Diagnostic de mon PC

Clemson -  
 Clemson -
Bonjour à tous !!
Je pense que mon ordinateur est virussé !!
J'ai suivi la procédure pour installer hijackthis et j'ai également fais un scan.
Je vous poste le rapport et me remet à vos expertises pour la résolution de mon problème !!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:18:11, on 19/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [Printer Spooler] c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{53E1C06E-1F6F-4FCA-AF71-135943E1743B}: NameServer = 192.168.82.200,192.168.82.90,195.24.208.2,195.24.192.33
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10250 bytes

Merci !!
Configuration: Windows Vista
Firefox 3.0.6

14 réponses

  1. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :

    /!\ Déconnectes toi et fermes toutes applications en cours

    ● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
    ● Double clique sur l'icône Ad-removersituée sur ton bureau
    ● Au menu principal choisi l'option "A"
    ● Postes le rapport qui apparait à la fin .

    ( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Pour ceux qui ont vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs
    0
  2. Clemson
     
    Slut !!
    J'ai suivi ton conseil et voici le rapport du scan.

    ------- LOGFILE OF AD-REMOVER 1.1.1.3 | ONLY XP/VISTA -------

    Updated by C_XX on 15/02/2009 at 10:20

    Start at: 15:58:07 | Thu 19/02/2009 | Boot mode: Normal Boot
    Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Operating System: Microsoft® Windows Vista™ Home Premium Service Pack 1 (version 6.0.6001)
    Computer Name: PC-DE-CLMENT
    Current User: Cl‚ment - Administrator
    Drive(s):
    - C:\ (File System: NTFS)
    - D:\ (File System: NTFS)
    - F:\ (File System: FAT32)
    System Drive: C:\
    Windows Directory: C:\Windows\
    System Directory: C:\Windows\System32\

    --- Running Processes: 69
    --- User Account Control is DISABLE

    +-----------------| Boonty/Boonty Games Elements Found:

    .
    .

    +-----------------| Eorezo Elements Found:

    .

    +-----------------| Infected Poker Softwares Elements Found:

    .

    +-----------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Found:

    .
    .

    +-----------------| It's TV Elements Found:

    .

    +-----------------| Sweetim Elements Found:

    HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    HKCR\CLSID\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
    HKCR\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
    HKCR\MgMediaPlayer.GifAnimator
    HKCR\MgMediaPlayer.GifAnimator.1
    HKCR\SWEETIE.IEToolbar
    HKCR\SWEETIE.IEToolbar.1
    HKCR\SWEETIE.SWEETIE
    HKCR\SWEETIE.SWEETIE.1
    HKCR\ToolBand.SWEETIE
    HKCR\ToolBand.SWEETIE.1
    HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
    HKCU\Software\SWEETIE
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
    HKLM\Software\Classes\MgMediaPlayer.GifAnimator
    HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1
    HKLM\Software\Classes\SWEETIE.IEToolbar
    HKLM\Software\Classes\SWEETIE.IEToolbar.1
    HKLM\Software\Classes\SWEETIE.SWEETIE
    HKLM\Software\Classes\SWEETIE.SWEETIE.1
    HKLM\Software\Classes\ToolBand.SWEETIE
    HKLM\Software\Classes\ToolBand.SWEETIE.1
    HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
    HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    HKLM\Software\Classes\CLSID\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
    HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
    HKLM\Software\Macrogaming
    HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{502358FB-0718-45BC-B142-7511F1694D58}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
    HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKCR\Installer\Products\BF8532058170CB541B2457111F96D485
    HKLM\Software\Classes\Installer\Products\BF8532058170CB541B2457111F96D485
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\BF8532058170CB541B2457111F96D485
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
    .
    C:\Windows\Installer\17b54d.msi
    C:\Windows\Installer\17b553.msi
    C:\Program Files\Macrogaming
    C:\Program Files\Macrogaming\SweetIM
    C:\Program Files\Macrogaming\SweetIMBarForIE
    C:\Program Files\Macrogaming\SweetIM\conf
    C:\Program Files\Macrogaming\SweetIM\data
    C:\Program Files\Macrogaming\SweetIM\logs
    C:\Program Files\Macrogaming\SweetIM\resources
    C:\Program Files\Macrogaming\SweetIM\update
    C:\Program Files\Macrogaming\SweetIM\conf\users
    C:\Program Files\Macrogaming\SweetIM\conf\users\cbayonmbog
    C:\Program Files\Macrogaming\SweetIM\data\contentdb
    C:\Program Files\Macrogaming\SweetIM\resources\images
    C:\Program Files\Macrogaming\SweetIMBarForIE\Cache
    C:\Users\Cl‚ment\AppData\Roaming\Microsoft\Windows\Cookies\cl‚ment@www.sweetim[2].txt

    +-----------------| Added Scan:

    ---- Mozilla FireFox Version 3.0.6 ----

    ProfilePath: 1sy5it5o.default
    .
    Prefs.js: Browser.Search.SelectedEngine: "Yahoo"
    .
    .
    .
    .
    .

    ---- Internet Explorer Version 7.0.6001.18000 ----

    +-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Search Page: hxxp://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http
    Start page: hxxp://french.eazel.com/index.php?rvs=hompag

    +-[HKEY_USERS\S-1-5-21-2172163462-448601867-1593641728-1000\..\Internet Explorer\Main]

    Search Page: hxxp://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http
    Start page: hxxp://french.eazel.com/index.php?rvs=hompag

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://fr.yahoo.com
    Default_Search_URL: hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http
    Search Page: hxxp://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http
    Start page: hxxp://home.sweetim.com

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://ieframe.dll/tabswelcome.htm

    +---------------------------------------------------------------------------+

    [~9038 Bytes] - "C:\Ad-Report-Scan-19.02.2009.log"
    -

    End at: 16:01:32 | 19/02/2009
    .
    +-----------------| E.O.F - 143 Lines
    .
    0
  3. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    et ba y en a du sweetim.

    Donc fait ceci :

    Déconnectes toi et fermes toutes applications en cours !

    Redémarre en mode sans échec comme indiqué ici ; Choisis ta session courante.

    * Relances "Ad-remover" : au menu principal choisi l'option "B" .

    --> le programme va travailler ...

    * Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    /!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
    0
  4. Clemson
     
    Hi c fait et voici le rapport du clean et ce lui de hijackthis

    rapport du clean ad-remover

    ------- LOGFILE OF AD-REMOVER 1.1.1.3 | ONLY XP/VISTA -------

    Updated by C_XX on 15/02/2009 at 10:20

    *** LIMITED TO ***

    Boonty/BoontyGames
    Eorezo
    Infected Poker Softwares
    FunWebProduct/MyWay/MyWebSearch
    It's TV
    Sweetim

    ******************

    Start at: 17:27:23 | Thu 19/02/2009 | Boot mode: Safe Boot
    Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Operating System: Microsoft® Windows Vista™ Home Premium Service Pack 1 (version 6.0.6001)
    Computer Name: PC-DE-CLMENT
    Current User: Cl‚ment - Administrator
    Drive(s):
    - C:\ (File System: NTFS)
    - D:\ (File System: NTFS)
    - F:\ (File System: FAT32)
    System Drive: C:\
    Windows Directory: C:\Windows\
    System Directory: C:\Windows\System32\

    --- Running Processes: 22
    --- User Account Control is DISABLE

    (!) ---- IE start pages/Tabs reset

    +--------------------| Boonty/Boonty Games Elements Deleted :

    .
    .

    +-----------------| Eorezo Elements Deleted :

    .

    +-----------------| Infected Poker Softwares Elements Deleted :

    .

    +-----------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :

    .
    .

    +-----------------| It's TV Elements Deleted :

    .

    +-----------------| Sweetim Elements Deleted :

    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    HKCR\CLSID\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
    HKCR\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
    HKCR\MgMediaPlayer.GifAnimator
    HKCR\MgMediaPlayer.GifAnimator.1
    HKCR\SWEETIE.IEToolbar
    HKCR\SWEETIE.IEToolbar.1
    HKCR\SWEETIE.SWEETIE
    HKCR\SWEETIE.SWEETIE.1
    HKCR\ToolBand.SWEETIE
    HKCR\ToolBand.SWEETIE.1
    HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
    HKLM\Software\Macrogaming
    HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{502358FB-0718-45BC-B142-7511F1694D58}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
    HKCR\Installer\Products\BF8532058170CB541B2457111F96D485
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\BF8532058170CB541B2457111F96D485
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
    .
    C:\Program Files\Macrogaming
    C:\Users\Cl‚ment\AppData\Roaming\Microsoft\Windows\Cookies\cl‚ment@www.sweetim[2].txt

    (!) ---- Temp files deleted.
    (!) ---- Recycle bin emptied in all drives.

    +-----------------| Added Scan :

    ---- Mozilla FireFox Version 3.0.6 ----

    ProfilePath: 1sy5it5o.default
    .
    Prefs.js: Browser.Search.SelectedEngine: "Yahoo"
    .
    .
    .
    .
    .

    ---- Internet Explorer Version 7.0.6001.18000 ----

    +-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http
    Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

    +-[HKEY_USERS\S-1-5-21-2172163462-448601867-1593641728-1000\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http
    Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start page: hxxp://fr.msn.com/

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://ieframe.dll/tabswelcome.htm

    +---------------------------------------------------------------------------+

    [~8078 Bytes] - "C:\Ad-Report-Clean-19.02.2009.log"
    [~9171 Bytes] - "C:\Ad-Report-Scan-19.02.2009.log"
    -
    C:\Program Files\Ad-remover\TOOLS\BACKUP\19.02.2009 - Prefs.js

    End at: 17:31:57 | 19/02/2009
    .
    +-----------------| E.O.F - 128 Lines
    .

    rapport hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:38:08, on 19/02/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\DigitalPersona\Bin\DpAgent.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Trend Micro\HijackThis\HJT.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKCU\..\Run: [Printer Spooler] c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
    O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
    O13 - Gopher Prefix:
    O17 - HKLM\System\CCS\Services\Tcpip\..\{53E1C06E-1F6F-4FCA-AF71-135943E1743B}: NameServer = 192.168.82.200,192.168.82.90,195.24.208.2,195.24.192.33
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    Telecharge malwarebytes

    NB : S'il te manque COMCTL32.OCX alors télécharge le ici

    Tu l´instale; le programme va se mettre automatiquement a jour.

    Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

    Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

    Puis click sur "rechercher".

    Laisse le scanner le pc...

    Si des elements on ete trouvés > click sur supprimer la selection.

    si il t´es demandé de redemarrer > click sur "yes".

    A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
    Copie et colle le rapport stp.

    PS : les rapport sont aussi rangé dans l onglet rapport/log

    Tutoriaux

    0
  7. Clemson
     
    Slut je te remercie déjà car grace à toi , je suis entrain de formidable sur ma machine !!
    Pour la suite voici le rapport de scan réalisé avec malwarebytes

    Malwarebytes' Anti-Malware 1.34
    Version de la base de données: 1780
    Windows 6.0.6001 Service Pack 1

    20/02/2009 13:42:23
    mbam-log-2009-02-20 (13-42-23).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 335757
    Temps écoulé: 2 hour(s), 40 minute(s), 38 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\printer spooler (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe (Trojan.Agent) -> Quarantined and deleted successfully.

    a bientôt !!
    0
  8. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    Ensuite un nouvel haijackthis + ceci :

    Fait ceci et poste moi le rapport à la suite de la question êtes vous aider par quelqu'un. Merci.

    Télécharge GenProc sur ton bureau (Attention le fichier est un fichier zip)
    Dézippe le dossier, double-clique sur GenProc.bat
    En final, poste le contenu du rapport qui s'affiche.
    Comment utiliser GenProc

    Pour ceux qui ont vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs

    0
  9. Clemson
     
    Bonjour !!
    J'ai eu des difficultés à exécuter GenProc mais en fin de compte j'ai pu obtenir le rapport ci-dessous :

    Rapport GenProc 2.385 [1] - 24/02/2009 à 14:43:16,63 - Windows Vista

    GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :

    Poste un rapport NanoScan https://www.micro-astuce.com/securite/NanoScan-Panda.php

    __________________________________________________________________________________________________________

    Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com

    à la suite j'ai fait un scan hijackthis et voici le résultat :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:28:46, on 24/02/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Program Files\DigitalPersona\Bin\DpAgent.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Windows\system32\conime.exe
    C:\Windows\System32\WScript.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\uTorrent\utorrent.exe
    C:\Program Files\Trend Micro\HijackThis\HJT.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
    O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
    O13 - Gopher Prefix:
    O17 - HKLM\System\CCS\Services\Tcpip\..\{53E1C06E-1F6F-4FCA-AF71-135943E1743B}: NameServer = 192.168.82.200,192.168.82.90,195.24.208.2,195.24.192.33
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F3981285-ABCC-439E-8BBC-B39262952601}: NameServer = 192.168.1.254
    O17 - HKLM\System\CS1\Services\Tcpip\..\{53E1C06E-1F6F-4FCA-AF71-135943E1743B}: NameServer = 192.168.82.200,192.168.82.90,195.24.208.2,195.24.192.33
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    0
  10. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    ensuite tu va me faire ceci :

    Pour commencer : faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner

    Télécharge Superantispyware (SAS)

    Choisis "enregistrer" et enregistre-le sur ton bureau.

    Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.

    Créé une icône sur le bureau.

    Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.

    - Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
    - Sous Configuration and Preferences, clique sur le bouton "Preferences"
    - Clique sur l'onglet "Scanning Control "
    - Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :

    Close browsers before scanning
    Scan for tracking cookies
    Terminate memory threats before quarantining
    - Laisse les autres lignes décochées.

    - Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.

    - Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".

    Dans la colonne de gauche, coche C:\Fixed Drive.

    Dans la colonne de droite, sous "Complete scan", clique sur "Perform Complete Scan"

    Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.

    A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.

    Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".

    Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.

    Pour recopier les informations sur le forum, fais ceci :

    - après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
    - Clique sur "Preferences" puis sur l'onglet "Statistics/Logs ".
    - Dans "scanners logs", double-clique sur SUPERAntiSpyware Scan Log.

    - Le rapport va s'ouvrir dans ton éditeur de texte par défaut.

    - Copie son contenu dans ta réponse.

    Regarde bien le tuto SUPERAntiSpyware il est très bien expliqué.

    0
  11. Clemson
     
    Bonjour !
    Voila 19h51min que j'ai lancé le scan avec superantisyware. Il n'a même pas l'air de vouloir terminer car j'ai l'impression qu'il boucle (analyse les fichiers déjà analysés). Mais il a déjà trouvé 140 risques !!
    Est-ce normal ??
    Que dois-je faire ?
    0
  12. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    tu vas l'arrêter puis me donner déjà ce rapport et supprimé déjà ce qu'il à trouvé et tu en referas en un autre une fois le tout supprimé.
    0
  13. Clemson
     
    Voici le résultat du scan !!

    SUPERAntiSpyware Scan Log
    https://www.superantispyware.com/

    Generated 02/27/2009 at 02:20 PM

    Application Version : 4.25.1014

    Core Rules Database Version : 3773
    Trace Rules Database Version: 1732

    Scan type : Complete Scan
    Total Scan Time : 20:54:57

    Memory items scanned : 804
    Memory threats detected : 0
    Registry items scanned : 7497
    Registry threats detected : 0
    File items scanned : 1328202
    File threats detected : 141

    Adware.Tracking Cookie
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@doubleclick[1].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@smartadserver[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@tradedoubler[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@yourmedia[1].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@richmedia.yahoo[1].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@bluestreak[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@laredoute.solution.weborama[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@boursoramabanque.solution.weborama[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@serving-sys[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@atdmt[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@content.yieldmanager.edgesuite[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@content.yieldmanager[3].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@fructismen07mars06avril.solution.weborama[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@content.yieldmanager[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@wmvmedialease[1].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@247realmedia[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@cnam.solution.weborama[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@weborama[1].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@bs.serving-sys[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@cetelem.solution.weborama[2].txt
    C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Cookies\clément@ad.yieldmanager[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\le_même@ad.yieldmanager[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\le_même@bluestreak[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\le_même@doubleclick[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\le_même@tradedoubler[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@247realmedia[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@2o7[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@ad.yieldmanager[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@adopt.euroclick[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@adrevolver[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@adserver.aol[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@adtech[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@adviva[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@atdmt[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@bluestreak[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@doubleclick[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@fl01.ct2.comclick[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@interhome.solution.weborama[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@media.adrevolver[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@media.adrevolver[3].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@mediametrics.mpsa[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@mediaplex[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@pro-market[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@richmedia.yahoo[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@sales.liveperson[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@sales.liveperson[3].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@smartadserver[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@tradedoubler[2].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@weborama[1].txt
    C:\Documents and Settings\Le même\AppData\Roaming\Microsoft\Windows\Cookies\Low\le_même@xiti[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\le_même@ad.yieldmanager[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\le_même@bluestreak[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\le_même@doubleclick[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\le_même@tradedoubler[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@247realmedia[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@2o7[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@ad.yieldmanager[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@adopt.euroclick[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@adrevolver[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@adserver.aol[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@adtech[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@adviva[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@atdmt[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@bluestreak[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@doubleclick[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@fl01.ct2.comclick[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@interhome.solution.weborama[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@media.adrevolver[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@media.adrevolver[3].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@mediametrics.mpsa[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@mediaplex[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@pro-market[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@richmedia.yahoo[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@sales.liveperson[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@sales.liveperson[3].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@smartadserver[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@tradedoubler[2].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@weborama[1].txt
    C:\Documents and Settings\Le même\Application Data\Microsoft\Windows\Cookies\Low\le_même@xiti[1].txt
    C:\Documents and Settings\Le même\Cookies\le_même@ad.yieldmanager[2].txt
    C:\Documents and Settings\Le même\Cookies\le_même@bluestreak[1].txt
    C:\Documents and Settings\Le même\Cookies\le_même@doubleclick[1].txt
    C:\Documents and Settings\Le même\Cookies\le_même@tradedoubler[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@247realmedia[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@2o7[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@ad.yieldmanager[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@adopt.euroclick[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@adrevolver[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@adserver.aol[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@adtech[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@adviva[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@atdmt[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@bluestreak[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@doubleclick[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@fl01.ct2.comclick[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@interhome.solution.weborama[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@media.adrevolver[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@media.adrevolver[3].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@mediametrics.mpsa[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@mediaplex[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@pro-market[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@richmedia.yahoo[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@sales.liveperson[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@sales.liveperson[3].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@smartadserver[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@tradedoubler[2].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@weborama[1].txt
    C:\Documents and Settings\Le même\Cookies\Low\le_même@xiti[1].txt

    Adware.Lop
    C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\PROGRAMDATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    C:\USERS\ALL USERS\APPLICATION DATA\DOCUMENTS\SETUP\CHIFFRES ET LETTRES\LE MOT LE PLUS LONG\PLUSLONG.EXE
    0
  14. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    supprime moi déjà tout cela et fait moi ceci :

    Télécharge Lop S&D.exe (Eric 71 & Angeldark) sur ton bureau.
    Double-clique sur Lop S&D pour lancer l'installation
    Séléctionner la langue souhaitée, puis choisir l'option 1 (Recherche).
    Une fois le scan terminé, enregistrez le rapport généré qui se situera par défaut sous la racine du disque : C:\lopR.txt.

    Redémarre le PC en mode sans échec
    Quand tu as le curseur qui clignote, tu peux avoir un temps d'ouverture du mode sans échec qui va jusqu'à 15 minutes. Il faut donc être patient.
    Il faut laisser aller le PC à son rythme, pour que s'installe le bureau; après quoi, tu réutilises ta souris.
    Choisir sa session habituelle, (pas le compte "Administrateur" ou une autre).
    Double-clique sur le raccourci Lop S&D présent sur ton bureau, ensuite sélectionne la langue souhaitée,
    puis choisis l'Option 2 - Suppression +HOSTS - et patiente jusqu'à ce qu'il ait terminé.
    Redémarre normalement et poste, dans la même réponse, le contenu du rapport C:\lopR.txt

    Pour ceux qui ont vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs
    0
  15. Clemson
     
    Salut,
    voici le rapport de scan LOP S&D

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz )
    BIOS : Ver 1.00PARTTBL8
    USER : Clément ( Not Administrator ! )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1201 [VPS 081221-0] 4.8.1201 (Activated)
    C:\ (Local Disk) - NTFS - Total:137 Go (Free:5 Go)
    D:\ (Local Disk) - NTFS - Total:12 Go (Free:2 Go)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 27/02/2009|15:17 )

    [ UAC => 1 ]

    --------------------\\ Listing des dossiers dans Local

    [13/02/2009|13:40] C:\Users\CLMENT~1\AppData\Local\Adobe
    [25/01/2008|16:31] C:\Users\CLMENT~1\AppData\Local\Application Data
    [27/02/2009|14:23] C:\Users\CLMENT~1\AppData\Local\Corel
    [27/02/2009|14:10] C:\Users\CLMENT~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [12/02/2009|08:06] C:\Users\CLMENT~1\AppData\Local\DigitalPersona
    [27/02/2009|14:08] C:\Users\CLMENT~1\AppData\Local\GDIPFONTCACHEV1.DAT
    [16/02/2009|15:20] C:\Users\CLMENT~1\AppData\Local\Google
    [25/01/2008|16:31] C:\Users\CLMENT~1\AppData\Local\Historique
    [27/02/2009|14:27] C:\Users\CLMENT~1\AppData\Local\IconCache.db
    [24/02/2009|13:39] C:\Users\CLMENT~1\AppData\Local\Microsoft
    [21/02/2009|20:49] C:\Users\CLMENT~1\AppData\Local\Microsoft Games
    [20/02/2009|08:54] C:\Users\CLMENT~1\AppData\Local\Microsoft Help
    [12/02/2009|08:09] C:\Users\CLMENT~1\AppData\Local\Mozilla
    [27/02/2009|15:14] C:\Users\CLMENT~1\AppData\Local\Temp
    [21/02/2009|01:17] C:\Users\CLMENT~1\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [27/02/2009 15:15][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{D9635250-8FE0-4547-8148-B79EE601B181}.job
    [27/02/2009 15:15][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{744A9241-69A6-4258-A609-2D1230C9D50E}.job
    [27/02/2009 14:32][--ah-----] C:\Windows\tasks\SA.DAT
    [27/02/2009 14:30][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [10/11/2007|00:32] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [16/04/2008|12:32] C:\ProgramData\Adobe
    [02/11/2006|14:02] C:\ProgramData\Application Data
    [01/09/2008|21:21] C:\ProgramData\BM6626bca8.txt
    [01/09/2008|10:55] C:\ProgramData\BM6626bca8.xml
    [25/01/2008|16:27] C:\ProgramData\Bureau
    [11/09/2008|12:55] C:\ProgramData\Corel
    [18/02/2008|10:53] C:\ProgramData\CyberLink
    [02/11/2006|14:02] C:\ProgramData\Desktop
    [02/11/2006|14:02] C:\ProgramData\Documents
    [25/01/2008|16:40] C:\ProgramData\Electronic Arts
    [05/02/2008|12:21] C:\ProgramData\eMule
    [14/10/2008|09:05] C:\ProgramData\ezsidmv.dat
    [25/01/2008|16:27] C:\ProgramData\Favoris
    [02/11/2006|14:02] C:\ProgramData\Favorites
    [16/12/2008|15:31] C:\ProgramData\FLEXnet
    [14/10/2008|08:55] C:\ProgramData\Google
    [25/01/2008|16:46] C:\ProgramData\Hewlett-Packard
    [29/01/2008|15:05] C:\ProgramData\HP
    [08/05/2008|16:36] C:\ProgramData\Kodak
    [31/01/2008|17:11] C:\ProgramData\LightScribe
    [12/09/2008|08:45] C:\ProgramData\Macrovision
    [20/02/2009|08:08] C:\ProgramData\Malwarebytes
    [25/01/2008|16:27] C:\ProgramData\Menu D‚marrer
    [12/08/2008|21:05] C:\ProgramData\Microsoft
    [12/02/2009|09:02] C:\ProgramData\Microsoft Help
    [25/01/2008|16:27] C:\ProgramData\ModŠles
    [10/11/2007|00:17] C:\ProgramData\muvee Technologies
    [08/08/2008|14:27] C:\ProgramData\Nero
    [03/06/2008|20:20] C:\ProgramData\Network Associates
    [25/02/2009|07:36] C:\ProgramData\ntuser.pol
    [16/12/2008|12:44] C:\ProgramData\NVIDIA
    [19/02/2008|09:15] C:\ProgramData\Office Genuine Advantage
    [01/09/2008|21:21] C:\ProgramData\pskt.ini
    [14/10/2008|08:55] C:\ProgramData\Skype
    [01/12/2008|09:51] C:\ProgramData\SolidDocuments
    [02/11/2006|14:02] C:\ProgramData\Start Menu
    [26/02/2009|17:13] C:\ProgramData\SUPERAntiSpyware.com
    [05/02/2008|11:56] C:\ProgramData\Symantec
    [18/10/2008|22:42] C:\ProgramData\TEMP
    [02/11/2006|14:02] C:\ProgramData\Templates
    [09/11/2007|23:41] C:\ProgramData\Viewpoint
    [07/08/2008|14:30] C:\ProgramData\vsosdk
    [08/12/2008|17:42] C:\ProgramData\WildTangent
    [27/02/2009|10:30] C:\ProgramData\WindowsSearch
    [03/09/2008|15:13] C:\ProgramData\Xerox
    [28/01/2008|15:11] C:\ProgramData\Yahoo!
    [29/01/2008|22:02] C:\ProgramData\Yahoo! Companion

    --------------------\\ Listing des dossiers dans C:\Program Files

    [10/11/2007|00:32] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [22/08/2008|15:11] C:\Program Files\Adobe
    [19/02/2009|17:27] C:\Program Files\Ad-remover
    [09/11/2007|23:41] C:\Program Files\AIM6
    [22/10/2008|16:01] C:\Program Files\Allok MPEG4 Converter
    [20/12/2008|11:02] C:\Program Files\Alwil Software
    [14/12/2007|10:55] C:\Program Files\Apoint2K
    [24/12/2008|14:12] C:\Program Files\Bradbury
    [26/02/2009|15:43] C:\Program Files\Camtel wireless
    [26/02/2009|08:19] C:\Program Files\CCleaner
    [19/02/2009|09:32] C:\Program Files\Common Files
    [14/12/2007|10:58] C:\Program Files\CONEXANT
    [06/03/2008|08:15] C:\Program Files\Connectix
    [11/09/2008|12:50] C:\Program Files\Corel
    [13/10/2008|14:23] C:\Program Files\CounterPath
    [14/12/2007|11:14] C:\Program Files\CyberLink
    [14/12/2007|11:18] C:\Program Files\DigitalPersona
    [24/12/2008|13:56] C:\Program Files\EasyPHP 2.0b1
    [25/01/2008|16:40] C:\Program Files\Electronic Arts
    [09/10/2008|13:08] C:\Program Files\eMule
    [12/12/2008|04:58] C:\Program Files\ESET
    [25/01/2008|16:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [14/12/2007|11:00] C:\Program Files\Fingerprint Sensor
    [14/10/2008|08:55] C:\Program Files\Google
    [14/12/2007|11:11] C:\Program Files\Hewlett-Packard
    [14/12/2007|11:06] C:\Program Files\Hp
    [08/12/2008|17:31] C:\Program Files\HP Games
    [25/01/2008|16:33] C:\Program Files\HPQ
    [14/12/2007|10:59] C:\Program Files\Intel
    [29/09/2008|08:28] C:\Program Files\Internet Explorer
    [04/08/2008|13:57] C:\Program Files\Java
    [26/02/2009|16:12] C:\Program Files\Loop12 V2
    [24/12/2008|14:10] C:\Program Files\Macromedia
    [20/02/2009|08:09] C:\Program Files\Malwarebytes' Anti-Malware
    [14/12/2007|10:59] C:\Program Files\Marvell
    [23/12/2008|15:07] C:\Program Files\Micro Application
    [02/11/2006|13:37] C:\Program Files\Microsoft Games
    [07/02/2008|09:21] C:\Program Files\Microsoft Office
    [07/02/2008|09:22] C:\Program Files\Microsoft Visual Studio
    [07/02/2008|09:16] C:\Program Files\Microsoft Visual Studio 8
    [10/11/2007|00:30] C:\Program Files\Microsoft Works
    [10/11/2007|00:30] C:\Program Files\Microsoft.NET
    [29/09/2008|08:28] C:\Program Files\Movie Maker
    [26/02/2009|16:19] C:\Program Files\Mozilla Firefox
    [07/02/2008|09:22] C:\Program Files\MSBuild
    [30/01/2008|03:03] C:\Program Files\MSXML 4.0
    [10/11/2007|00:17] C:\Program Files\muvee Technologies
    [14/12/2007|10:56] C:\Program Files\NetWaiting
    [16/02/2009|15:20] C:\Program Files\Picasa2
    [31/01/2008|10:42] C:\Program Files\PowerQuest
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [01/10/2007|08:28] C:\Program Files\Revues-Dalloz
    [14/12/2007|11:19] C:\Program Files\Services en ligne
    [04/06/2008|07:09] C:\Program Files\SiteAdvisor(317)
    [14/10/2008|08:55] C:\Program Files\Skype
    [01/12/2008|09:52] C:\Program Files\SolidDocuments
    [04/08/2008|14:02] C:\Program Files\Sun
    [26/02/2009|17:12] C:\Program Files\SUPERAntiSpyware
    [26/12/2008|15:02] C:\Program Files\Tetris
    [19/02/2009|15:05] C:\Program Files\Trend Micro
    [31/01/2008|10:00] C:\Program Files\uTorrent
    [30/07/2008|11:36] C:\Program Files\uxtobirza
    [26/02/2009|16:11] C:\Program Files\V3CallCenter
    [25/02/2008|12:49] C:\Program Files\VideoLAN
    [09/11/2007|23:41] C:\Program Files\Viewpoint
    [06/08/2008|12:35] C:\Program Files\VSO
    [29/09/2008|08:28] C:\Program Files\Windows Calendar
    [29/09/2008|08:28] C:\Program Files\Windows Collaboration
    [29/09/2008|08:28] C:\Program Files\Windows Defender
    [29/09/2008|08:28] C:\Program Files\Windows Journal
    [12/02/2009|09:01] C:\Program Files\Windows Mail
    [29/09/2008|08:28] C:\Program Files\Windows Media Player
    [25/01/2008|16:27] C:\Program Files\Windows NT
    [29/09/2008|08:28] C:\Program Files\Windows Photo Gallery
    [29/09/2008|08:28] C:\Program Files\Windows Sidebar
    [19/02/2008|12:45] C:\Program Files\WinHTTrack
    [29/05/2008|02:35] C:\Program Files\WinRAR
    [14/12/2007|10:53] C:\Program Files\WinTV
    [28/01/2008|15:08] C:\Program Files\Yahoo!
    [30/05/2008|10:06] C:\Program Files\Zone.Com Deluxe Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [22/08/2008|15:09] C:\Program Files\Common Files\Adobe
    [09/11/2007|23:41] C:\Program Files\Common Files\AOL
    [11/09/2008|12:52] C:\Program Files\Common Files\Corel
    [10/11/2007|00:30] C:\Program Files\Common Files\DESIGNER
    [10/11/2007|00:46] C:\Program Files\Common Files\InstallShield
    [13/10/2008|14:23] C:\Program Files\Common Files\Intel
    [10/11/2007|01:00] C:\Program Files\Common Files\Java
    [25/01/2008|16:33] C:\Program Files\Common Files\LightScribe
    [24/12/2008|14:10] C:\Program Files\Common Files\Macromedia
    [02/06/2008|09:31] C:\Program Files\Common Files\Macromedia Shared
    [22/08/2008|14:42] C:\Program Files\Common Files\Macrovision Shared
    [06/09/2008|11:43] C:\Program Files\Common Files\microsoft shared
    [10/11/2007|00:17] C:\Program Files\Common Files\muvee Technologies
    [03/06/2008|20:19] C:\Program Files\Common Files\Network Associates
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [14/10/2008|08:55] C:\Program Files\Common Files\Skype
    [28/05/2008|10:33] C:\Program Files\Common Files\soft602
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [05/02/2008|16:00] C:\Program Files\Common Files\Symantec Shared
    [29/09/2008|08:28] C:\Program Files\Common Files\System
    [24/12/2008|14:12] C:\Program Files\Common Files\Vbox
    [26/02/2009|17:11] C:\Program Files\Common Files\Wise Installation Wizard

    --------------------\\ Process

    ( 67 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-27 15:18:16
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Avast keygen 4.8.EXE.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Avast_Anti-Virus Version4.8.1201.Pro[Keygens].rar.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\AVG Internet Security v8.0.93 + Crack and Serial Key.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\ConvertXtoDVD 2.2.3.258f And Keygen (25th October 2007).torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\ConvertXtoDVD 2008 incl Keygen.rar.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Corel PaintShop Pro X2 (V-12)+Keygen-HeartBug.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Crack Nero.exe.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Monopoly 2008 in ISO + Crack.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Scrabble Deluxe 2008 with crack.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\VMware Workstation.v6.0.4 b93507 + Keygen - HeartBug.torrent
    C:\Users\CLMENT~1\Documents\Doc Bayonmbog\Dream Weaver\Studio_Mx_2004_Crack.exe
    C:\Users\CLMENT~1\Documents\Downloads\Monopoly 2008 in ISO + Crack
    C:\Users\CLMENT~1\Documents\Downloads\Monopoly 2008 in ISO + Crack\Monopoly 2008 (PC Game) + Crack.iso
    C:\Users\CLMENT~1\Downloads\eMule\Incoming\Application - Transcender Cisco Certified Network Associate Certification (CCNA) Update & Crack.zip
    C:\Users\CLMENT~1\Downloads\eMule\Incoming\Connectix Virtual PC 5.2 for Windows & 5.1.370 for OS2 - DE-EN-FR-JP - incl. Additions for DOS - WIN - OS2 & KeyGen_!!.zip
    C:\Users\CLMENT~1\Downloads\eMule\Incoming\Nero 8 Keygen Only - ADDICTION.rar
    C:\Users\CLMENT~1\Downloads\eMule\Incoming\VMware.Workstation.v6.0.0.45731.Windows.Keygen.exe

    [F:28][D:8]-> C:\Users\CLMENT~1\AppData\Local\Temp
    [F:2][D:1]-> C:\Users\CLMENT~1\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:19][D:4]-> C:\Users\CLMENT~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:4][D:6]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 27/02/2009|15:19 - Option : [1]

    --------------------\\ Fin du rapport a 15:19:54
    [ UAC => 1 ]

    Rapport de la suppression

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz )
    BIOS : Ver 1.00PARTTBL8
    USER : Clément ( Not Administrator ! )
    BOOT : Fail-safe boot
    Antivirus : avast! antivirus 4.8.1201 [VPS 081221-0] 4.8.1201 (Activated)
    C:\ (Local Disk) - NTFS - Total:137 Go (Free:7 Go)
    D:\ (Local Disk) - NTFS - Total:12 Go (Free:2 Go)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 27/02/2009|15:33 )

    [ UAC => 1 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\Program Files\Viewpoint
    Supprime! - C:\PROGRA~2\Viewpoint

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans Local

    [13/02/2009|13:40] C:\Users\CLMENT~1\AppData\Local\Adobe
    [25/01/2008|16:31] C:\Users\CLMENT~1\AppData\Local\Application Data
    [27/02/2009|14:23] C:\Users\CLMENT~1\AppData\Local\Corel
    [27/02/2009|14:10] C:\Users\CLMENT~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [12/02/2009|08:06] C:\Users\CLMENT~1\AppData\Local\DigitalPersona
    [27/02/2009|14:08] C:\Users\CLMENT~1\AppData\Local\GDIPFONTCACHEV1.DAT
    [16/02/2009|15:20] C:\Users\CLMENT~1\AppData\Local\Google
    [25/01/2008|16:31] C:\Users\CLMENT~1\AppData\Local\Historique
    [27/02/2009|15:28] C:\Users\CLMENT~1\AppData\Local\IconCache.db
    [24/02/2009|13:39] C:\Users\CLMENT~1\AppData\Local\Microsoft
    [21/02/2009|20:49] C:\Users\CLMENT~1\AppData\Local\Microsoft Games
    [20/02/2009|08:54] C:\Users\CLMENT~1\AppData\Local\Microsoft Help
    [12/02/2009|08:09] C:\Users\CLMENT~1\AppData\Local\Mozilla
    [27/02/2009|15:33] C:\Users\CLMENT~1\AppData\Local\Temp
    [21/02/2009|01:17] C:\Users\CLMENT~1\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [27/02/2009 15:30][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{D9635250-8FE0-4547-8148-B79EE601B181}.job
    [27/02/2009 15:30][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{744A9241-69A6-4258-A609-2D1230C9D50E}.job
    [27/02/2009 15:30][--ah-----] C:\Windows\tasks\SA.DAT
    [27/02/2009 15:30][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [10/11/2007|00:32] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [16/04/2008|12:32] C:\ProgramData\Adobe
    [02/11/2006|14:02] C:\ProgramData\Application Data
    [01/09/2008|21:21] C:\ProgramData\BM6626bca8.txt
    [01/09/2008|10:55] C:\ProgramData\BM6626bca8.xml
    [25/01/2008|16:27] C:\ProgramData\Bureau
    [11/09/2008|12:55] C:\ProgramData\Corel
    [18/02/2008|10:53] C:\ProgramData\CyberLink
    [02/11/2006|14:02] C:\ProgramData\Desktop
    [02/11/2006|14:02] C:\ProgramData\Documents
    [25/01/2008|16:40] C:\ProgramData\Electronic Arts
    [05/02/2008|12:21] C:\ProgramData\eMule
    [14/10/2008|09:05] C:\ProgramData\ezsidmv.dat
    [25/01/2008|16:27] C:\ProgramData\Favoris
    [02/11/2006|14:02] C:\ProgramData\Favorites
    [16/12/2008|15:31] C:\ProgramData\FLEXnet
    [14/10/2008|08:55] C:\ProgramData\Google
    [25/01/2008|16:46] C:\ProgramData\Hewlett-Packard
    [29/01/2008|15:05] C:\ProgramData\HP
    [08/05/2008|16:36] C:\ProgramData\Kodak
    [31/01/2008|17:11] C:\ProgramData\LightScribe
    [12/09/2008|08:45] C:\ProgramData\Macrovision
    [20/02/2009|08:08] C:\ProgramData\Malwarebytes
    [25/01/2008|16:27] C:\ProgramData\Menu D‚marrer
    [12/08/2008|21:05] C:\ProgramData\Microsoft
    [12/02/2009|09:02] C:\ProgramData\Microsoft Help
    [25/01/2008|16:27] C:\ProgramData\ModŠles
    [10/11/2007|00:17] C:\ProgramData\muvee Technologies
    [08/08/2008|14:27] C:\ProgramData\Nero
    [03/06/2008|20:20] C:\ProgramData\Network Associates
    [25/02/2009|07:36] C:\ProgramData\ntuser.pol
    [16/12/2008|12:44] C:\ProgramData\NVIDIA
    [19/02/2008|09:15] C:\ProgramData\Office Genuine Advantage
    [01/09/2008|21:21] C:\ProgramData\pskt.ini
    [14/10/2008|08:55] C:\ProgramData\Skype
    [01/12/2008|09:51] C:\ProgramData\SolidDocuments
    [02/11/2006|14:02] C:\ProgramData\Start Menu
    [26/02/2009|17:13] C:\ProgramData\SUPERAntiSpyware.com
    [05/02/2008|11:56] C:\ProgramData\Symantec
    [18/10/2008|22:42] C:\ProgramData\TEMP
    [02/11/2006|14:02] C:\ProgramData\Templates
    [07/08/2008|14:30] C:\ProgramData\vsosdk
    [08/12/2008|17:42] C:\ProgramData\WildTangent
    [27/02/2009|10:30] C:\ProgramData\WindowsSearch
    [03/09/2008|15:13] C:\ProgramData\Xerox
    [28/01/2008|15:11] C:\ProgramData\Yahoo!
    [29/01/2008|22:02] C:\ProgramData\Yahoo! Companion

    --------------------\\ Listing des dossiers dans C:\Program Files

    [10/11/2007|00:32] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [22/08/2008|15:11] C:\Program Files\Adobe
    [19/02/2009|17:27] C:\Program Files\Ad-remover
    [09/11/2007|23:41] C:\Program Files\AIM6
    [22/10/2008|16:01] C:\Program Files\Allok MPEG4 Converter
    [20/12/2008|11:02] C:\Program Files\Alwil Software
    [14/12/2007|10:55] C:\Program Files\Apoint2K
    [24/12/2008|14:12] C:\Program Files\Bradbury
    [26/02/2009|15:43] C:\Program Files\Camtel wireless
    [26/02/2009|08:19] C:\Program Files\CCleaner
    [19/02/2009|09:32] C:\Program Files\Common Files
    [14/12/2007|10:58] C:\Program Files\CONEXANT
    [06/03/2008|08:15] C:\Program Files\Connectix
    [11/09/2008|12:50] C:\Program Files\Corel
    [13/10/2008|14:23] C:\Program Files\CounterPath
    [14/12/2007|11:14] C:\Program Files\CyberLink
    [14/12/2007|11:18] C:\Program Files\DigitalPersona
    [24/12/2008|13:56] C:\Program Files\EasyPHP 2.0b1
    [25/01/2008|16:40] C:\Program Files\Electronic Arts
    [09/10/2008|13:08] C:\Program Files\eMule
    [12/12/2008|04:58] C:\Program Files\ESET
    [25/01/2008|16:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [14/12/2007|11:00] C:\Program Files\Fingerprint Sensor
    [14/10/2008|08:55] C:\Program Files\Google
    [14/12/2007|11:11] C:\Program Files\Hewlett-Packard
    [14/12/2007|11:06] C:\Program Files\Hp
    [08/12/2008|17:31] C:\Program Files\HP Games
    [25/01/2008|16:33] C:\Program Files\HPQ
    [14/12/2007|10:59] C:\Program Files\Intel
    [29/09/2008|08:28] C:\Program Files\Internet Explorer
    [04/08/2008|13:57] C:\Program Files\Java
    [26/02/2009|16:12] C:\Program Files\Loop12 V2
    [24/12/2008|14:10] C:\Program Files\Macromedia
    [20/02/2009|08:09] C:\Program Files\Malwarebytes' Anti-Malware
    [14/12/2007|10:59] C:\Program Files\Marvell
    [23/12/2008|15:07] C:\Program Files\Micro Application
    [02/11/2006|13:37] C:\Program Files\Microsoft Games
    [07/02/2008|09:21] C:\Program Files\Microsoft Office
    [07/02/2008|09:22] C:\Program Files\Microsoft Visual Studio
    [07/02/2008|09:16] C:\Program Files\Microsoft Visual Studio 8
    [10/11/2007|00:30] C:\Program Files\Microsoft Works
    [10/11/2007|00:30] C:\Program Files\Microsoft.NET
    [29/09/2008|08:28] C:\Program Files\Movie Maker
    [26/02/2009|16:19] C:\Program Files\Mozilla Firefox
    [07/02/2008|09:22] C:\Program Files\MSBuild
    [30/01/2008|03:03] C:\Program Files\MSXML 4.0
    [10/11/2007|00:17] C:\Program Files\muvee Technologies
    [14/12/2007|10:56] C:\Program Files\NetWaiting
    [16/02/2009|15:20] C:\Program Files\Picasa2
    [31/01/2008|10:42] C:\Program Files\PowerQuest
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [01/10/2007|08:28] C:\Program Files\Revues-Dalloz
    [14/12/2007|11:19] C:\Program Files\Services en ligne
    [04/06/2008|07:09] C:\Program Files\SiteAdvisor(317)
    [14/10/2008|08:55] C:\Program Files\Skype
    [01/12/2008|09:52] C:\Program Files\SolidDocuments
    [04/08/2008|14:02] C:\Program Files\Sun
    [26/02/2009|17:12] C:\Program Files\SUPERAntiSpyware
    [26/12/2008|15:02] C:\Program Files\Tetris
    [19/02/2009|15:05] C:\Program Files\Trend Micro
    [31/01/2008|10:00] C:\Program Files\uTorrent
    [30/07/2008|11:36] C:\Program Files\uxtobirza
    [26/02/2009|16:11] C:\Program Files\V3CallCenter
    [25/02/2008|12:49] C:\Program Files\VideoLAN
    [06/08/2008|12:35] C:\Program Files\VSO
    [29/09/2008|08:28] C:\Program Files\Windows Calendar
    [29/09/2008|08:28] C:\Program Files\Windows Collaboration
    [29/09/2008|08:28] C:\Program Files\Windows Defender
    [29/09/2008|08:28] C:\Program Files\Windows Journal
    [12/02/2009|09:01] C:\Program Files\Windows Mail
    [29/09/2008|08:28] C:\Program Files\Windows Media Player
    [25/01/2008|16:27] C:\Program Files\Windows NT
    [29/09/2008|08:28] C:\Program Files\Windows Photo Gallery
    [29/09/2008|08:28] C:\Program Files\Windows Sidebar
    [19/02/2008|12:45] C:\Program Files\WinHTTrack
    [29/05/2008|02:35] C:\Program Files\WinRAR
    [14/12/2007|10:53] C:\Program Files\WinTV
    [28/01/2008|15:08] C:\Program Files\Yahoo!
    [30/05/2008|10:06] C:\Program Files\Zone.Com Deluxe Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [22/08/2008|15:09] C:\Program Files\Common Files\Adobe
    [09/11/2007|23:41] C:\Program Files\Common Files\AOL
    [11/09/2008|12:52] C:\Program Files\Common Files\Corel
    [10/11/2007|00:30] C:\Program Files\Common Files\DESIGNER
    [10/11/2007|00:46] C:\Program Files\Common Files\InstallShield
    [13/10/2008|14:23] C:\Program Files\Common Files\Intel
    [10/11/2007|01:00] C:\Program Files\Common Files\Java
    [25/01/2008|16:33] C:\Program Files\Common Files\LightScribe
    [24/12/2008|14:10] C:\Program Files\Common Files\Macromedia
    [02/06/2008|09:31] C:\Program Files\Common Files\Macromedia Shared
    [22/08/2008|14:42] C:\Program Files\Common Files\Macrovision Shared
    [06/09/2008|11:43] C:\Program Files\Common Files\microsoft shared
    [10/11/2007|00:17] C:\Program Files\Common Files\muvee Technologies
    [03/06/2008|20:19] C:\Program Files\Common Files\Network Associates
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [14/10/2008|08:55] C:\Program Files\Common Files\Skype
    [28/05/2008|10:33] C:\Program Files\Common Files\soft602
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [05/02/2008|16:00] C:\Program Files\Common Files\Symantec Shared
    [29/09/2008|08:28] C:\Program Files\Common Files\System
    [24/12/2008|14:12] C:\Program Files\Common Files\Vbox
    [26/02/2009|17:11] C:\Program Files\Common Files\Wise Installation Wizard

    --------------------\\ Process

    ( 22 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-27 15:33:24
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Avast keygen 4.8.EXE.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Avast_Anti-Virus Version4.8.1201.Pro[Keygens].rar.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\AVG Internet Security v8.0.93 + Crack and Serial Key.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\ConvertXtoDVD 2.2.3.258f And Keygen (25th October 2007).torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\ConvertXtoDVD 2008 incl Keygen.rar.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Corel PaintShop Pro X2 (V-12)+Keygen-HeartBug.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Crack Nero.exe.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Monopoly 2008 in ISO + Crack.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\Scrabble Deluxe 2008 with crack.torrent
    C:\Users\CLMENT~1\AppData\Roaming\uTorrent\VMware Workstation.v6.0.4 b93507 + Keygen - HeartBug.torrent
    C:\Users\CLMENT~1\Documents\Doc Bayonmbog\Dream Weaver\Studio_Mx_2004_Crack.exe
    C:\Users\CLMENT~1\Documents\Downloads\Monopoly 2008 in ISO + Crack
    C:\Users\CLMENT~1\Documents\Downloads\Monopoly 2008 in ISO + Crack\Monopoly 2008 (PC Game) + Crack.iso
    C:\Users\CLMENT~1\Downloads\eMule\Incoming\Application - Transcender Cisco Certified Network Associate Certification (CCNA) Update & Crack.zip
    C:\Users\CLMENT~1\Downloads\eMule\Incoming\Connectix Virtual PC 5.2 for Windows & 5.1.370 for OS2 - DE-EN-FR-JP - incl. Additions for DOS - WIN - OS2 & KeyGen_!!.zip
    C:\Users\CLMENT~1\Downloads\eMule\Incoming\Nero 8 Keygen Only - ADDICTION.rar
    C:\Users\CLMENT~1\Downloads\eMule\Incoming\VMware.Workstation.v6.0.0.45731.Windows.Keygen.exe

    [F:31][D:17]-> C:\Users\CLMENT~1\AppData\Local\Temp
    [F:3][D:1]-> C:\Users\CLMENT~1\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:22][D:4]-> C:\Users\CLMENT~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:4][D:6]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 27/02/2009|15:19 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 27/02/2009|15:34 - Option : [2]

    --------------------\\ Fin du rapport a 15:34:32
    [ UAC => 1 ]
    0