media_France\toolbar.cfg
C:\Program Files\Multi_Media_France\UNWISE.EXE
C:\Program Files\Multi_Media_France\UNWISE.INI
C:\DOCUME~1\gaelle\Cookies\gaelle@advertstream[2].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@d2.advertserve[1].txt
C:\WINDOWS\Prefetch\BITDOWNLOAD.EXE-002ED0A0.pf
C:\DOCUME~1\gaelle\Cookies\gaelle@adultfriendfinder[2].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@r1.beta.ace.advertising[1].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@adin.bigpoint[1].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@bigpoint[1].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@fr.darkorbit.bigpoint[2].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@banner.cotedazurpalace[2].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@cotedazurpalace[1].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@32vegas[1].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@banner.32vegas[2].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@www.vegasred[1].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@2xmoinscher[2].txt
C:\DOCUME~1\gaelle\Cookies\gaelle@www.2xmoinscher[2].txt
C:\WINDOWS\Tasks\AE63707E9194E0BE.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"find trust seek mail"="C:\\Documents and Settings\\All Users\\Application Data\\Defy Memo Find Trust\\great trans.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-01 13:30:29
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-01 13:50:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\gaelle\APPLIC~1\MessengerSkinner
C:\DOCUME~1\gaelle\APPLIC~1\MessengerSkinner\Userdata
C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf

C:\WINDOWS\System32\iusim.dat
C:\WINDOWS\System32\iusim.exe
C:\WINDOWS\System32\iusim_nav.dat
C:\WINDOWS\System32\iusim_navps.dat
C:\WINDOWS\System32\wmmkccqic.dat
C:\WINDOWS\System32\wmmkccqic_nav.dat
C:\WINDOWS\System32\wmmkccqic_navps.dat
C:\WINDOWS\System32\xhrcsdvfwh.dat
C:\WINDOWS\System32\xhrcsdvfwh_navup.dat
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\gaelle\Local Settings\Temporary Internet Files\Content.IE5\7R8KATZL\crack_danger4[1].jpg
C:\DOCUME~1\gaelle\Local Settings\Temporary Internet Files\Content.IE5\EYSFNOQ6\crack_danger[1].jpg
C:\DOCUME~1\gaelle\Local Settings\Temporary Internet Files\Content.IE5\OHFOE6TT\crack_danger0[1].jpg
C:\DOCUME~1\gaelle\Local Settings\Temporary Internet Files\Content.IE5\XQ7L8KR1\crack_danger2[1].jpg
C:\DOCUME~1\gaelle\Local Settings\Temporary Internet Files\Content.IE5\XQ7L8KR1\crack_danger3[1].jpg
C:\DOCUME~1\gaelle\Recent\Crack NoCD Empire Earth II & Serial.lnk
C:\DOCUME~1\gaelle\Recent\Style XP 8.0 + KeyGen + Themes.lnk


[F:17680][D:273]-> C:\DOCUME~1\gaelle\LOCALS~1\Temp
[F:1360][D:0]-> C:\DOCUME~1\gaelle\Cookies
[F:3296][D:79]-> C:\DOCUME~1\gaelle\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 01/02/2009|14:00 - Option : [1]

--------------------\\ Fin du rapport a 14:00:12

41 réponses

mince tu sais tout toi. J'arrivais pas à bloquer l'antivirus alors je l'ai viré dsl. Bon je fais tout ce que tu dis, à dans 10 jours lool
0
Utilisateur anonyme
1 févr. 2009 à 18:03
Re,


* Pourquoi pars tu ? ton pc n'est pas totalement desinfecté !
0
mdr,non, je plaisante, je reste mais je vais mettre 10 jours à faire tout le travail que tu m'as donné. T'es vraiment balèze, mon pc il était bcp foutu ?
0
Utilisateur anonyme
1 févr. 2009 à 18:10
*Encore quelques crasses, mais il faut que tu installes ton antivirus avant...
---> c'est le minimum a avoir sur son pc

* Ensuite ça ne te prendras pas plus de 5 minutes pour l'installer et passer ccleaner !

* Postes un rapport hijackthis ensuite ! c'est la regle sur le forum
--> pas de desinfection si pas au moins l'antivirus présent...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
mince c payant ccleaner, comment je dois faire ? Je m'excuse et te remercie pour ta grande patience
0
Utilisateur anonyme
1 févr. 2009 à 18:19
Re,


* Non il est gratuit, paypal ce n'est pas pour toi ! à moins que! lol

* Cliques sur Download et n'oublies pas de decocher la toolbar Yahoo
0
ok, j'ai finalement pu me débrouiller voilà les rapports

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:16:53, on 01/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MyWebSearch\bar\1.bin\m3IMPipe.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\VTech\Community\System\PCTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Documents and Settings\gaelle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\YesMessenger\YesMessenger.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\gaelle\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\logitech\quickcam\lu\lulnchr.exe
c:\program files\logitech\quickcam\lu\LogitechUpdate.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TXP] c:\program files\topthemesxp\txp.exe
O4 - HKLM\..\Run: [Ovulation Calendar Calculator] C:\Program Files\Ovulation Calendar Calculator\ovCalendar.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [CommunityTray] "C:\Program Files\VTech\Community\System\Startup.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [My Web Search Community Tools] "C:\Program Files\MyWebSearch\bar\1.bin\m3IMPipe.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\gaelle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: YesMessenger.lnk = C:\Program Files\YesMessenger\YesMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk142YYFR
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.moove.com
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://groseilledesbois.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Utilisateur anonyme
1 févr. 2009 à 18:31
Bien,


* Telecharges ToolBarSD sur ton bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Desactives ton antivirus ( clic droit dessus et desactives la garde)

* Lances l'installation en executant le fichier téléchargé

* Fermes tous les programmes en cours et double-cliques sur l'icone
de ton bureau

* Choisis la langue et valides par la touche " Entrée "

* Au menu, choisis l'option1 et patientes le temps de la recherche

* Un rapport sera généré, postes le
0
et un rapport de plus !


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03
USER : gaelle ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:35 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 01/02/2009|18:32 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\gaelle\APPLIC~1\FunWebProducts
C:\DOCUME~1\gaelle\APPLIC~1\FunWebProducts\Data
C:\DOCUME~1\gaelle\APPLIC~1\FunWebProducts\Data\gaelle
C:\DOCUME~1\gaelle\APPLIC~1\FunWebProducts\Data\gaelle\avatar.dat
C:\DOCUME~1\gaelle\APPLIC~1\FunWebProducts\Data\gaelle\register.dat
C:\DOCUME~1\gaelle\APPLIC~1\FunWebProducts\Data\gaelle\zbucks.dat
C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\ScreenSaver
C:\Program Files\FunWebProducts\Shared
C:\Program Files\FunWebProducts\ScreenSaver\Cache
C:\Program Files\FunWebProducts\ScreenSaver\Images
C:\Program Files\FunWebProducts\ScreenSaver\Cache\0064A215.swf
C:\Program Files\FunWebProducts\ScreenSaver\Cache\02C06726.swf
C:\Program Files\FunWebProducts\ScreenSaver\Cache\04E73204.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Cache\04E74D6C.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Cache\04E7644F.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Cache\04E771FB.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Cache\04E784A8.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Cache\04F1FE7B
C:\Program Files\FunWebProducts\ScreenSaver\Cache\files.ini
C:\Program Files\FunWebProducts\ScreenSaver\Images\0063278B.urr
C:\Program Files\FunWebProducts\ScreenSaver\Images\0064A6E8.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\02C065BE.urr
C:\Program Files\FunWebProducts\ScreenSaver\Images\02C06BC9.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\04A8FCD8.urr
C:\Program Files\FunWebProducts\ScreenSaver\Images\04E74D0E.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\04E763F1.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\04E7719D.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\04E7845A.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\04E7914B.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\04E79FE1.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\04E7AA9F.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\04E7BA4F.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\04F94B61.dat
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135
C:\Program Files\FunWebProducts\ScreenSaver\Images\wrkparam.lst
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\04E74D0E.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\04E763F1.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\04E7719D.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\04E7845A.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\04E7914B.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\04E79FE1.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\04E7AA9F.jpg
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\04E7BA4F.jpg
C:\Program Files\FunWebProducts\Shared\04AC3F51.dat
C:\Program Files\FunWebProducts\Shared\Cache
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar
C:\Program Files\MyWebSearch\SrchAstt
C:\Program Files\MyWebSearch\bar\1.bin
C:\Program Files\MyWebSearch\bar\Avatar
C:\Program Files\MyWebSearch\bar\Cache
C:\Program Files\MyWebSearch\bar\Game
C:\Program Files\MyWebSearch\bar\History
C:\Program Files\MyWebSearch\bar\icons
C:\Program Files\MyWebSearch\bar\Message
C:\Program Files\MyWebSearch\bar\MSNBackgrounds
C:\Program Files\MyWebSearch\bar\Notifier
C:\Program Files\MyWebSearch\bar\Settings
C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
C:\Program Files\MyWebSearch\bar\Avatar\COMMON
C:\Program Files\MyWebSearch\bar\Avatar\COMMON\window.ico
C:\Program Files\MyWebSearch\bar\Cache\0002CD97
C:\Program Files\MyWebSearch\bar\Cache\00034140
C:\Program Files\MyWebSearch\bar\Cache\0008EE41.bin
C:\Program Files\MyWebSearch\bar\Cache\0008F044.bin
C:\Program Files\MyWebSearch\bar\Cache\0008F248.bin
C:\Program Files\MyWebSearch\bar\Cache\0008F43C.bin
C:\Program Files\MyWebSearch\bar\Cache\0008F601.bin
C:\Program Files\MyWebSearch\bar\Cache\001287B6
C:\Program Files\MyWebSearch\bar\Cache\00435463.bin
C:\Program Files\MyWebSearch\bar\Cache\00435BB6.bin
C:\Program Files\MyWebSearch\bar\Cache\00438537.bin
C:\Program Files\MyWebSearch\bar\Cache\004397D5.bin
C:\Program Files\MyWebSearch\bar\Cache\021AFFE3
C:\Program Files\MyWebSearch\bar\Cache\200ADCAD.bin
C:\Program Files\MyWebSearch\bar\Cache\200AE9CD.bin
C:\Program Files\MyWebSearch\bar\Cache\200AF304.bin
C:\Program Files\MyWebSearch\bar\Cache\files.ini
C:\Program Files\MyWebSearch\bar\History\search2
C:\Program Files\MyWebSearch\bar\icons\CM.ICO
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO
C:\Program Files\MyWebSearch\bar\icons\WB.ICO
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO
C:\Program Files\MyWebSearch\bar\Message\COMMON
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
C:\Program Files\MyWebSearch\SrchAstt\1.bin
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
C:\WINDOWS\System32\f3PSSavr.scr
C:\Program Files\Internet Explorer\msimg32.dll
C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
C:\Program Files\MSN Messenger\riched20.dll

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 01/02/2009|18:33 - Option : [1]

-----------\\ Fin du rapport a 18:33:47,71
0
Utilisateur anonyme
1 févr. 2009 à 18:55
Bien,

* Relances ToolBarSD et choisis l'option2
laisses le fix travailler

* Un rapport sera généré, postes le !

* Telecharges MBAM ( soft a garder )
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Laisses le se mettre à jour à la fin du telechargement

* Ouvres MBAM et cliques sur " recherche "

* Executes un examen rapide

* A la fin de l'analyse --> cliques sur "Afficher la selection "

* Cliques ensuite sur " supprimer la selection "

* Si mbam doit redemarrer pour finir la desinfection,acceptes

* Postes le rapport généré
0
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03
USER : gaelle ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:35 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 01/02/2009|18:52 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\gaelle\APPLIC~1\FunWebProducts\Data
Supprime! - C:\Program Files\FunWebProducts\ScreenSaver
Supprime! - C:\Program Files\FunWebProducts\Shared
Echec ! - C:\Program Files\MyWebSearch\bar
Supprime! - C:\Program Files\MyWebSearch\SrchAstt
Echec ! - C:\Program Files\MyWebSearch\bar\1.bin
Echec ! - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
Echec ! - C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
Supprime! - C:\WINDOWS\System32\f3PSSavr.scr
Supprime! - C:\Program Files\Internet Explorer\msimg32.dll
Supprime! - C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
Supprime! - C:\Program Files\MSN Messenger\riched20.dll
Supprime! - C:\DOCUME~1\gaelle\APPLIC~1\FunWebProducts
Supprime! - C:\Program Files\FunWebProducts
Echec ! - C:\Program Files\MyWebSearch

-----------\\ DEUXIEME PASSAGE

Echec ! - C:\Program Files\MyWebSearch\bar
Echec ! - C:\Program Files\MyWebSearch\bar\1.bin
Echec ! - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
Echec ! - C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
Echec ! - C:\Program Files\MyWebSearch

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar
C:\Program Files\MyWebSearch\bar\1.bin
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 01/02/2009|18:33 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 01/02/2009|18:54 - Option : [2]

-----------\\ Fin du rapport a 18:54:17,35
0
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1713
Windows 5.1.2600 Service Pack 2

01/02/2009 19:06:59
mbam-log-2009-02-01 (19-06-59).txt

Type de recherche: Examen rapide
Eléments examinés: 66001
Temps écoulé: 7 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 12
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\torrentmanager.webmanager (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\torrentmanager.webmanager.1 (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a84e835e-1b9c-4fc0-980f-4b2da3c6a2a7} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf0a1ff4-bbaf-487f-bc85-a24ef8f443a8} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a84e835e-1b9c-4fc0-980f-4b2da3c6a2a7} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet (Adware.NewDotNet) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet\readme.html (Adware.NewDotNet) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet\uninstall.exe (Adware.NewDotNet) -> Quarantined and deleted successfully.

Par contre mon anti virus est toujours inactif, c bon ? et quand je voudrai refaire des scanns comme ça, il faudra que je bloque l'antivirus ?
0
Utilisateur anonyme
1 févr. 2009 à 19:22
* Ouvres mbam--> cliques sur quarantaine et supprimes ce qui s'y trouve !

* Non les seuls outils que tu dois garder sont ccleaner et Malwarebytes
--> Mbam, tu dois faire la mise a jour avant de lancer un scan avec--> vraiment
tres utiles...
ccleaner pour les nettoyages c'est l'idèale, pour le reste ( lop, navilog, toolbar etc..)
ceux sont des " fix " qui sont mis a jour régulièrement donc inutile de le garder sur le pc
car il ne te servira à rien
-- En plus ils ont des " faux positifs " qui risquent d'affoler ton anti-virus

* Tu peux reactiver ton antivirus à chaque fois que tu surf !

* Postes un rapport hijackthis, je vois encore une infection USB
je prepare la suite !
0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:20:05, on 01/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\VTech\Community\System\PCTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Documents and Settings\gaelle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\YesMessenger\YesMessenger.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\gaelle\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\logitech\quickcam\lu\lulnchr.exe
c:\program files\logitech\quickcam\lu\LogitechUpdate.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TXP] c:\program files\topthemesxp\txp.exe
O4 - HKLM\..\Run: [Ovulation Calendar Calculator] C:\Program Files\Ovulation Calendar Calculator\ovCalendar.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [CommunityTray] "C:\Program Files\VTech\Community\System\Startup.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [My Web Search Community Tools] "C:\Program Files\MyWebSearch\bar\1.bin\m3IMPipe.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\gaelle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: YesMessenger.lnk = C:\Program Files\YesMessenger\YesMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O15 - Trusted Zone: *.moove.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://groseilledesbois.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Par contre, je m'excuse, j'espère que j'abuse pas, mais les dossiers à moitié transparents qui sont apparus dans tous mes dossiers même dans la mémoire externe, qu'est ce que c'est ? Je les efface mais ils reviennent tout le temps. C'est des dossiers thumbs et desktop. Franchement ça m'énerve, mais si c pas grave tant mieux.
0
Utilisateur anonyme
1 févr. 2009 à 19:40
Re,

* Telecharges SmitfraudFix sur ton bureau :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

* Desactives ton antivirus

* Doubles-clique sur l'icone de ton bureau
--> laisses toi guider

* Au menu, choisis l'option1 et patientes jusqu'à la fin de la recherche

* Un rapport sera généré, reactives ton antivirus et postes le rapport stp
0
SmitFraudFix v2.392

Rapport fait à 19:37:51,98, 01/02/2009
Executé à partir de C:\Documents and Settings\gaelle\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\VTech\Community\System\PCTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Documents and Settings\gaelle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\YesMessenger\YesMessenger.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\gaelle\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\logitech\quickcam\lu\lulnchr.exe
c:\program files\logitech\quickcam\lu\LogitechUpdate.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\gaelle\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\config.ini PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\gaelle


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\gaelle\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\gaelle\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\gaelle\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Program,Files\\RelevantKnowledge\\rlai.dll,C:\\Program,Files\\RelevantKnowledge\\rlai.dll,C:\\PROGRA~1\\Google\\GOOGLE~3\\GOEC62~1.DLL"
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/1000 PL Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{E31F5899-1F66-4C68-BAC9-CE14BEC38ED6}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E31F5899-1F66-4C68-BAC9-CE14BEC38ED6}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{E31F5899-1F66-4C68-BAC9-CE14BEC38ED6}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Utilisateur anonyme
1 févr. 2009 à 19:51
Re,


* Redemarres ton pc en modes sans echec :
--> au demarrage du pc --> tapotes la touche f8 ou F5 de ton clavier
--> un ecran noir avec diverses options va apparaitre
--> choisis " mode sans echec " et valides par la touche " Entrée "

* Une fois dans ce mode, relances SmitfraudFix et choisis l'option2

* Reponds oui aux questions

* Laisses le fix travailler
--> si il doit redemarrer pour finir la desinfection, laisses faire

* Postes le rapport généré
0
Je suis désolée je dois aller m'occuper de ma fille là, j'aimerais poursuivre demain si c'est possible pour toi. Est-ce qu'il reste encore bcp de choses à faire ? C'est l'heure du bain... lol
En tous cas je te remercie vraiment.
0
Utilisateur anonyme
1 févr. 2009 à 20:15
Re,

* Telecharges OTMoveIt3 sur ton bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

* Desactives ton antivirus



* Une fois téléchargé, double-cliques sur OTMoveIt3.exe pour le lancer

* Assure toi que la case " Unregister Dll's and Ocx " soit cochée

* Copies la ligne ci dessous:










[HKEY_CURRENT_USER\software\microsoft\windowscurrentver
sion\explorer\mountpoints2\{add3f3f0e7-d017-11dd-bfd1-0008a16d1e87}]












* et colles la dans le cadre de gauche de OTMoveit :
" Past List of Files/ Folders to move "

* Cliques sur Moveit ! pour lancer la suppression
--> il faudra peut etre redemarrer le pc pour finir la desinfection, si il ne le fait pas
-fais le manuellement

* Le resultat apparaitra dans " Results "

* Cliques sur " exit " pour fermer

* Postes le rapport situé dans C:\__ OTMoveIt\Moved Files

/!\ si ton bureau ne reapparait pas, presses les touches :
--> Ctrl + Alt + Supp --> gestionnaire de taches --> onglet " processus "
--> cliques sur " fichiers --> executer et tapes explorer.exe puis valides /!\
0