Détecter virus dans processus ?

Résolu
dragster972 Messages postés 133 Statut Membre -  
dragster972 Messages postés 133 Statut Membre -
Bonjour,
je voudrais savoir comment détecter un virus dans les processus pour pouvoir le supprimer, car au démmarage, mon ordi est très lent.
Merci d'avance de vos réponses..

31 réponses

  • 1
  • 2
  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt,

    Télécharge ici :

    http://images.malwareremoval.com/random/RSIT.exe

    random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

    Double-clique sur RSIT.exe afin de lancer RSIT.

    Clique Continue à l'écran Disclaimer.

    Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

    Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

    NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    0
  2. dragster972 Messages postés 133 Statut Membre 31
     
    rapport log.txt :

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by dragster972 at 2009-03-03 07:59:21
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 48 GB (61%) free of 78 GB
    Total RAM: 479 MB (11% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 08:00:09, on 03/03/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Orange HSS\Systray\SystrayApp.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\PixArt\PAC207\Monitor.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Orange HSS\Launcher\Launcher.exe
    C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
    C:\Program Files\RALINK\Common\RaUI.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Orange HSS\Deskboard\deskboard.exe
    C:\Program Files\Orange HSS\connectivity\connectivitymanager.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Opera\opera.exe
    C:\Documents and Settings\dragster972\Bureau\RSIT.exe
    C:\Program Files\trend micro\dragster972.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [find trust seek mail] C:\Documents and Settings\All Users\Application Data\Defy Memo Find Trust\Glue obj.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BMISR] C:\Program Files\KYE\WebMate\BM.exe
    O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [About ping] C:\DOCUME~1\DRAGST~1\APPLIC~1\FRAGLI~1\Find Close 1.exe
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdS7_0_0
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; NaviWoo2.0; Orange 8.0; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.rasterwerks.com/game/phosphor/beta1.asp"
    O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: https://www.orange.fr/portail
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    0
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    ______________________

    tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    * Double-clique dessus pour lancer l'installation
    * Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
    * Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
    * Patiente jusqu'à la fin du scan
    * Poste le rapport généré (C:\lopR.txt)

    ______________________

    mettre à jour adobe reader
    https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html

    ______________________

    Mettre a jour java:

    Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
    Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
    Double-clique sur le répertoire JavaRa obtenu.
    Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
    Clique sur Search For Updates.
    Sélectionne Update Using jucheck.exe puis clique sur Search.
    Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
    Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
    Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
    Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
    Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
    (c:\JavaRa.log)
    Ferme l'application.

    si cela ne fonctionne pas

    https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80

    tu peux désinstaller les vieilles versions.
    0
  4. dragster972 Messages postés 133 Statut Membre 31
     
    heum...je n'ai pas Hijack This :s

    EDIT : je vien de le télécharger
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
    0
  7. dragster972 Messages postés 133 Statut Membre 31
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2400+ )
    BIOS : BIOS Date: 11/25/03 13:00:54 Ver: 08.00.09
    USER : dragster972 ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090302-0] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:46 Go)
    D:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 03/03/2009| 8:20 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [23/12/2008|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [07/05/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [26/08/2008|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [12/03/2008|06:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
    [17/07/2008|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Defy Memo Find Trust
    [07/05/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
    [09/03/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [12/03/2008|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [04/04/2008|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [14/03/2008|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [21/02/2009|08:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [07/05/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nikon
    [23/11/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
    [23/11/2008|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
    [12/03/2008|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    [18/02/2009|08:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [07/05/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
    [23/11/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
    [09/03/2008|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [09/03/2008|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [09/03/2008|08:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [29/04/2008|16:42] C:\DOCUME~1\DRAGST~1\APPLIC~1\Adobe
    [21/04/2008|18:40] C:\DOCUME~1\DRAGST~1\APPLIC~1\AdobeUM
    [01/05/2008|14:42] C:\DOCUME~1\DRAGST~1\APPLIC~1\Canon
    [10/03/2008|11:49] C:\DOCUME~1\DRAGST~1\APPLIC~1\DivX
    [27/02/2009|07:57] C:\DOCUME~1\DRAGST~1\APPLIC~1\eMule
    [22/07/2008|07:49] C:\DOCUME~1\DRAGST~1\APPLIC~1\frag license site
    [09/03/2008|21:33] C:\DOCUME~1\DRAGST~1\APPLIC~1\Google
    [19/02/2009|15:12] C:\DOCUME~1\DRAGST~1\APPLIC~1\gtk-2.0
    [21/07/2008|07:13] C:\DOCUME~1\DRAGST~1\APPLIC~1\Help
    [09/03/2008|11:28] C:\DOCUME~1\DRAGST~1\APPLIC~1\Identities
    [09/03/2008|11:40] C:\DOCUME~1\DRAGST~1\APPLIC~1\InstallShield
    [27/02/2009|12:00] C:\DOCUME~1\DRAGST~1\APPLIC~1\LimeWire
    [01/04/2008|13:58] C:\DOCUME~1\DRAGST~1\APPLIC~1\Macromedia
    [13/11/2008|01:27] C:\DOCUME~1\DRAGST~1\APPLIC~1\Malwarebytes
    [10/03/2008|11:49] C:\DOCUME~1\DRAGST~1\APPLIC~1\Media Player Classic
    [04/02/2009|18:32] C:\DOCUME~1\DRAGST~1\APPLIC~1\Microsoft
    [08/05/2008|10:07] C:\DOCUME~1\DRAGST~1\APPLIC~1\Nikon
    [26/11/2008|22:04] C:\DOCUME~1\DRAGST~1\APPLIC~1\OpenOffice.org2
    [01/04/2008|11:02] C:\DOCUME~1\DRAGST~1\APPLIC~1\Opera
    [27/02/2009|17:40] C:\DOCUME~1\DRAGST~1\APPLIC~1\Real
    [12/03/2008|06:33] C:\DOCUME~1\DRAGST~1\APPLIC~1\ScanSoft
    [21/12/2008|14:18] C:\DOCUME~1\DRAGST~1\APPLIC~1\SecuROM
    [03/04/2008|17:58] C:\DOCUME~1\DRAGST~1\APPLIC~1\Sun
    [30/12/2008|18:04] C:\DOCUME~1\DRAGST~1\APPLIC~1\teamspeak2

    [09/03/2008|08:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [09/03/2008|08:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [03/03/2009 07:01][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [23/12/2008|11:20] C:\Program Files\Adobe
    [09/03/2008|17:28] C:\Program Files\Alwil Software
    [07/05/2008|18:54] C:\Program Files\ArcSoft
    [05/10/2008|15:26] C:\Program Files\Call of Duty Dawnville Demo
    [12/03/2008|06:29] C:\Program Files\Canon
    [12/03/2008|06:26] C:\Program Files\CanonBJ
    [09/03/2008|08:46] C:\Program Files\ComPlus Applications
    [11/11/2008|09:01] C:\Program Files\DivX
    [14/10/2008|11:11] C:\Program Files\Dofus
    [15/10/2008|17:56] C:\Program Files\DofusCalc
    [21/12/2008|14:43] C:\Program Files\Electronic Arts
    [27/02/2009|07:57] C:\Program Files\eMule
    [07/02/2009|19:19] C:\Program Files\Fichiers communs
    [30/03/2008|22:52] C:\Program Files\frag license site
    [26/02/2009|12:07] C:\Program Files\Free FLV Converter
    [12/01/2009|19:27] C:\Program Files\GIMP-2.0
    [09/03/2008|21:15] C:\Program Files\Google
    [31/05/2008|08:58] C:\Program Files\HyCam2
    [03/02/2009|19:33] C:\Program Files\InstallShield Installation Information
    [13/02/2009|07:44] C:\Program Files\Internet Explorer
    [22/12/2008|14:21] C:\Program Files\Java
    [03/02/2009|19:34] C:\Program Files\KYE
    [19/09/2008|12:19] C:\Program Files\LimeWire
    [04/04/2008|16:47] C:\Program Files\Malwarebytes' Anti-Malware
    [03/04/2008|18:18] C:\Program Files\MassGainer
    [26/08/2008|05:21] C:\Program Files\Messenger
    [10/02/2009|10:37] C:\Program Files\Messenger Plus! Live
    [17/12/2008|13:48] C:\Program Files\Microsoft
    [09/03/2008|08:51] C:\Program Files\microsoft frontpage
    [06/11/2008|15:49] C:\Program Files\Microsoft Office
    [28/02/2009|13:19] C:\Program Files\Microsoft Silverlight
    [09/03/2008|19:43] C:\Program Files\Microsoft SQL Server Compact Edition
    [17/12/2008|13:47] C:\Program Files\Microsoft Sync Framework
    [06/11/2008|15:47] C:\Program Files\Microsoft.NET
    [26/08/2008|05:12] C:\Program Files\Movie Maker
    [09/03/2008|08:45] C:\Program Files\MSN
    [09/03/2008|08:46] C:\Program Files\MSN Gaming Zone
    [12/03/2008|22:18] C:\Program Files\MSXML 4.0
    [04/04/2008|19:47] C:\Program Files\Navilog1
    [26/08/2008|05:07] C:\Program Files\NetMeeting
    [07/05/2008|19:01] C:\Program Files\Nikon
    [09/03/2008|08:46] C:\Program Files\Online Services
    [11/03/2008|15:43] C:\Program Files\OpenOffice.org 2.3
    [22/12/2008|14:55] C:\Program Files\Opera
    [09/03/2008|17:01] C:\Program Files\Orange HSS
    [26/08/2008|05:07] C:\Program Files\Outlook Express
    [03/04/2008|18:35] C:\Program Files\perf
    [14/02/2009|09:59] C:\Program Files\PhotoFiltre Studio
    [23/11/2008|18:04] C:\Program Files\Pinnacle
    [12/02/2009|12:00] C:\Program Files\Project64 1.6
    [07/05/2008|18:58] C:\Program Files\QuickTime
    [09/03/2008|11:34] C:\Program Files\RALINK
    [07/02/2009|19:16] C:\Program Files\Real
    [06/11/2008|16:43] C:\Program Files\ruedesecoles
    [09/03/2008|11:40] C:\Program Files\SAGEM
    [10/03/2008|11:48] C:\Program Files\Satsuki Decoder Pack
    [12/03/2008|06:33] C:\Program Files\ScanSoft
    [09/03/2008|11:39] C:\Program Files\Securitoo
    [09/03/2008|08:49] C:\Program Files\Services en ligne
    [18/02/2009|07:43] C:\Program Files\Spybot - Search & Destroy
    [03/03/2009|07:01] C:\Program Files\Steam
    [09/03/2008|18:03] C:\Program Files\SuperCopier2
    [27/09/2008|17:05] C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    [03/03/2009|08:15] C:\Program Files\trend micro
    [09/03/2008|11:28] C:\Program Files\Uninstall Information
    [21/02/2009|08:49] C:\Program Files\Windows Live
    [24/02/2009|19:04] C:\Program Files\Windows Live Safety Center
    [17/12/2008|13:42] C:\Program Files\Windows Live SkyDrive
    [26/08/2008|05:37] C:\Program Files\Windows Media Player
    [26/08/2008|05:07] C:\Program Files\Windows NT
    [09/03/2008|08:49] C:\Program Files\WindowsUpdate
    [09/03/2008|18:22] C:\Program Files\WMV9_VCM
    [09/03/2008|08:51] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [23/12/2008|11:21] C:\Program Files\Fichiers communs\Adobe
    [12/03/2008|06:32] C:\Program Files\Fichiers communs\CANON
    [06/11/2008|15:49] C:\Program Files\Fichiers communs\DESIGNER
    [09/03/2008|17:00] C:\Program Files\Fichiers communs\France Telecom
    [12/03/2008|06:33] C:\Program Files\Fichiers communs\InstallShield
    [13/03/2008|18:38] C:\Program Files\Fichiers communs\Java
    [21/02/2009|08:42] C:\Program Files\Fichiers communs\Microsoft Shared
    [09/03/2008|08:48] C:\Program Files\Fichiers communs\MSSoap
    [07/05/2008|19:01] C:\Program Files\Fichiers communs\muvee Technologies
    [08/05/2008|10:07] C:\Program Files\Fichiers communs\Nikon
    [09/03/2008|09:38] C:\Program Files\Fichiers communs\ODBC
    [03/02/2009|19:23] C:\Program Files\Fichiers communs\PAC207
    [07/02/2009|19:18] C:\Program Files\Fichiers communs\Real
    [12/03/2008|06:33] C:\Program Files\Fichiers communs\ScanSoft Shared
    [09/03/2008|08:48] C:\Program Files\Fichiers communs\Services
    [09/03/2008|09:38] C:\Program Files\Fichiers communs\SpeechEngines
    [26/08/2008|05:07] C:\Program Files\Fichiers communs\System
    [17/12/2008|13:02] C:\Program Files\Fichiers communs\Windows Live
    [09/03/2008|19:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [07/02/2009|19:19] C:\Program Files\Fichiers communs\xing shared
    [23/11/2008|18:04] C:\Program Files\Fichiers communs\Yahoo!

    --------------------\\ Process

    ( 47 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Defy Memo Find Trust
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@advertstream[2].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@www.adserver5[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@adultfriendfinder[2].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@advertising[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@ero-advertising[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@adin.bigpoint[2].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@bigpoint[2].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@fr.bigpoint[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@fr.board.bigpoint[2].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@fr2.darkorbit.bigpoint[2].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@fr2.darkorbit.bigpoint[3].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@ssl.bigpoint[2].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@ssl.bigpoint[3].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@cotedazurpalace[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@adopt.euroclick[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@pacificpoker[2].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@partygaming.122.2o7[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@partypoker[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@fr1.seafight[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@seafight.blogspot[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@seafight[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@www.seafight[2].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@32vegas[1].txt
    C:\DOCUME~1\DRAGST~1\Cookies\dragster972@banner.32vegas[1].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "find trust seek mail"="C:\\Documents and Settings\\All Users\\Application Data\\Defy Memo Find Trust\\Glue obj.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
    127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
    127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

    -> 10331 [ 70 ## added by CiD ]

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-03-03 08:21:46
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 4

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\DRAGST~1\Mes documents\JeuX\starcraft\crack.txt
    C:\DOCUME~1\DRAGST~1\Mes documents\LimeWire\download\[ PC Games ] - Age of Empires II(FULL)(2)\crack.zip

    [F:1071][D:55]-> C:\DOCUME~1\DRAGST~1\LOCALS~1\Temp
    [F:601][D:0]-> C:\DOCUME~1\DRAGST~1\Cookies
    [F:4028][D:27]-> C:\DOCUME~1\DRAGST~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 03/03/2009| 8:26 - Option : [1]

    --------------------\\ Fin du rapport a 8:26:06
    0
  8. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok ceci est a éviter:

    C:\DOCUME~1\DRAGST~1\Mes documents\JeuX\starcraft\crack.txt
    C:\DOCUME~1\DRAGST~1\Mes documents\LimeWire\download\[ PC Games ] - Age of Empires II(FULL)(2)\crack.zip

    ______________

    refais lop sd

    * Choisis cette fois ci l'Option 2 (Suppression)
    * Ne ferme pas la fenêtre lors de la suppression !
    * Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    0
  9. dragster972 Messages postés 133 Statut Membre 31
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2400+ )
    BIOS : BIOS Date: 11/25/03 13:00:54 Ver: 08.00.09
    USER : dragster972 ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090302-0] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:46 Go)
    D:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 03/03/2009| 8:55 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@advertstream[2].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@www.adserver5[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@adultfriendfinder[2].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@advertising[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@ero-advertising[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@adin.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@fr.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@fr.board.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@fr2.darkorbit.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@fr2.darkorbit.bigpoint[3].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@ssl.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@ssl.bigpoint[3].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@banner.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@adopt.euroclick[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@pacificpoker[2].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@partygaming.122.2o7[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@partypoker[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@fr1.seafight[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@seafight.blogspot[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@seafight[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@www.seafight[2].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@32vegas[1].txt
    Supprime! - C:\DOCUME~1\DRAGST~1\Cookies\dragster972@banner.32vegas[1].txt
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Defy Memo Find Trust
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [03/03/2009|08:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [07/05/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [26/08/2008|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [12/03/2008|06:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
    [07/05/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
    [09/03/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [12/03/2008|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [04/04/2008|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [14/03/2008|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [21/02/2009|08:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [07/05/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nikon
    [23/11/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
    [23/11/2008|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
    [12/03/2008|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    [18/02/2009|08:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [07/05/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
    [23/11/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
    [09/03/2008|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [09/03/2008|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [09/03/2008|08:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [29/04/2008|16:42] C:\DOCUME~1\DRAGST~1\APPLIC~1\Adobe
    [21/04/2008|18:40] C:\DOCUME~1\DRAGST~1\APPLIC~1\AdobeUM
    [01/05/2008|14:42] C:\DOCUME~1\DRAGST~1\APPLIC~1\Canon
    [10/03/2008|11:49] C:\DOCUME~1\DRAGST~1\APPLIC~1\DivX
    [27/02/2009|07:57] C:\DOCUME~1\DRAGST~1\APPLIC~1\eMule
    [22/07/2008|07:49] C:\DOCUME~1\DRAGST~1\APPLIC~1\frag license site
    [09/03/2008|21:33] C:\DOCUME~1\DRAGST~1\APPLIC~1\Google
    [19/02/2009|15:12] C:\DOCUME~1\DRAGST~1\APPLIC~1\gtk-2.0
    [21/07/2008|07:13] C:\DOCUME~1\DRAGST~1\APPLIC~1\Help
    [09/03/2008|11:28] C:\DOCUME~1\DRAGST~1\APPLIC~1\Identities
    [09/03/2008|11:40] C:\DOCUME~1\DRAGST~1\APPLIC~1\InstallShield
    [27/02/2009|12:00] C:\DOCUME~1\DRAGST~1\APPLIC~1\LimeWire
    [01/04/2008|13:58] C:\DOCUME~1\DRAGST~1\APPLIC~1\Macromedia
    [13/11/2008|01:27] C:\DOCUME~1\DRAGST~1\APPLIC~1\Malwarebytes
    [10/03/2008|11:49] C:\DOCUME~1\DRAGST~1\APPLIC~1\Media Player Classic
    [04/02/2009|18:32] C:\DOCUME~1\DRAGST~1\APPLIC~1\Microsoft
    [08/05/2008|10:07] C:\DOCUME~1\DRAGST~1\APPLIC~1\Nikon
    [26/11/2008|22:04] C:\DOCUME~1\DRAGST~1\APPLIC~1\OpenOffice.org2
    [01/04/2008|11:02] C:\DOCUME~1\DRAGST~1\APPLIC~1\Opera
    [27/02/2009|17:40] C:\DOCUME~1\DRAGST~1\APPLIC~1\Real
    [12/03/2008|06:33] C:\DOCUME~1\DRAGST~1\APPLIC~1\ScanSoft
    [21/12/2008|14:18] C:\DOCUME~1\DRAGST~1\APPLIC~1\SecuROM
    [03/04/2008|17:58] C:\DOCUME~1\DRAGST~1\APPLIC~1\Sun
    [30/12/2008|18:04] C:\DOCUME~1\DRAGST~1\APPLIC~1\teamspeak2

    [09/03/2008|08:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [09/03/2008|08:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [03/03/2009 07:01][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [23/12/2008|11:20] C:\Program Files\Adobe
    [09/03/2008|17:28] C:\Program Files\Alwil Software
    [07/05/2008|18:54] C:\Program Files\ArcSoft
    [05/10/2008|15:26] C:\Program Files\Call of Duty Dawnville Demo
    [12/03/2008|06:29] C:\Program Files\Canon
    [12/03/2008|06:26] C:\Program Files\CanonBJ
    [09/03/2008|08:46] C:\Program Files\ComPlus Applications
    [11/11/2008|09:01] C:\Program Files\DivX
    [14/10/2008|11:11] C:\Program Files\Dofus
    [15/10/2008|17:56] C:\Program Files\DofusCalc
    [21/12/2008|14:43] C:\Program Files\Electronic Arts
    [27/02/2009|07:57] C:\Program Files\eMule
    [07/02/2009|19:19] C:\Program Files\Fichiers communs
    [30/03/2008|22:52] C:\Program Files\frag license site
    [26/02/2009|12:07] C:\Program Files\Free FLV Converter
    [12/01/2009|19:27] C:\Program Files\GIMP-2.0
    [09/03/2008|21:15] C:\Program Files\Google
    [31/05/2008|08:58] C:\Program Files\HyCam2
    [03/02/2009|19:33] C:\Program Files\InstallShield Installation Information
    [13/02/2009|07:44] C:\Program Files\Internet Explorer
    [22/12/2008|14:21] C:\Program Files\Java
    [03/02/2009|19:34] C:\Program Files\KYE
    [19/09/2008|12:19] C:\Program Files\LimeWire
    [04/04/2008|16:47] C:\Program Files\Malwarebytes' Anti-Malware
    [03/04/2008|18:18] C:\Program Files\MassGainer
    [26/08/2008|05:21] C:\Program Files\Messenger
    [10/02/2009|10:37] C:\Program Files\Messenger Plus! Live
    [17/12/2008|13:48] C:\Program Files\Microsoft
    [09/03/2008|08:51] C:\Program Files\microsoft frontpage
    [06/11/2008|15:49] C:\Program Files\Microsoft Office
    [28/02/2009|13:19] C:\Program Files\Microsoft Silverlight
    [09/03/2008|19:43] C:\Program Files\Microsoft SQL Server Compact Edition
    [17/12/2008|13:47] C:\Program Files\Microsoft Sync Framework
    [06/11/2008|15:47] C:\Program Files\Microsoft.NET
    [26/08/2008|05:12] C:\Program Files\Movie Maker
    [09/03/2008|08:45] C:\Program Files\MSN
    [09/03/2008|08:46] C:\Program Files\MSN Gaming Zone
    [12/03/2008|22:18] C:\Program Files\MSXML 4.0
    [04/04/2008|19:47] C:\Program Files\Navilog1
    [26/08/2008|05:07] C:\Program Files\NetMeeting
    [07/05/2008|19:01] C:\Program Files\Nikon
    [09/03/2008|08:46] C:\Program Files\Online Services
    [11/03/2008|15:43] C:\Program Files\OpenOffice.org 2.3
    [22/12/2008|14:55] C:\Program Files\Opera
    [09/03/2008|17:01] C:\Program Files\Orange HSS
    [26/08/2008|05:07] C:\Program Files\Outlook Express
    [03/04/2008|18:35] C:\Program Files\perf
    [14/02/2009|09:59] C:\Program Files\PhotoFiltre Studio
    [23/11/2008|18:04] C:\Program Files\Pinnacle
    [12/02/2009|12:00] C:\Program Files\Project64 1.6
    [07/05/2008|18:58] C:\Program Files\QuickTime
    [09/03/2008|11:34] C:\Program Files\RALINK
    [07/02/2009|19:16] C:\Program Files\Real
    [06/11/2008|16:43] C:\Program Files\ruedesecoles
    [09/03/2008|11:40] C:\Program Files\SAGEM
    [10/03/2008|11:48] C:\Program Files\Satsuki Decoder Pack
    [12/03/2008|06:33] C:\Program Files\ScanSoft
    [09/03/2008|11:39] C:\Program Files\Securitoo
    [09/03/2008|08:49] C:\Program Files\Services en ligne
    [18/02/2009|07:43] C:\Program Files\Spybot - Search & Destroy
    [03/03/2009|07:01] C:\Program Files\Steam
    [09/03/2008|18:03] C:\Program Files\SuperCopier2
    [27/09/2008|17:05] C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    [03/03/2009|08:15] C:\Program Files\trend micro
    [09/03/2008|11:28] C:\Program Files\Uninstall Information
    [21/02/2009|08:49] C:\Program Files\Windows Live
    [24/02/2009|19:04] C:\Program Files\Windows Live Safety Center
    [17/12/2008|13:42] C:\Program Files\Windows Live SkyDrive
    [26/08/2008|05:37] C:\Program Files\Windows Media Player
    [26/08/2008|05:07] C:\Program Files\Windows NT
    [09/03/2008|08:49] C:\Program Files\WindowsUpdate
    [09/03/2008|18:22] C:\Program Files\WMV9_VCM
    [09/03/2008|08:51] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [03/03/2009|08:54] C:\Program Files\Fichiers communs\Adobe
    [12/03/2008|06:32] C:\Program Files\Fichiers communs\CANON
    [06/11/2008|15:49] C:\Program Files\Fichiers communs\DESIGNER
    [09/03/2008|17:00] C:\Program Files\Fichiers communs\France Telecom
    [12/03/2008|06:33] C:\Program Files\Fichiers communs\InstallShield
    [13/03/2008|18:38] C:\Program Files\Fichiers communs\Java
    [21/02/2009|08:42] C:\Program Files\Fichiers communs\Microsoft Shared
    [09/03/2008|08:48] C:\Program Files\Fichiers communs\MSSoap
    [07/05/2008|19:01] C:\Program Files\Fichiers communs\muvee Technologies
    [08/05/2008|10:07] C:\Program Files\Fichiers communs\Nikon
    [09/03/2008|09:38] C:\Program Files\Fichiers communs\ODBC
    [03/02/2009|19:23] C:\Program Files\Fichiers communs\PAC207
    [07/02/2009|19:18] C:\Program Files\Fichiers communs\Real
    [12/03/2008|06:33] C:\Program Files\Fichiers communs\ScanSoft Shared
    [09/03/2008|08:48] C:\Program Files\Fichiers communs\Services
    [09/03/2008|09:38] C:\Program Files\Fichiers communs\SpeechEngines
    [26/08/2008|05:07] C:\Program Files\Fichiers communs\System
    [17/12/2008|13:02] C:\Program Files\Fichiers communs\Windows Live
    [09/03/2008|19:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [07/02/2009|19:19] C:\Program Files\Fichiers communs\xing shared
    [23/11/2008|18:04] C:\Program Files\Fichiers communs\Yahoo!

    --------------------\\ Process

    ( 52 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-03-03 08:57:19
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    C:\DOCUME~1\DRAGST~1\LOCALS~1\APPLIC~1\NOS\nos01524
    scan completed successfully
    hidden processes: 0
    hidden files: 5

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\DRAGST~1\Mes documents\JeuX\starcraft\crack.txt
    C:\DOCUME~1\DRAGST~1\Mes documents\LimeWire\download\[ PC Games ] - Age of Empires II(FULL)(2)\crack.zip

    [F:1073][D:55]-> C:\DOCUME~1\DRAGST~1\LOCALS~1\Temp
    [F:576][D:0]-> C:\DOCUME~1\DRAGST~1\Cookies
    [F:4028][D:27]-> C:\DOCUME~1\DRAGST~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 03/03/2009| 8:26 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 03/03/2009| 9:06 - Option : [2]

    --------------------\\ Fin du rapport a 9:06:52
    0
  10. dragster972 Messages postés 133 Statut Membre 31
     
    C'est quoi le truc javaRA ? ou je peux le télécharger ?
    0
  11. dragster972 Messages postés 133 Statut Membre 31
     
    j'ai la plus récente version
    0
  12. muco45 Messages postés 492 Statut Membre 66
     
    ""
    0
  13. dragster972 Messages postés 133 Statut Membre 31
     
    comme je n'ai pas trouver le chemin, je lance une recherche pour trouver le dossier
    0
  14. dragster972 Messages postés 133 Statut Membre 31
     
    je trouve vraiment pas le chemin pour tant je fais : poste de travail > disque dure C: > document an setting > application data et après ça , rien, pas de fichier BOLTKE
    0
  15. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    remets ensuite un rapport RSIT
    0
  16. dragster972 Messages postés 133 Statut Membre 31
     
    Logfile of random's system information tool 1.05 (written by random/random)
    Run by dragster972 at 2009-03-03 11:02:06
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 48 GB (61%) free of 78 GB
    Total RAM: 479 MB (19% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:03:13, on 03/03/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Orange HSS\Systray\SystrayApp.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\PixArt\PAC207\Monitor.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Orange HSS\Launcher\Launcher.exe
    C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
    C:\Program Files\RALINK\Common\RaUI.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Orange HSS\Deskboard\deskboard.exe
    C:\Program Files\Orange HSS\connectivity\connectivitymanager.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Opera\opera.exe
    C:\Documents and Settings\dragster972\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\dragster972.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [BMISR] C:\Program Files\KYE\WebMate\BM.exe
    O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [About ping] C:\DOCUME~1\DRAGST~1\APPLIC~1\FRAGLI~1\Find Close 1.exe
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdS7_0_0
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; NaviWoo2.0; Orange 8.0; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.rasterwerks.com/game/phosphor/beta1.asp"
    O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: https://www.orange.fr/portail
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    0
  17. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    fixe cette ligne avec hijakchits:

    O4 - HKCU\..\Run: [About ping] C:\DOCUME~1\DRAGST~1\APPLIC~1\FRAGLI~1\Find Close 1.exe

    __________________

    Télécharge ceci: (by Moe) :

    http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe

    Double clic sur Lopxpsetup.exe pour lancer l'installation
    Au menu, choisir l'option 1
    Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
    Une rapport sera alors crée, à copie/colle en entier sur le forum.
    0
  18. dragster972 Messages postés 133 Statut Membre 31
     
    # Rapport Lopxp fait le 03/03/2009 à 11:23:54
    # Exécuté dans : C:\Program Files\Lopxp
    # Version 3.10 - Maj du 11/04/2008

    ========== Listing des dossiers Application Data

    +- C:\Documents and Settings\All Users\Application Data

    2009-03-03 à 08:03:45 - Adobe
    2008-05-07 à 17:57:17 - Apple Computer
    2008-08-26 à 14:23:59 - BVRP Software
    2008-03-12 à 05:28:01 - CanonBJ
    2008-05-07 à 18:00:43 - EnterNHelp
    2008-03-09 à 20:15:12 - Google
    2008-03-12 à 05:33:58 - InstallShield
    2008-04-04 à 15:47:06 - Malwarebytes
    2008-03-14 à 15:34:30 - Messenger Plus!
    2009-02-21 à 07:48:17 - Microsoft
    2008-05-07 à 18:01:25 - Nikon
    2008-11-23 à 16:44:20 - Pinnacle
    2008-11-23 à 17:32:26 - Pinnacle VideoSpin
    2008-03-12 à 05:33:52 - ScanSoft
    2009-02-18 à 07:23:08 - Spybot - Search & Destroy
    2008-05-07 à 18:00:43 - Ultima_T15
    2008-11-23 à 17:04:41 - VideoSpin
    2008-03-09 à 17:34:01 - Windows Genuine Advantage
    2008-03-09 à 18:29:43 - WLInstaller

    +- C:\Documents and Settings\dragster972\Application Data

    2008-04-29 à 15:42:39 - Adobe
    2008-04-21 à 17:40:15 - AdobeUM
    2008-05-01 à 13:42:08 - Canon
    2008-03-10 à 10:49:31 - DivX
    2009-02-27 à 06:57:43 - eMule
    2008-07-22 à 06:49:59 - frag license site
    2008-03-09 à 20:33:42 - Google
    2009-02-19 à 14:12:57 - gtk-2.0
    2008-07-21 à 06:13:12 - Help
    2008-03-09 à 10:28:51 - Identities
    2008-03-09 à 10:40:25 - InstallShield
    2009-02-27 à 11:00:10 - LimeWire
    2008-04-01 à 12:58:31 - Macromedia
    2008-11-13 à 00:27:14 - Malwarebytes
    2008-03-10 à 10:49:32 - Media Player Classic
    2009-02-04 à 17:32:08 - Microsoft
    2008-05-08 à 09:07:14 - Nikon
    2008-11-26 à 21:04:16 - OpenOffice.org2
    2008-04-01 à 10:02:09 - Opera
    2009-02-27 à 16:40:35 - Real
    2008-03-12 à 05:33:55 - ScanSoft
    2008-12-21 à 13:18:35 - SecuROM
    2008-04-03 à 16:58:44 - Sun
    2008-12-30 à 17:04:14 - teamspeak2

    +- C:\Documents and Settings\dragster972\Local Settings\Application Data

    2009-03-03 à 08:03:56 - Adobe
    2008-05-07 à 17:57:03 - Apple Computer
    2008-12-21 à 13:44:56 - Deployment
    2008-12-21 à 13:15:19 - Downloaded Installations
    2008-03-09 à 20:23:52 - Google
    2008-07-21 à 06:13:12 - Help
    2008-03-21 à 13:58:50 - Identities
    2009-01-25 à 13:16:06 - Microsoft
    2008-07-28 à 05:04:08 - Mozilla
    2008-06-17 à 16:41:11 - Opera
    2008-03-12 à 09:56:09 - Scansoft
    2008-03-11 à 16:02:26 - Steam

    ========== Listing du dossier Program Files

    +- C:\Program Files

    2009-03-03 à 07:58:05 - Adobe
    2008-03-09 à 16:28:52 - Alwil Software
    2008-05-07 à 17:54:45 - ArcSoft
    2008-10-05 à 14:26:04 - Call of Duty Dawnville Demo
    2008-03-12 à 05:29:24 - Canon
    2008-03-12 à 05:26:54 - CanonBJ
    2008-03-09 à 07:46:45 - ComPlus Applications
    2008-11-11 à 08:01:02 - DivX
    2008-10-14 à 10:11:42 - Dofus
    2008-10-15 à 16:56:37 - DofusCalc
    2008-12-21 à 13:43:09 - Electronic Arts
    2009-02-27 à 06:57:43 - eMule
    2009-03-03 à 07:58:05 - Fichiers communs
    2008-03-30 à 21:52:57 - frag license site
    2009-02-26 à 11:07:44 - Free FLV Converter
    2009-01-12 à 18:27:47 - GIMP-2.0
    2008-03-09 à 20:15:10 - Google
    2008-05-31 à 07:58:30 - HyCam2
    2009-02-03 à 18:33:57 - InstallShield Installation Information
    2009-02-13 à 06:44:14 - Internet Explorer
    2008-12-22 à 13:21:56 - Java
    2009-02-03 à 18:34:10 - KYE
    2008-09-19 à 11:19:37 - LimeWire
    2009-03-03 à 10:24:15 - Lopxp
    2008-04-04 à 15:47:09 - Malwarebytes' Anti-Malware
    2008-04-03 à 17:18:21 - MassGainer
    2008-08-26 à 04:21:43 - Messenger
    2009-02-10 à 09:37:08 - Messenger Plus! Live
    2008-12-17 à 12:48:14 - Microsoft
    2008-03-09 à 07:51:27 - microsoft frontpage
    2008-11-06 à 14:49:42 - Microsoft Office
    2009-02-28 à 12:19:50 - Microsoft Silverlight
    2008-03-09 à 18:43:18 - Microsoft SQL Server Compact Edition
    2008-12-17 à 12:47:45 - Microsoft Sync Framework
    2008-11-06 à 14:47:58 - Microsoft.NET
    2008-08-26 à 04:12:36 - Movie Maker
    2008-03-09 à 07:45:28 - MSN
    2008-03-09 à 07:46:18 - MSN Gaming Zone
    2008-03-12 à 21:18:07 - MSXML 4.0
    2008-04-04 à 18:47:41 - Navilog1
    2008-08-26 à 04:07:29 - NetMeeting
    2008-05-07 à 18:01:18 - Nikon
    2008-03-09 à 07:46:30 - Online Services
    2008-03-11 à 14:43:53 - OpenOffice.org 2.3
    2008-12-22 à 13:55:28 - Opera
    2008-03-09 à 16:01:24 - Orange HSS
    2008-08-26 à 04:07:22 - Outlook Express
    2008-04-03 à 17:35:16 - perf
    2009-02-14 à 08:59:43 - PhotoFiltre Studio
    2008-11-23 à 17:04:42 - Pinnacle
    2009-02-12 à 11:00:53 - Project64 1.6
    2008-05-07 à 17:58:43 - QuickTime
    2008-03-09 à 10:34:17 - RALINK
    2009-02-07 à 18:16:28 - Real
    2008-11-06 à 15:43:07 - ruedesecoles
    2008-03-09 à 10:40:29 - SAGEM
    2008-03-10 à 10:48:57 - Satsuki Decoder Pack
    2008-03-12 à 05:33:20 - ScanSoft
    2008-03-09 à 10:39:50 - Securitoo
    2008-03-09 à 07:49:20 - Services en ligne
    2009-02-18 à 06:43:02 - Spybot - Search & Destroy
    2009-03-03 à 06:01:57 - Steam
    2008-03-09 à 17:03:52 - SuperCopier2
    2008-09-27 à 16:05:36 - TeaTimer (Spybot - Search & Destroy)
    2009-03-03 à 07:15:49 - trend micro
    2008-03-09 à 10:28:49 - Uninstall Information
    2009-02-21 à 07:49:06 - Windows Live
    2009-02-24 à 18:04:48 - Windows Live Safety Center
    2008-12-17 à 12:42:45 - Windows Live SkyDrive
    2008-08-26 à 04:37:00 - Windows Media Player
    2008-08-26 à 04:07:23 - Windows NT
    2008-03-09 à 07:49:25 - WindowsUpdate
    2008-03-09 à 17:22:14 - WMV9_VCM
    2008-03-09 à 07:51:28 - xerox

    ========== Tâches planifiées

    Aucune tâche planifiée détecté.

    ========== Clés registre

    ========== Bloqueur popups Internet Explorer

    Blocage des popups non géré par cette version du navigateur.

    ========== Suggestion ( /!\ Nécessite une interprétation.) ==========

    C:\Documents and Settings\dragster972\Application Data\frag license site
    C:\Program Files\frag license site

    +- Registre : Aucune suggestion.

    - Fin du rapport -
    0
  19. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    # Aller dans : Démarrer > Exécuter puis copier/coller la ligne suivante en gras :

    * "%programfiles%\Lopxp\Lopxp.bat" /Fixme puis valider,

    # Le mode fixe reprendra tous les fichiers mentionnés dans la partie suggestion du 1er rapport généré.
    # Pour chaque fichier, il faudra accepter (appuyer sur la touche y)

    mets le rapport
    ________________________

    colle un scan en ligne de chez bitdefender:

    https://www.bitdefender.com/toolbox/
    0
  20. dragster972 Messages postés 133 Statut Membre 31
     
    j'ai fait execute tout ça, mais quand je tape "%programfiles%\Lopxp\Lopxp.bat" ça ouvre lopxp et il n'y a que 3 choix :
    - 1: faire un rapport
    - 2 quitter
    - 3 désinstaller
    0
  • 1
  • 2