Problème iexplorer.exe

Résolu
link348 Messages postés 22 Statut Membre -  
link348 Messages postés 22 Statut Membre -
Bonsoir, alors depuis aujourd'hui j'ai remarqué que le processus iexplorer.exe se lance tout seul en double exemplaire...
J'ai fait une analyse anti virus, négative et j'ai voulu faire une analyse avec Malwarebytes' Anti-Malware cependant impossible de le lancer, j'ai donc essayer de le réinstaller et de le lancer, marche toujours pas ;-(
Je ne suis pas un expert en la matière mais je crains d'être infecté ^^
Merci d'avance pour vos éventuelles réponses et/ou solutions.

26 réponses

  • 1
  • 2
Réponse 1 / 26
link348 Messages postés 22 Statut Membre 1
 
Re.
Alors un gros merci pour la résolution de mon problème et merci aussi pour tout tes précieux conseils que je vais suivre à la lettre ;p
1
Réponse 2 / 26
Utilisateur anonyme
 
salut :

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

▶ Télécharge List&Kill'em et enregistre-le sur ton bureau

Il ne necessite pas d'installation

▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

choisis la langue puis choisis l'option 1 = Mode Recherche

▶laisse travailler l'outil

le rapport va s'afficher , une fois le scan fini

▶▶▶▶▶▶▶ ATTENTION : Efface ton adresse IP stp !!!!

ici :

[121]: KB973815 - Update
[122]: KB973869 - Update
[123]: XpsEPSC
Carte(s) r‚seau: 4 carte(s) r‚seau install‚e(s).
[01]: Bluetooth PAN Network Adapter
Nom de la connexion : Connexion au r‚seau local 2
tat : Support d‚connect‚
[02]: Intel(R) PRO/1000 CT Network Connection
Nom de la connexion : Connexion au r‚seau local
DHCP activ‚ : Non
Adresse(s) IP
[01] : 192.168.0.11
[03]: VirtualBox Host-Only Ethernet Adapter
Nom de la connexion : VirtualBox Host-Only Network
DHCP activ‚ : Non
Adresse(s) IP
[01] : 192.168.56.1
[04]: VirtualBox Host-Only Ethernet Adapter
Nom de la connexion : VirtualBox Host-Only Network #2
DHCP activ‚ : Non
Adresse(s) IP
[01] : 192.168.217.1

Nom de l'image PIDÿ Nom de la sessio Num‚ro d Utilisation
========================= ====== ================ ======== ============
System Idle Process 0 Console 0 16 Ko
System 4 Console 0 244 Ko
smss.exe 916 Console 0 400 Ko
csrss.exe 972 Console 0 4ÿ456 Ko
winlogon.exe 996 Console 0 3ÿ536 Ko

▶colle le contenu dans ta prochaine réponse
0
Réponse 3 / 26
link348 Messages postés 22 Statut Membre 1
 
Re, voici le rapport (mon adresse ip n'est apparue qu'une fois, normal ? ) :

List'em by g3n-h@ckm@n 1.0.2.8

updated on 23.08.2009 ::::: 09.40


Microsoft Windows XP [version 5.1.2600]


23/08/2009 10:20:51,90


Nom de l'h“te: YZUL
Nom du systŠme d'exploitation: Microsoft Windows XP Professionnel
Version du systŠme: 5.1.2600 Service Pack 3 version 2600
Fabricant du systŠme d'exploitation: Microsoft Corporation
Configuration du systŠme d'exploitation: Station de travail autonome
Type de version du systŠme d'exploitation: Multiprocessor Free
Propri‚taire enregistr‚ÿ: EMILE
Organisation enregistr‚eÿ:
Identificateur de produit: 76413-OEM-0011903-00824
Date d'installation originale: 16/03/2008, 20:46:38
Dur‚e d'activit‚ systŠme: 0 jours, 0 heures, 27 minutes, 20 secondes
Fabricant du systŠme: Packard Bell BV
ModŠle du systŠme: IMEDIA MC 9522
Type du systŠme: X86-based PC
Processeur(s): 1 processeur(s) install‚(s).
[01]: x86 Family 15 Model 6 Stepping 4 GenuineIntel ~2793 MHz
Version du BIOS: RC410 - 42302e31
R‚pertoire Windows: C:\WINDOWS
R‚pertoire systŠme: C:\WINDOWS\system32
P‚riph‚rique d'amor‡age: \Device\HarddiskVolume1
Option r‚gionale du systŠme: fr;Fran‡ais (France)
ParamŠtres r‚gionaux d'entr‚eÿ: fr;Fran‡ais (France)
Fuseau horaire: N/D
M‚moire physique totale: 2ÿ046 Mo
M‚moire physique disponible: 1ÿ419 Mo
M‚moire virtuelle : taille maximale: 2ÿ048 Mo
M‚moire virtuelle : disponible: 2ÿ000 Mo
M‚moire virtuelle : en cours d'utilisation: 48 Mo
Emplacements des fichiers d'‚change: C:\pagefile.sys
Domaine: MSHOME
Serveur d'ouverture de session: \\YZUL
Correctif(s): 158 Corrections install‚es.
[01]: File 1
[02]: File 1
[03]: File 1
[04]: File 1
[05]: File 1
[06]: File 1
[07]: File 1
[08]: File 1
[09]: File 1
[10]: File 1
[11]: File 1
[12]: File 1
[13]: File 1
[14]: File 1
[15]: File 1
[16]: File 1
[17]: File 1
[18]: File 1
[19]: File 1
[20]: File 1
[21]: File 1
[22]: File 1
[23]: File 1
[24]: File 1
[25]: File 1
[26]: File 1
[27]: File 1
[28]: File 1
[29]: File 1
[30]: File 1
[31]: File 1
[32]: File 1
[33]: File 1
[34]: File 1
[35]: File 1
[36]: File 1
[37]: File 1
[38]: File 1
[39]: File 1
[40]: File 1
[41]: File 1
[42]: File 1
[43]: File 1
[44]: File 1
[45]: File 1
[46]: File 1
[47]: File 1
[48]: File 1
[49]: File 1
[50]: File 1
[51]: File 1
[52]: File 1
[53]: File 1
[54]: File 1
[55]: File 1
[56]: File 1
[57]: File 1
[58]: File 1
[59]: File 1
[60]: File 1
[61]: File 1
[62]: File 1
[63]: File 1
[64]: File 1
[65]: File 1
[66]: File 1
[67]: File 1
[68]: Q147222
[69]: KB887998 - QFE
[70]: KB930494 - QFE
[71]: SP3 - SP
[72]: M928366 - Update
[73]: S867460 - Update
[74]: KB900325 - Update
[75]: KB898458 - Update
[76]: KB929399
[77]: KB952069_WM9
[78]: KB973540_WM9
[79]: KB911565
[80]: KB913800
[81]: KB917734_WMP10
[82]: KB926251
[83]: KB936782_WMP10
[84]: KB936782_WMP11
[85]: KB939683
[86]: KB954154_WM11
[87]: KB959772_WM11
[88]: KB925398_WMP64
[89]: KB923689
[90]: KB941569
[91]: KB969497-IE8 - Update
[92]: KB969897-IE8 - Update
[93]: KB972260-IE8 - Update
[94]: MSCompPackV1 - Update
[95]: KB936929 - Service Pack
[96]: KB923561 - Update
[97]: KB938464 - Update
[98]: KB946648 - Update
[99]: KB950759 - Update
[100]: KB950760 - Update
[101]: KB950762 - Update
[102]: KB950974 - Update
[103]: KB951066 - Update
[104]: KB951072-v2 - Update
[105]: KB951376 - Update
[106]: KB951376-v2 - Update
[107]: KB951698 - Update
[108]: KB951748 - Update
[109]: KB951978 - Update
[110]: KB952004 - Update
[111]: KB952287 - Update
[112]: KB952954 - Update
[113]: KB953838 - Update
[114]: KB953839 - Update
[115]: KB954211 - Update
[116]: KB954459 - Update
[117]: KB954550-v5 - Update
[118]: KB954600 - Update
[119]: KB955069 - Update
[120]: KB955839 - Update
[121]: KB956390 - Update
[122]: KB956391 - Update
[123]: KB956572 - Update
[124]: KB956744 - Update
[125]: KB956802 - Update
[126]: KB956803 - Update
[127]: KB956841 - Update
[128]: KB957095 - Update
[129]: KB957097 - Update
[130]: KB958215 - Update
[131]: KB958644 - Update
[132]: KB958687 - Update
[133]: KB958690 - Update
[134]: KB959426 - Update
[135]: KB960225 - Update
[136]: KB960714 - Update
[137]: KB960715 - Update
[138]: KB960803 - Update
[139]: KB960859 - Update
[140]: KB961118 - Update
[141]: KB961371 - Update
[142]: KB961373 - Update
[143]: KB961501 - Update
[144]: KB961503 - Update
[145]: KB963027 - Update
[146]: KB967715 - Update
[147]: KB968389 - Update
[148]: KB968537 - Update
[149]: KB969898 - Update
[150]: KB970238 - Update
[151]: KB971557 - Update
[152]: KB971633 - Update
[153]: KB971657 - Update
[154]: KB973346 - Update
[155]: KB973354 - Update
[156]: KB973507 - Update
[157]: KB973815 - Update
[158]: KB973869 - Update
Carte(s) r‚seau: 3 carte(s) r‚seau install‚e(s).
[01]: Realtek RTL8139/810x Family Fast Ethernet NIC
Nom de la connexion : Connexion au r‚seau local
tat : Support d‚connect‚
[02]: Carte r‚seau 1394
Nom de la connexion : Connexion 1394
DHCP activ‚ : Oui
Serveur DHCP : N/D
Adresse(s) IP
[03]: Miniport de pont MAC
Nom de la connexion : Pont r‚seau
DHCP activ‚ : Non
Adresse(s) IP

Nom de l'image PIDÿ Nom de la sessio Num‚ro d Utilisation
========================= ====== ================ ======== ============
System Idle Process 0 Console 0 28 Ko
System 4 Console 0 256 Ko
smss.exe 712 Console 0 424 Ko
csrss.exe 768 Console 0 5ÿ040 Ko
winlogon.exe 804 Console 0 1ÿ256 Ko
services.exe 852 Console 0 5ÿ200 Ko
lsass.exe 864 Console 0 1ÿ816 Ko
svchost.exe 1068 Console 0 9ÿ544 Ko
svchost.exe 1136 Console 0 6ÿ472 Ko
svchost.exe 1264 Console 0 29ÿ996 Ko
svchost.exe 1328 Console 0 5ÿ116 Ko
svchost.exe 1504 Console 0 4ÿ676 Ko
spoolsv.exe 1604 Console 0 5ÿ664 Ko
sched.exe 1672 Console 0 452 Ko
svchost.exe 1748 Console 0 5ÿ000 Ko
explorer.exe 1940 Console 0 15ÿ196 Ko
avguard.exe 272 Console 0 1ÿ724 Ko
guard.exe 348 Console 0 16ÿ684 Ko
ehrecvr.exe 496 Console 0 35ÿ000 Ko
ehSched.exe 516 Console 0 4ÿ128 Ko
nvsvc32.exe 1288 Console 0 5ÿ172 Ko
oodag.exe 1896 Console 0 5ÿ792 Ko
svchost.exe 192 Console 0 5ÿ660 Ko
X10nets.exe 464 Console 0 5ÿ352 Ko
alg.exe 3108 Console 0 4ÿ720 Ko
ctfmon.exe 3804 Console 0 4ÿ648 Ko
CnxMon.exe 1204 Console 0 4ÿ684 Ko
TaskBarIcon.exe 1964 Console 0 5ÿ264 Ko
avgnt.exe 2164 Console 0 2ÿ648 Ko
MemOptimizer.exe 3772 Console 0 13ÿ940 Ko
msnmsgr.exe 1544 Console 0 29ÿ592 Ko
dslmon.exe 2800 Console 0 5ÿ784 Ko
vlc.exe 2160 Console 0 28ÿ140 Ko
EspaceWanadoo.exe 3876 Console 0 9ÿ092 Ko
ComComp.exe 3696 Console 0 8ÿ860 Ko
Watch.exe 3288 Console 0 3ÿ416 Ko
wlcomm.exe 3116 Console 0 30ÿ920 Ko
firefox.exe 2596 Console 0 98ÿ696 Ko
iexplore.exe 1004 Console 0 16ÿ396 Ko
iexplore.exe 2776 Console 0 22ÿ180 Ko
List_Killem.exe 1380 Console 0 6ÿ128 Ko
cmd.exe 3192 Console 0 3ÿ728 Ko
wmiprvse.exe 2540 Console 0 9ÿ032 Ko
wmiprvse.exe 3332 Console 0 5ÿ992 Ko
tasklist.exe 2948 Console 0 5ÿ600 Ko

Infections :
==========


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"D:\Documents and Settings\All Users\Application Data\.zreglib"
"D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\System32\prnjobs.vbs"
D:\Documents and Settings\TEMP\LOCAL Settings\Temp\tmpA.tmp

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

HKLM\SOFTWARE\UAC

¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

ACRORD32.EXE-13285B88.pf
AION.BIN-35EBF22C.pf
AION.EXE-0240BD4C.pf
AIONFR.EXE-134168DB.pf
ALG.EXE-0F138680.pf
AVCENTER.EXE-1A970FA0.pf
AVCONFIG.EXE-1ECA67AD.pf
AVGNT.EXE-200FEF40.pf
AVGUARD.EXE-27095CE7.pf
AVIRA_ANTIVIR_PERSONAL_FREE.E-273752C1.pf
AVNOTIFY.EXE-05ED5FD8.pf
AVP.EXE-03AED8E8.pf
AVP.EXE-07674317.pf
AVSCAN.EXE-07FC469C.pf
AVWSC.EXE-0283F9DD.pf
CMD.EXE-087B4001.pf
COMCOMP.EXE-063CBADA.pf
CONTROL.EXE-013DBFB5.pf
CRASHREPORTER.EXE-29951F6F.pf
DISKEXPLORER.EXE-20D21A35.pf
DLLHOST.EXE-5353C76C.pf
DRVINS32.EXE-00B9CD43.pf
DRVINS32.EXE-11FC7533.pf
DRVINS32.EXE-39BB8F93.pf
DSLMON.EXE-1476FDB3.pf
DUMPREP.EXE-1B46F901.pf
DWWIN.EXE-30875ADC.pf
ESPACEWANADOO.EXE-26D5ECCC.pf
EXPLORER.EXE-082F38A9.pf
FACT.EXE-2CB0B2DB.pf
FDM.EXE-0654E435.pf
FDM.EXE-1EBA87D2.pf
FDMINST.EXE-38C89053.pf
FDMINST.TMP-0E5F0711.pf
FFMPEG.EXE-07626357.pf
FIREFOX.EXE-28641590.pf
GAMEGUARD.DES-1009C82E.pf
GAMEMON.DES-31C744C3.pf
GRPCONV.EXE-111CD845.pf
GUARDGUI.EXE-00ECD849.pf
HELPER.EXE-0415776D.pf
IEXPLORE.EXE-27122324.pf
IMAPI.EXE-0BF740A4.pf
INCOSNET.TMP-0C2E24DA.pf
INSTALL.EXE-38AED5BB.pf
INTEGRATOR.EXE-2F2D54A9.pf
KAV9.0.0.463FR.EXE-310DB941.pf
KLWTBLFS.EXE-1FF12DBC.pf
KLWTBLFS.EXE-393332CD.pf
KLWTBWS.EXE-0EAB0D7E.pf
KLWTBWS.EXE-17E56C2F.pf
Layout.ini
LOGONUI.EXE-0AF22957.pf
LVCOMSER.EXE-14FF533D.pf
MBAM-SETUP.EXE-032C737F.pf
MBAM-SETUP.TMP-3257EA8C.pf
MBAM.EXE-0BEE0439.pf
MBAMGUI.EXE-1286D63B.pf
META4.EXE-00652949.pf
MMC.EXE-39071BCC.pf
MSCONFIG.EXE-35E4DAE9.pf
MSHTA.EXE-331DF029.pf
MSIEXEC.EXE-2F8A8CAE.pf
MSNMSGR.EXE-030AB647.pf
NCLAUNCHER.EXE-357BA581.pf
NETCFG.EXE-126CB6DB.pf
NETCFG.EXE-2A9713F7.pf
NOTEPAD.EXE-336351A9.pf
NTOSBOOT-B00DFAAD.pf
PDFUPD.EXE-30EF9530.pf
PING.EXE-31216D26.pf
PRESETUP.EXE-2E682BD5.pf
RAPIMGR.EXE-1396F1D1.pf
REGISTRYCLEANER.EXE-0BAC2A6C.pf
REGSVR32.EXE-25EEFE2F.pf
RUNDLL32.EXE-132B2031.pf
RUNDLL32.EXE-13DA0E71.pf
RUNDLL32.EXE-169AA918.pf
RUNDLL32.EXE-1831A4F3.pf
RUNDLL32.EXE-1FFC673C.pf
RUNDLL32.EXE-20A8C272.pf
RUNDLL32.EXE-22E35C38.pf
RUNDLL32.EXE-23A78343.pf
RUNDLL32.EXE-23F3CCB2.pf
RUNDLL32.EXE-26C2C861.pf
RUNDLL32.EXE-275E3EA1.pf
RUNDLL32.EXE-2CBA7525.pf
RUNDLL32.EXE-2DD29640.pf
RUNDLL32.EXE-2E5AF1D7.pf
RUNDLL32.EXE-35A483DA.pf
RUNDLL32.EXE-35DEC1DC.pf
RUNDLL32.EXE-37EEC05D.pf
RUNDLL32.EXE-3805D4E6.pf
RUNDLL32.EXE-3F22660F.pf
RUNDLL32.EXE-451FC2C0.pf
RUNDLL32.EXE-45B23B99.pf
RUNDLL32.EXE-461A0431.pf
RUNONCE.EXE-2803F297.pf
SCHED.EXE-030F29E1.pf
SETUP.EXE-2DFC9412.pf
SETUP.EXE-32FFBBC9.pf
SETUP.EXE-3350D3BA.pf
SETUP_WM.EXE-3135CBD6.pf
SIINST.EXE-10B3A577.pf
SIINST.TMP-109ACD99.pf
SPOOLSV.EXE-282F76A7.pf
STEAM.EXE-04B49A3E.pf
STEAMTMP.EXE-0310CEC1.pf
SUPER.EXE-24A8283F.pf
SYSTEMOPTIMIZER.EXE-393C20C0.pf
TASKMGR.EXE-20256C55.pf
UPDATE.EXE-2577D203.pf
UPDATER.EXE-39BFBCA4.pf
UTORRENT.EXE-3888D1B0.pf
VCREDIST_X86.EXE-3B79D4BA.pf
VERCLSID.EXE-3667BD89.pf
VLC.EXE-22DF01AA.pf
WATCH.EXE-0DACDE18.pf
WCESCOMM.EXE-062FDF7F.pf
WINRAR.EXE-39C6DAD9.pf
WLCOMM.EXE-04AE9009.pf
WMIPRVSE.EXE-28F301A9.pf
WMPFIREFOXPLUGIN.EXE-2C61D704.pf
WMPLAYER.EXE-18DDEFA2.pf
WORDPAD.EXE-02314C89.pf
WOW.EXE-1039AE4F.pf
WSCNTFY.EXE-1B24F5EB.pf
WUAUCLT.EXE-399A8E72.pf
XA.TMP-1A8730D4.pf
XDELTA.EXE-0EE1F26F.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 4 / 26
Utilisateur anonyme
 
Ferme toutes tes fenetres(y compris internet et windows live messenger) , puis :

▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),

mais cette fois-ci :

▶ choisis l'option 2 = Mode Destruction

laisse travailler l'outil

apres les verifications , un rapport va s'ouvrir.

▶ ferme-le.

un deuxieme rapport va s'ouvrir ,

▶ colle son contenu dans ta reponse
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 26
link348 Messages postés 22 Statut Membre 1
 
Re, je vient de remarquer (c'est peu être sans rapport) que lorsque je désactive mon anti virus et mon par feu je n'est aucun message de windows pour me dire que ma "sécurité est menacée"

Sinon voici le deuxième rapport :

Kill'em by g3n-h@ckm@n 1.0.2.8

updated on 23.08.2009 ::::: 09.40


Microsoft Windows XP [version 5.1.2600]


23/08/2009 10:40:17,51

Fichiers analysés :
=================


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"D:\Documents and Settings\All Users\Application Data\.zreglib"
"D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\System32\prnjobs.vbs"
D:\Documents and Settings\TEMP\LOCAL Settings\Temp\tmpA.tmp


¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :

Quarantaine :

.zreglib.Kill'em
prnjobs.vbs.Kill'em
qmgr0.dat.Kill'em
qmgr1.dat.Kill'em
tmpA.tmp.Kill'em

¤¤¤¤¤¤¤¤¤¤ Verification :



Infections :
==========


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"C:\WINDOWS\System32\prnjobs.vbs"

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

HKLM\SOFTWARE\UAC

¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

Layout.ini
NTOSBOOT-B00DFAAD.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 6 / 26
Utilisateur anonyme
 
▶ Double clic sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous Customs Scans/Fixes :

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\UAC]


:files
C:\WINDOWS\System32\prnjobs.vbs


:commands
[emptytemp]
[reboot]


▶ Clique sur RunFix pour lancer la suppression.


▶ Poste le rapport.
0
Réponse 7 / 26
link348 Messages postés 22 Statut Membre 1
 
Re, un ptit lien pour OTL.exe stp ? ^^

Je ne sais pas si se problème est lié mais lorsque j'essaye de me connecter sur des sites internet je suis automatiquement renvoyer sur des sites qui n'ont rien a voir, site porno ect....
0
Réponse 8 / 26
Utilisateur anonyme
 
c'est lié

desolé pour le lien :

OTL de OLDTimer
0
Réponse 9 / 26
link348 Messages postés 22 Statut Membre 1
 
Re, voila le rapport
Je pense que c'est "bon signe" je peut lancer Malwarebytes' Anti-Malware à présent :)

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\UAC\ deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\prnjobs.vbs moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: EMILE.YZUL
File delete failed. D:\Documents and Settings\EMILE.YZUL\Local Settings\Temp\[Torrentsworld.net] - Kaspersky Internet security key (as on May 28)[.torrent scheduled to be deleted on reboot.
->Temp folder emptied: 1101968 bytes
->Temporary Internet Files folder emptied: 7422387 bytes
->Java cache emptied: 528831 bytes
->FireFox cache emptied: 79518177 bytes

User: LocalService
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
->Temp folder emptied: 115348 bytes
->Temporary Internet Files folder emptied: 299557 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP
->Temp folder emptied: 157555420 bytes
->Temporary Internet Files folder emptied: 1997556 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 48087194 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\09D796A099CB4A1AA5E5E026042DCF09.TMP folder deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\NV23362856.TMP folder deleted successfully.
C:\WINDOWS\NV28202732.TMP folder deleted successfully.
%systemroot% .tmp files removed: 30230871 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 259455 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 312,03 mb


OTL by OldTimer - Version 3.0.10.7 log created on 08232009_110703

Files\Folders moved on Reboot...
File\Folder D:\Documents and Settings\EMILE.YZUL\Local Settings\Temp\[Torrentsworld.net] - Kaspersky Internet security key (as on May 28)[.torrent not found!

Registry entries deleted on Reboot...
0
Réponse 10 / 26
Utilisateur anonyme
 
non

▶ Double clic sur OTL.exe pour le lancer.

▶ Coche les 2 cases Lop et Purity

▶ Coche la case devant scan all users

▶ règle-le sur "60 Days"

▶ dans la colonne de gauche , mets tout sur all

▶Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

ou celui-ci : https://www.cjoint.com/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

Tu feras la meme chose avec le "Extra.txt".
0
Réponse 11 / 26
link348 Messages postés 22 Statut Membre 1
 
Re, voici les deux rapports :

OTL :

http://www.cijoint.fr/cjlink.php?file=cj200908/cijFt7wKny.txt

Extra :

http://www.cijoint.fr/cjlink.php?file=cj200908/cij3OHDTAo.txt
0
Réponse 12 / 26
Utilisateur anonyme
 
▶ télécharge LOP S&D sur ton Bureau.

▶ Double-clique dessus pour lancer l'installation
▶ Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
▶ Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
▶ Patiente jusqu'à la fin du scan

▶ Poste le rapport généré (C:\lopR.txt)
0
Réponse 13 / 26
link348 Messages postés 22 Statut Membre 1
 
Re, voila le rapport :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : EMILE ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.26 (Not Activated)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:18 Go)
D:\ (Local Disk) - NTFS - Total:241 Go (Free:23 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
K:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 23/08/2009|11:43 )

--------------------\\ Listing des dossiers dans APPLIC~1

[16/03/2008|18:30] D:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[24/09/2004|04:25] D:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16/03/2008|21:16] D:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[06/10/2006|19:43] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[24/09/2004|03:50] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[06/10/2006|19:35] D:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[07/08/2007|20:07] D:\DOCUME~1\ALLUSE~1\APPLIC~1\16 new ping long
[14/02/2007|16:40] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[16/03/2008|21:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[26/12/2006|14:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/08/2009|23:08] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[15/10/2008|17:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[20/08/2009|11:03] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard Entertainment
[03/09/2008|17:16] D:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone
[25/12/2006|16:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[22/08/2008|21:46] D:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
[28/06/2007|11:10] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[06/10/2006|19:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[22/08/2009|23:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[22/08/2009|23:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[07/03/2009|12:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[07/03/2009|12:54] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[18/09/2007|09:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
[03/09/2008|17:28] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[27/02/2008|14:22] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Maxtor
[22/08/2008|21:46] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
[02/01/2007|23:34] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/08/2009|12:01] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/09/2007|11:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\NounBowsStartTeam
[03/03/2008|18:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[16/03/2008|21:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[06/10/2006|19:35] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/03/2008|17:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[26/12/2006|16:36] D:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[02/04/2009|16:25] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[06/10/2006|19:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[01/03/2007|14:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[25/12/2006|23:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[26/08/2007|16:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith
[14/02/2009|16:21] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[24/01/2009|21:32] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[26/12/2006|21:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[12/04/2008|14:53] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[06/10/2006|19:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[06/10/2006|19:36] D:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[06/10/2006|19:35] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[26/12/2006|00:11] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/03/2008|12:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[16/03/2008|18:30] D:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[24/09/2004|04:25] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[16/03/2008|21:16] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Lavasoft
[06/10/2006|19:43] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[24/09/2004|03:50] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06/10/2006|19:35] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[12/05/2008|18:26] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Adobe
[24/05/2008|21:28] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\AdobeUM
[18/03/2008|15:31] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\ATI
[11/06/2009|16:51] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Audacity
[28/10/2008|00:11] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Command & Conquer 3 Les guerres du Tiberium
[03/05/2009|15:53] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Desktopicon
[19/03/2008|16:43] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\DivX
[19/07/2009|21:53] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\dvdcss
[13/09/2008|22:48] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\EmailNotifier
[21/05/2009|20:20] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\FLV Extract
[21/05/2009|20:06] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\FMZilla
[21/08/2008|18:30] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\GetRight Pro
[21/08/2008|17:56] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\GetRightToGo
[27/10/2008|22:17] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\gnupg
[16/06/2009|16:28] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\GrabPro
[18/03/2008|16:28] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Help
[20/10/2008|21:05] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Identities
[12/04/2008|14:40] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\InstallShield
[16/03/2008|21:16] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Lavasoft
[29/03/2009|21:02] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\LimeWire
[06/10/2006|19:43] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Macromedia
[03/09/2008|17:28] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Malwarebytes
[16/04/2008|15:47] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Media Player Classic
[16/05/2008|14:40] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\MetaProducts
[25/02/2009|14:54] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Microsoft
[25/12/2008|15:38] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Microsoft Games
[26/08/2008|16:56] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Mozilla
[18/03/2008|23:36] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Norman
[17/03/2008|17:13] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\OD2
[16/06/2009|16:32] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Orbit
[16/04/2008|15:47] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Real
[21/07/2009|23:49] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Red Alert 3
[12/07/2008|17:16] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\SecuROM
[02/04/2009|16:55] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Skype
[02/04/2009|16:31] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\skypePM
[25/10/2008|01:19] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Sun
[13/07/2008|18:33] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\teamspeak2
[09/11/2008|18:45] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Template
[19/03/2008|15:47] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\TuneUp Software
[12/04/2008|15:05] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Ubisoft
[30/04/2009|21:32] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\UseNeXT
[20/08/2009|10:20] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\uTorrent
[18/06/2008|18:40] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Viewpoint
[16/01/2009|19:57] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\vlc
[06/10/2006|19:35] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\You've Got Pictures Screensaver

[21/08/2009|16:47] D:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[18/03/2008|21:52] D:\DOCUME~1\LOCALS~1\APPLIC~1\DivX
[24/09/2004|03:50] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[06/10/2006|19:19] D:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

[24/09/2004|03:50] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[24/07/2009|20:38] D:\DOCUME~1\TEMP\APPLIC~1\Adobe
[02/08/2009|23:32] D:\DOCUME~1\TEMP\APPLIC~1\AdobeUM
[16/03/2008|18:30] D:\DOCUME~1\TEMP\APPLIC~1\ATI
[22/07/2009|01:23] D:\DOCUME~1\TEMP\APPLIC~1\Audacity
[05/08/2009|20:55] D:\DOCUME~1\TEMP\APPLIC~1\DivX
[17/08/2009|23:55] D:\DOCUME~1\TEMP\APPLIC~1\dvdcss
[02/08/2009|23:17] D:\DOCUME~1\TEMP\APPLIC~1\FLV Extract
[04/08/2009|00:50] D:\DOCUME~1\TEMP\APPLIC~1\FMZilla
[22/08/2009|22:46] D:\DOCUME~1\TEMP\APPLIC~1\GetRightToGo
[22/08/2009|23:35] D:\DOCUME~1\TEMP\APPLIC~1\Grisoft
[24/09/2004|04:25] D:\DOCUME~1\TEMP\APPLIC~1\Identities
[22/08/2009|22:55] D:\DOCUME~1\TEMP\APPLIC~1\InstallShield
[16/03/2008|21:16] D:\DOCUME~1\TEMP\APPLIC~1\Lavasoft
[22/07/2009|11:46] D:\DOCUME~1\TEMP\APPLIC~1\Macromedia
[19/08/2009|22:47] D:\DOCUME~1\TEMP\APPLIC~1\Malwarebytes
[24/07/2009|19:49] D:\DOCUME~1\TEMP\APPLIC~1\Media Player Classic
[12/08/2009|16:48] D:\DOCUME~1\TEMP\APPLIC~1\Microsoft
[22/07/2009|18:22] D:\DOCUME~1\TEMP\APPLIC~1\Microsoft Games
[22/07/2009|01:35] D:\DOCUME~1\TEMP\APPLIC~1\Mozilla
[22/07/2009|01:28] D:\DOCUME~1\TEMP\APPLIC~1\OD2
[29/07/2009|21:04] D:\DOCUME~1\TEMP\APPLIC~1\Red Alert 3
[22/08/2009|17:08] D:\DOCUME~1\TEMP\APPLIC~1\Software Informer
[22/08/2009|17:59] D:\DOCUME~1\TEMP\APPLIC~1\Sun
[22/07/2009|08:56] D:\DOCUME~1\TEMP\APPLIC~1\TuneUp Software
[22/07/2009|08:31] D:\DOCUME~1\TEMP\APPLIC~1\Ubisoft
[22/08/2009|22:13] D:\DOCUME~1\TEMP\APPLIC~1\uTorrent
[23/08/2009|10:39] D:\DOCUME~1\TEMP\APPLIC~1\vlc
[06/10/2006|19:35] D:\DOCUME~1\TEMP\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[22/08/2009 19:03][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[23/08/2009 11:08][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[12/07/2008|17:29] C:\Program Files\7-Zip
[16/03/2008|21:14] C:\Program Files\Adobe
[02/03/2009|00:37] C:\Program Files\AGEIA Technologies
[02/03/2009|00:37] C:\Program Files\AOL 9.0
[16/03/2008|21:15] C:\Program Files\AOL Compagnon
[16/03/2008|18:28] C:\Program Files\ATI Technologies
[02/03/2009|00:41] C:\Program Files\Audacity 1.3 Beta (Unicode)
[22/08/2009|23:08] C:\Program Files\Avira
[12/11/2008|01:45] C:\Program Files\AviSynth 2.5
[29/03/2009|19:12] C:\Program Files\CAPCOM
[23/08/2009|00:01] C:\Program Files\CCleaner
[22/02/2009|21:35] C:\Program Files\CDisplay
[19/08/2009|18:11] C:\Program Files\Common Files
[23/09/2004|20:03] C:\Program Files\ComPlus Applications
[25/06/2009|12:58] C:\Program Files\DAMN NFO Viewer
[02/03/2009|00:38] C:\Program Files\DivX
[20/05/2009|17:27] C:\Program Files\DownloadToolz
[19/03/2008|19:26] C:\Program Files\D-Tools
[07/10/2008|22:39] C:\Program Files\ElcomSoft
[22/07/2009|11:54] C:\Program Files\Fichiers communs
[08/08/2008|20:02] C:\Program Files\Free Audio Pack
[04/08/2009|01:00] C:\Program Files\Free Music Zilla
[16/05/2009|12:47] C:\Program Files\FrostWire
[22/08/2008|11:36] C:\Program Files\GetRight
[22/08/2009|23:35] C:\Program Files\Grisoft
[19/08/2008|22:43] C:\Program Files\In Flames - Used & Abused
[22/08/2009|23:48] C:\Program Files\InstallShield Installation Information
[30/07/2009|12:02] C:\Program Files\Internet Explorer
[30/04/2008|16:42] C:\Program Files\Java
[22/08/2009|23:00] C:\Program Files\Kaspersky Lab
[17/03/2008|19:20] C:\Program Files\Lavalys
[16/03/2008|21:15] C:\Program Files\Learn2.com
[02/03/2009|00:38] C:\Program Files\LimeWire
[07/03/2009|12:54] C:\Program Files\Logitech
[23/08/2009|00:29] C:\Program Files\Malwarebytes' Anti-Malware
[02/03/2009|00:38] C:\Program Files\Mass Downloader
[21/03/2008|18:45] C:\Program Files\Maxtor
[02/03/2009|00:38] C:\Program Files\Messenger
[08/06/2008|14:13] C:\Program Files\Messenger Plus! Live
[22/07/2009|16:33] C:\Program Files\Microsoft
[21/10/2008|22:07] C:\Program Files\Microsoft ActiveSync
[08/03/2009|13:33] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[23/09/2004|20:15] C:\Program Files\microsoft frontpage
[26/12/2008|19:37] C:\Program Files\Microsoft Games for Windows - LIVE
[02/03/2009|00:38] C:\Program Files\Microsoft Works
[26/05/2009|12:52] C:\Program Files\Microsoft WSE
[02/03/2009|00:38] C:\Program Files\Movie Maker
[23/08/2009|11:10] C:\Program Files\Mozilla Firefox
[08/08/2009|02:03] C:\Program Files\MSBuild
[23/09/2004|19:59] C:\Program Files\MSN
[23/09/2004|19:59] C:\Program Files\MSN Gaming Zone
[21/03/2008|18:43] C:\Program Files\MSXML 6.0
[22/08/2009|23:48] C:\Program Files\NCSoft
[03/09/2008|17:00] C:\Program Files\NetMeeting
[23/09/2004|20:03] C:\Program Files\Online Services
[01/05/2008|10:54] C:\Program Files\OO Software
[13/08/2009|11:29] C:\Program Files\Outlook Express
[16/03/2008|21:15] C:\Program Files\QuickTime
[02/03/2009|00:38] C:\Program Files\Real Alternative
[16/03/2008|18:30] C:\Program Files\Realtek
[12/11/2008|01:45] C:\Program Files\Red Kawa
[08/08/2009|02:03] C:\Program Files\Reference Assemblies
[18/03/2008|16:27] C:\Program Files\SAGEM
[23/09/2004|20:08] C:\Program Files\Services en ligne
[02/04/2009|16:25] C:\Program Files\Skype
[22/08/2009|17:08] C:\Program Files\Software Informer
[01/05/2008|21:33] C:\Program Files\The GodFather
[08/07/2009|22:35] C:\Program Files\The Witcher Enhanced Edition
[17/03/2008|19:23] C:\Program Files\ToniArts
[22/08/2009|23:21] C:\Program Files\trend micro
[19/03/2008|15:47] C:\Program Files\TuneUp Utilities 2007
[23/09/2004|20:25] C:\Program Files\Uninstall Information
[13/12/2008|13:08] C:\Program Files\Unlocker
[11/04/2009|15:21] C:\Program Files\UseNeXT
[27/06/2009|20:47] C:\Program Files\uTorrent
[09/07/2009|14:31] C:\Program Files\VDOWNLOADER
[18/03/2008|19:35] C:\Program Files\VideoLAN
[16/03/2008|21:15] C:\Program Files\Viewpoint
[23/08/2009|11:10] C:\Program Files\Wanadoo
[02/03/2009|00:38] C:\Program Files\Wanadoo Messager
[22/07/2009|16:34] C:\Program Files\Windows Live
[22/07/2009|16:33] C:\Program Files\Windows Live SkyDrive
[18/05/2008|16:56] C:\Program Files\Windows Media Connect 2
[18/03/2008|21:48] C:\Program Files\Windows Media Player
[24/05/2008|21:07] C:\Program Files\Windows Mobile Device Handbook
[03/09/2008|17:00] C:\Program Files\Windows NT
[23/09/2004|20:01] C:\Program Files\Windows Plus
[23/09/2004|20:09] C:\Program Files\WindowsUpdate
[22/06/2008|16:38] C:\Program Files\WinRAR
[16/03/2008|18:28] C:\Program Files\X10 Hardware
[23/09/2004|20:15] C:\Program Files\xerox
[05/08/2009|20:56] C:\Program Files\XviD

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[16/03/2008|21:14] C:\Program Files\Fichiers communs\Adobe
[16/03/2008|21:15] C:\Program Files\Fichiers communs\AOL
[16/03/2008|21:15] C:\Program Files\Fichiers communs\aolshare
[15/10/2008|18:23] C:\Program Files\Fichiers communs\Blizzard Entertainment
[16/03/2008|18:28] C:\Program Files\Fichiers communs\InstallShield
[16/03/2008|18:38] C:\Program Files\Fichiers communs\Java
[07/03/2009|12:54] C:\Program Files\Fichiers communs\logishrd
[22/07/2009|16:33] C:\Program Files\Fichiers communs\Microsoft Shared
[23/09/2004|20:07] C:\Program Files\Fichiers communs\MSSoap
[16/03/2008|21:15] C:\Program Files\Fichiers communs\Nullsoft
[23/09/2004|19:53] C:\Program Files\Fichiers communs\ODBC
[16/04/2008|15:47] C:\Program Files\Fichiers communs\Real
[23/09/2004|20:07] C:\Program Files\Fichiers communs\Services
[02/04/2009|16:25] C:\Program Files\Fichiers communs\Skype
[23/09/2004|19:53] C:\Program Files\Fichiers communs\SpeechEngines
[10/10/2008|17:20] C:\Program Files\Fichiers communs\SWF Studio
[03/09/2008|17:00] C:\Program Files\Fichiers communs\System
[22/07/2009|11:54] C:\Program Files\Fichiers communs\Windows Live
[24/03/2008|13:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[14/02/2009|13:57] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 40 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

D:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
D:\DOCUME~1\ALLUSE~1\APPLIC~1\16 new ping long

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme


--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

--------------------\\ Cracks & Keygens ..

D:\DOCUME~1\TEMP\Bureau\JEUX\EA Games keygen.rar
D:\DOCUME~1\TEMP\Bureau\JEUX\The_Sims_3_Keygen.exe
D:\DOCUME~1\TEMP\Mes documents\Downloads\Full- With -Crack-3D-Kyodai Mahjong -Maluga-.zip
D:\DOCUME~1\TEMP\Mes documents\Downloads\Mah Jong Quest v1.125 + Crack.rar
D:\DOCUME~1\TEMP\Mes documents\Downloads\Mirrors.Edge.Crack.+.Keygen.ONLY-RELOADED.rar
D:\DOCUME~1\TEMP\Mes documents\Downloads\Metadata\Antivirus - MC AFEE - VIRUS SCAN 8 & FIREWALL & SPAM KILLER + CRACK.rar.xml
D:\DOCUME~1\TEMP\Mes documents\Downloads\Metadata\Avast.Antivirus.Pro.v4.7.844.FR.Incl-Keygen.rar.xml
D:\DOCUME~1\TEMP\Mes documents\Downloads\Metadata\Crack.No-Cd.Halo.Combat.Evolved.Crack.NoCd.v1.02.Incl.Battle.Net.+.Keygen.+.Patch.+.Trainer.+.Cover.Us.Fr.By.ced{cosmos}.rar.xml
D:\DOCUME~1\TEMP\Mes documents\Downloads\Total_Recorder_6.0_Professional_Edition_Incl_All_Add-On-=(E.D)=-SiC\Crack
D:\DOCUME~1\TEMP\Mes documents\Downloads\Total_Recorder_6.0_Professional_Edition_Incl_All_Add-On-=(E.D)=-SiC\Crack\How to use the PATCH.txt
D:\DOCUME~1\TEMP\Mes documents\jeux(install)\mahjongg\Mah Jong Quest v1.125 Keygen.zip
D:\DOCUME~1\TEMP\Mes documents\jeux(install)\mahjongg\Master Qwan's Mahjongg - (with crack).zip
D:\DOCUME~1\TEMP\Mes documents\jeux(install)\mahjongg\[games] Kyodai Mahjongg v19.75 + Keygen.zip
D:\DOCUME~1\TEMP\Mes documents\Ma musique\Metal\Death Melodic\Raunchy\2002 - Velvet Noise\07 - Crack Of Dawn.mp3
D:\DOCUME~1\TEMP\Mes documents\Ma musique\Punk Rock\Brand New\Deja Entendu\11-brand_new-play_crack_the_sky-fnt.mp3
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\crack de wow.jpg
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\CRACK.NoCD.Painkiller.by.eMule-Paradise.com.zip
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\DEViANCE-NoCD-Keygen-for-Painkiller.rar
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\Far Cry 1.3 - 1.31 No Cd Multiplayer Crack 100% Working 2005 (Farcrymp Farcry Mp).zip
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\FAR.CRY.[Crack.No.DVD.(no.cd)]by.Zamona.from.DEViANCE.rar
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\Keygen
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\O&O.Defrag.Server.Edition.v8.0.1564.FR.Incl-Keygen.rar
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\QUAKE.4.NODVD.Crack-DEViANCE.ShadowCast.rar
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\The_Sims_3_Keygen.exe
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\The_Sims_3_Keygen.rar
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\WarCraft III The Frozen Throne No CD Crack.zip
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\Keygen\keygen.exe
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\Keygen\tuneup2006keygen.exe


[F:4][D:3]-> D:\DOCUME~1\TEMP\LOCALS~1\Temp
[F:31][D:0]-> D:\DOCUME~1\TEMP\Cookies
[F:28][D:4]-> D:\DOCUME~1\TEMP\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 23/08/2009|12:01 - Option : [1]

--------------------\\ Fin du rapport a 12:01:12
0
Réponse 14 / 26
Utilisateur anonyme
 

/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\

▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe"

_________________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================</gras>

▶ On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix


Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

>> Reviens sur le forum, et

▶ copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

0
Réponse 15 / 26
link348 Messages postés 22 Statut Membre 1
 
Re, voila le rapport combofix :

ComboFix 09-08-22.06 - EMILE 23/08/2009 13:35.2.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1626 [GMT 2:00]
Running from: d:\documents and settings\TEMP\Bureau\emile.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\1eef7ab.msi
c:\windows\Installer\f7f87d.msi
c:\windows\Installer\f7f87e.msp
c:\windows\Installer\f7f87f.msp
c:\windows\Installer\f7f880.msp
c:\windows\Installer\f7f881.msp
c:\windows\Installer\f7f882.msp
c:\windows\Installer\f7f883.msp
c:\windows\Installer\f7f884.msp
c:\windows\Installer\f7f885.msp
c:\windows\Installer\f7f886.msp
c:\windows\Installer\f7f92f.msi
c:\windows\Installer\f7f930.msp
c:\windows\kb913800.exe
c:\windows\system32\drivers\ch7xxnt5.dll
c:\windows\system32\drivers\UACqjkndjoews.sys
c:\windows\system32\UAChlyehwyxte.dll
c:\windows\system32\uacinit.dll
c:\windows\system32\UACmyvthrnpvc.dll
c:\windows\system32\UACnapjwxrpul.db
c:\windows\system32\UACrfpabujfij.dat
c:\windows\system32\UACrnovxdqgix.dll
c:\windows\system32\UACvtodylsaim.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys
-------\Legacy_UACd.sys


((((((((((((((((((((((((( Files Created from 2009-07-23 to 2009-08-23 )))))))))))))))))))))))))))))))
.

2009-08-23 09:42 . 2009-08-23 10:01 -------- d-----w- C:\Lop SD
2009-08-23 09:12 . 2009-08-23 09:05 514048 ----a-w- C:\OTL.exe
2009-08-23 09:07 . 2009-08-23 09:07 -------- d-----w- C:\_OTL
2009-08-22 22:01 . 2009-08-22 22:01 -------- d-----w- c:\program files\CCleaner
2009-08-22 21:35 . 2009-08-22 21:35 -------- d-----w- d:\documents and settings\TEMP\Application Data\Grisoft
2009-08-22 21:35 . 2007-05-30 12:10 10872 ----a-w- c:\windows\system32\drivers\AvgAsCln.sys
2009-08-22 21:14 . 2009-08-22 21:15 -------- d-----w- c:\windows\BDOSCAN8
2009-08-22 21:08 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-08-22 21:08 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-08-22 21:08 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-08-22 21:08 . 2009-08-22 21:08 -------- d-----w- d:\docume~1\ALLUSE~1\APPLIC~1\Avira
2009-08-22 21:08 . 2009-08-22 21:08 -------- d-----w- c:\program files\Avira
2009-08-22 20:55 . 2009-08-22 20:55 -------- d-----w- d:\documents and settings\TEMP\Application Data\InstallShield
2009-08-22 15:08 . 2009-08-22 15:08 -------- d-----w- d:\documents and settings\TEMP\Application Data\Software Informer
2009-08-22 15:08 . 2009-08-22 15:08 -------- d-----w- c:\program files\Software Informer
2009-08-21 14:47 . 2009-08-21 14:47 -------- d-----r- d:\documents and settings\LocalService\Favoris
2009-08-21 14:47 . 2009-08-21 14:47 -------- d-sh--w- d:\documents and settings\LocalService\IETldCache
2009-08-21 13:51 . 2009-03-24 14:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-20 16:14 . 2009-08-22 21:48 -------- d-----w- c:\program files\NCSoft
2009-08-20 09:02 . 2009-08-20 09:03 -------- d-----w- d:\docume~1\ALLUSE~1\APPLIC~1\Blizzard Entertainment
2009-08-19 20:47 . 2009-08-19 20:47 -------- d-----w- d:\documents and settings\TEMP\Application Data\Malwarebytes
2009-08-19 16:13 . 2005-01-01 09:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2009-08-16 21:22 . 2009-08-23 09:58 -------- d-----w- d:\documents and settings\TEMP\Application Data\vlc
2009-08-16 13:06 . 2009-08-22 20:46 -------- d-----w- d:\documents and settings\TEMP\Application Data\GetRightToGo
2009-08-12 21:50 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-08 00:03 . 2009-08-08 00:03 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-08 00:03 . 2009-08-08 00:03 -------- d-----w- c:\program files\MSBuild
2009-08-08 00:03 . 2009-08-08 00:03 -------- d-----w- c:\program files\Reference Assemblies
2009-08-08 00:02 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-08 00:02 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-08 00:02 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-08 00:02 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-08 00:02 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-08 00:02 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-08 00:02 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-05 18:56 . 2009-08-05 18:56 -------- d-----w- c:\program files\XviD
2009-08-03 22:50 . 2009-08-03 22:50 -------- d-----w- d:\documents and settings\TEMP\Application Data\FMZilla
2009-08-02 21:32 . 2009-08-02 21:32 -------- d-----w- d:\documents and settings\TEMP\Application Data\AdobeUM
2009-08-02 21:17 . 2009-08-02 21:17 -------- d-----w- d:\documents and settings\TEMP\Application Data\FLV Extract
2009-07-29 15:51 . 2009-07-03 16:57 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-29 15:51 . 2009-07-03 16:57 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2009-07-24 18:38 . 2009-07-29 13:30 -------- d-----w- d:\documents and settings\TEMP\Local Settings\Application Data\Adobe
2009-07-24 17:48 . 2009-07-24 17:49 -------- d-----w- d:\documents and settings\TEMP\Application Data\Media Player Classic

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-23 11:02 . 2008-03-18 14:26 -------- d-----w- c:\program files\Wanadoo
2009-08-23 10:53 . 2009-07-21 23:29 -------- d-----w- d:\documents and settings\TEMP\Application Data\uTorrent
2009-08-23 09:09 . 2006-10-06 17:20 50280 ----a-w- d:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-22 22:29 . 2008-12-13 10:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-22 21:48 . 2008-03-16 16:25 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-22 21:21 . 2008-12-13 09:53 -------- d-----w- c:\program files\trend micro
2009-08-22 21:00 . 2008-04-26 11:33 -------- d-----w- c:\program files\Kaspersky Lab
2009-08-22 21:00 . 2008-03-12 13:32 -------- d-----w- d:\docume~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
2009-08-22 21:00 . 2008-03-12 12:49 -------- d-----w- d:\docume~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
2009-08-20 08:20 . 2008-03-27 17:47 -------- d-----w- d:\documents and settings\EMILE.YZUL\Application Data\uTorrent
2009-08-19 16:11 . 2008-03-16 16:28 -------- d-----w- c:\program files\Common Files
2009-08-17 21:55 . 2009-07-22 19:13 -------- d-----w- d:\documents and settings\TEMP\Application Data\dvdcss
2009-08-08 00:07 . 2004-09-23 17:12 545328 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-08 00:07 . 2004-09-23 17:12 100304 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-05 18:55 . 2009-07-21 23:21 -------- d-----w- d:\documents and settings\TEMP\Application Data\DivX
2009-08-05 09:00 . 2004-09-23 17:10 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 23:00 . 2009-05-21 18:06 -------- d-----w- c:\program files\Free Music Zilla
2009-08-03 11:36 . 2008-12-13 10:24 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 11:36 . 2008-12-13 10:24 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-29 19:04 . 2009-07-21 23:30 -------- d-----w- d:\documents and settings\TEMP\Application Data\Red Alert 3
2009-07-22 16:22 . 2009-07-22 16:22 -------- d-----w- d:\documents and settings\TEMP\Application Data\Microsoft Games
2009-07-22 14:34 . 2008-03-24 10:55 -------- d---a-w- c:\program files\Windows Live
2009-07-22 14:33 . 2009-07-22 14:33 -------- d-----w- c:\program files\Microsoft
2009-07-22 14:33 . 2009-07-22 14:33 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-07-22 09:54 . 2009-07-22 09:54 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-07-22 06:56 . 2009-07-22 06:56 -------- d-----w- d:\documents and settings\TEMP\Application Data\TuneUp Software
2009-07-22 06:31 . 2009-07-22 06:31 -------- d-----w- d:\documents and settings\TEMP\Application Data\Ubisoft
2009-07-21 23:28 . 2009-07-21 23:28 -------- d-----w- d:\documents and settings\TEMP\Application Data\OD2
2009-07-21 23:23 . 2009-07-21 23:23 -------- d-----w- d:\documents and settings\TEMP\Application Data\Audacity
2009-07-21 21:49 . 2009-07-21 20:06 -------- d-----w- d:\documents and settings\EMILE.YZUL\Application Data\Red Alert 3
2009-07-19 19:53 . 2009-01-16 20:33 -------- d-----w- d:\documents and settings\EMILE.YZUL\Application Data\dvdcss
2009-07-17 19:03 . 2004-09-23 17:09 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2004-09-23 17:13 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-09 12:31 . 2008-12-23 21:18 -------- d-----w- c:\program files\VDOWNLOADER
2009-07-08 20:35 . 2009-03-03 16:43 -------- d-----w- c:\program files\The Witcher Enhanced Edition
2009-07-03 16:57 . 2004-09-23 17:11 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-27 18:47 . 2008-03-27 17:47 -------- d-----w- c:\program files\uTorrent
2009-06-25 10:58 . 2009-06-25 10:58 -------- d-----w- c:\program files\DAMN NFO Viewer
2009-06-25 08:26 . 2004-09-23 17:11 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:26 . 2004-09-23 17:11 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:26 . 2004-09-23 17:11 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:26 . 2004-09-23 17:10 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:26 . 2004-09-23 17:10 736768 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:26 . 2004-09-23 17:10 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18 . 2004-09-23 17:10 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:40 . 2004-09-23 17:11 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2004-09-23 17:10 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 12:23 . 2009-06-15 12:23 49696 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-06-15 10:44 . 2004-09-23 17:11 78848 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:44 . 2004-09-23 17:11 82944 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 14:14 . 2004-09-23 17:09 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 07:21 . 2004-09-23 17:59 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:15 . 2004-09-23 17:11 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:10 . 2004-09-23 17:11 1297408 ----a-w- c:\windows\system32\quartz.dll
2005-05-13 16:12 . 2005-05-13 16:12 217073 --sha-r- c:\windows\meta4.exe
2005-10-24 10:13 . 2005-10-24 10:13 66560 --sha-r- c:\windows\MOTA113.exe
2005-10-13 20:27 . 2005-10-13 20:27 422400 --sha-r- c:\windows\x2.64.exe
2005-10-07 18:14 . 2005-10-07 18:14 308224 --sha-r- c:\windows\system32\avisynth.dll
2005-07-14 11:31 . 2005-07-14 11:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2005-06-26 14:32 . 2005-06-26 14:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 21:37 . 2005-06-21 21:37 45568 --sha-r- c:\windows\system32\cygz.dll
2004-01-24 23:00 . 2004-01-24 23:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2006-04-27 09:24 . 2006-04-27 09:24 2945024 --sha-r- c:\windows\system32\Smab.dll
2005-02-28 12:16 . 2005-02-28 12:16 240128 --sha-r- c:\windows\system32\x.264.exe
2004-01-24 23:00 . 2004-01-24 23:00 70656 --sha-r- c:\windows\system32\yv12vfw.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2007\MemOptimizer.exe" [2007-01-17 311816]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WooCnxMon"="c:\progra~1\Wanadoo\CnxMon.exe" [2004-05-13 24576]
"WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-05-13 24576]
"WOOTASKBARICON"="c:\progra~1\Wanadoo\TaskbarIcon.exe" [2004-05-13 49152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\docume~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-3-18 954475]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"d:\\LOGICIELS\\eMule\\emule.exe"=
"d:\\LOGICIELS\\Emule Morph\\emule\\emule.exe"=
"d:\\Steam\\Steam\\SteamApps\\unknowakalink\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\UseNeXT\\UseNeXT.exe"=
"d:\\JEUX\\Assasin's Creed\\AssassinsCreed_Dx9.exe"=
"d:\\JEUX\\Assasin's Creed\\AssassinsCreed_Dx10.exe"=
"d:\\JEUX\\Assasin's Creed\\AssassinsCreed_Launcher.exe"=
"d:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\French\\setup.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"d:\\JEUX\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"d:\\JEUX\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"d:\\JEUX\\LucasArts\\Star Wars JK II Jedi Outcast\\GameData\\jk2mp.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"d:\\JEUX\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"d:\\JEUX\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"d:\\JEUX\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"d:\\JEUX\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat"=
"d:\\JEUX\\Warcraft III\\war3.exe"=
"d:\\JEUX\\DreamCatcher\\Painkiller\\Bin\\Painkiller.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\JEUX\\Microsoft Games\\Gears of War\\Binaries\\WarGame-G4WLive.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"d:\\JEUX\\EA GAMES\\Mirror's Edge\\Binaries\\MirrorsEdge.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"d:\\JEUX\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\NCSoft\\Launcher\\NCLauncher.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1380:TCP"= 1380:TCP:Warpatch
"10622:TCP"= 10622:TCP:Warhammer
"1024:UDP"= 1024:UDP:Warhammer
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [22/08/2009 23:08 108289]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [16/03/2008 18:26 825600]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [16/03/2008 18:28 7040]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [17/05/2005 01:00 4736]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SaiHFF0D;SaiHFF0D;c:\windows\system32\drivers\SaiHFF0D.sys [12/04/2008 13:12 176000]
S3 SaiUFF0D;SaiUFF0D;c:\windows\system32\drivers\SaiUFF0D.sys [12/04/2008 13:12 27136]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-PlayNC Launcher - (no file)
SafeBoot-AVG Anti-Spyware Driver


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.wanadoo.fr
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab
FF - ProfilePath - d:\docume~1\TEMP\APPLIC~1\Mozilla\Firefox\Profiles\8s2c3sco.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJPI150_04.dll
FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-23 13:42
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="3F78584B5767AFE8D045FC03D059790C6D6514B7AA36ACF6686404163F5222AE930D83A85983BA65D5D266F5E20E1B59F5C3B7AB67A52B4A4E942AD3637BEC7ABDB1D1A363599FC0F4E730D678D438AD8A1C9115F30B9FBA6810BBF27BF14C8E013A66F66831A3CED6AA0A37F716B00459837D03CB11A8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5CBA7FD869164D67948EDD5E5BE2F6E6673514BC1D372C621DC05BB892EE1F13F847403CA64C6FC5C8914EEF73ADF32DD811AA001EA76F0863C0ED146FAD8F9A1495494F4253C148DB85036F3E0DCDA79497BC6AE692CC37F9878BABF648E417E7F5635789B55B5E742CCBA21F92F3EF4F726AB7DDE3257379E85A2FBB21934B4C85D8145F7166AAC58D377B63F665AA36AEA7AB5F2AEA81AF1C54D1C7BF243EC8C349C717A6A015B8122AEC4D93344031C0BE8AB718A5EC1D3CC6C815D0B23B9E16273CFA1BDACB66075C7192E4855FD6FDCB9DAD85F00479C9535195A36ED14045B7BAC5B7793E221D5984DE0E15F8F4214034746B7A57ABA671A6ACAC1DD353FB97942B87F7216BE981264ED531C18B48609E396A083DD29B680F328316D8324CB59CCF3D61E97CE707DCF4A33AB24EF544331B45EED04052574DF1E346BC6B29D3ABCA2E58D73F75F330D586A8092690594BAB619A70F8DBAE302CAEAD1F426C099C2B519169D4D0A1AC6DB086C6B0E2E0C3F3CB8A3DB6AA37831566DF61ABD0BF4EF1C5D5E28E21C1622AF870B03D9A6F006D32531E6717871A5433862CD478382512CA044E766F56686BD61A4FD14A6DE307669ABD2DDB8FCB06E2DCE99967830976450C7447A93955896A496FA4E9975AA4E11C09DB9810F23B62B3C90E0509E57B3F73E86FA194C54EF3D8A324517F519DBDA7B1FD501F6DF6C76FBE789E032BF265D3FC130B6ADA76DAB640F0418839BBB9A0AF51EAA61FB0CA0701D36481CA21085A4B0A818A3935A8645E5DD9EC87BF387D3C473363ECD5C5098BCDEA663FBE1CC72EDF002089B089F8DB7424B8385B40495504D86843453A141CC8A96802F8BA72C553E9A67981D11FD9F187CBC5357CA4BDE3EF9A8FD3CB5CB75B7E139371A0C277D804EB383776943C45D45DB4E83CC17A716EB44548C12AA35128C4783DAE36EA17F616FAD211ABAC94BDF3888672E657EF31445BE0885B6CA7CD303665EA5E0C6A511BF9CBDFC998B6586DCB8F3672E154F72A4B4BAFDE6091745BD9E47C5F8BE104C7728A44EB32BA1FF90C7CC1D1EAC7E39D152E6BB913760A2273B031F45C42E3BAA5EDC41D6CDEF01EDB36F30789A9FEA6B91F93035B6FDF33962AFA693881ABE956C60B8182188FB44F9DD0AB9909322341AAA3E656CAA8115A2CEB209A4B77"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3828)
c:\progra~1\WINDOW~3\wmpband.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Fichiers communs\logishrd\LVCOMSER\LVComSer.exe
c:\program files\Maxtor\Sync\SyncServices.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\oodag.exe
c:\progra~1\COMMON~1\X10\Common\X10nets.exe
c:\program files\Fichiers communs\logishrd\LVCOMSER\LVComSer.exe
c:\windows\system32\dllhost.exe
c:\progra~1\MICROS~2\rapimgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-08-23 13:45 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-23 11:45
ComboFix2.txt 2008-12-13 14:05

Pre-Run: 19 733 184 512 octets libres
Post-Run: 19 759 755 264 octets libres

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
369 --- E O F --- 2009-08-23 07:55
0
Réponse 16 / 26
Utilisateur anonyme
 
▶ double-clique sur le raccourci Lop S&D présent sur ton Bureau

▶ Séléctionne la langue souhaitée , puis choisis l'option "Suppression + Hosts"
▶ Patiente jusqu'à la fin du scan
▶ Poste le rapport généré (C:\lopR.txt)
0
Réponse 17 / 26
link348 Messages postés 22 Statut Membre 1
 
Re, voila le rapport :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : EMILE ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.26 (Activated)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:18 Go)
D:\ (Local Disk) - NTFS - Total:241 Go (Free:23 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
K:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 23/08/2009|14:11 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\16 new ping long

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[16/03/2008|18:30] D:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[24/09/2004|04:25] D:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16/03/2008|21:16] D:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[06/10/2006|19:43] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[24/09/2004|03:50] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[06/10/2006|19:35] D:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[14/02/2007|16:40] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[16/03/2008|21:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[26/12/2006|14:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/08/2009|23:08] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[15/10/2008|17:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[20/08/2009|11:03] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard Entertainment
[03/09/2008|17:16] D:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone
[25/12/2006|16:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[22/08/2008|21:46] D:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
[28/06/2007|11:10] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[06/10/2006|19:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[22/08/2009|23:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[22/08/2009|23:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[07/03/2009|12:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[07/03/2009|12:54] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[03/09/2008|17:28] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[27/02/2008|14:22] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Maxtor
[22/08/2008|21:46] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
[02/01/2007|23:34] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/08/2009|12:01] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/09/2007|11:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\NounBowsStartTeam
[03/03/2008|18:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[16/03/2008|21:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[06/10/2006|19:35] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/03/2008|17:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[26/12/2006|16:36] D:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[02/04/2009|16:25] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[06/10/2006|19:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[01/03/2007|14:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[25/12/2006|23:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[26/08/2007|16:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith
[14/02/2009|16:21] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[24/01/2009|21:32] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[26/12/2006|21:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[12/04/2008|14:53] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[06/10/2006|19:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[06/10/2006|19:36] D:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[26/12/2006|00:11] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/03/2008|12:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[16/03/2008|18:30] D:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[24/09/2004|04:25] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[16/03/2008|21:16] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Lavasoft
[06/10/2006|19:43] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[24/09/2004|03:50] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06/10/2006|19:35] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[12/05/2008|18:26] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Adobe
[24/05/2008|21:28] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\AdobeUM
[18/03/2008|15:31] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\ATI
[11/06/2009|16:51] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Audacity
[28/10/2008|00:11] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Command & Conquer 3 Les guerres du Tiberium
[03/05/2009|15:53] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Desktopicon
[19/03/2008|16:43] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\DivX
[19/07/2009|21:53] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\dvdcss
[13/09/2008|22:48] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\EmailNotifier
[21/05/2009|20:20] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\FLV Extract
[21/05/2009|20:06] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\FMZilla
[21/08/2008|18:30] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\GetRight Pro
[21/08/2008|17:56] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\GetRightToGo
[27/10/2008|22:17] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\gnupg
[16/06/2009|16:28] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\GrabPro
[18/03/2008|16:28] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Help
[20/10/2008|21:05] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Identities
[12/04/2008|14:40] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\InstallShield
[16/03/2008|21:16] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Lavasoft
[29/03/2009|21:02] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\LimeWire
[06/10/2006|19:43] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Macromedia
[03/09/2008|17:28] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Malwarebytes
[16/04/2008|15:47] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Media Player Classic
[16/05/2008|14:40] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\MetaProducts
[25/02/2009|14:54] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Microsoft
[25/12/2008|15:38] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Microsoft Games
[26/08/2008|16:56] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Mozilla
[18/03/2008|23:36] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Norman
[17/03/2008|17:13] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\OD2
[16/06/2009|16:32] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Orbit
[16/04/2008|15:47] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Real
[21/07/2009|23:49] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Red Alert 3
[12/07/2008|17:16] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\SecuROM
[02/04/2009|16:55] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Skype
[02/04/2009|16:31] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\skypePM
[25/10/2008|01:19] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Sun
[13/07/2008|18:33] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\teamspeak2
[09/11/2008|18:45] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Template
[19/03/2008|15:47] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\TuneUp Software
[12/04/2008|15:05] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Ubisoft
[30/04/2009|21:32] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\UseNeXT
[20/08/2009|10:20] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\uTorrent
[18/06/2008|18:40] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\Viewpoint
[16/01/2009|19:57] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\vlc
[06/10/2006|19:35] D:\DOCUME~1\EMILE~1.YZU\APPLIC~1\You've Got Pictures Screensaver

[21/08/2009|16:47] D:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[18/03/2008|21:52] D:\DOCUME~1\LOCALS~1\APPLIC~1\DivX
[24/09/2004|03:50] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[06/10/2006|19:19] D:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

[24/09/2004|03:50] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[24/07/2009|20:38] D:\DOCUME~1\TEMP\APPLIC~1\Adobe
[02/08/2009|23:32] D:\DOCUME~1\TEMP\APPLIC~1\AdobeUM
[16/03/2008|18:30] D:\DOCUME~1\TEMP\APPLIC~1\ATI
[22/07/2009|01:23] D:\DOCUME~1\TEMP\APPLIC~1\Audacity
[05/08/2009|20:55] D:\DOCUME~1\TEMP\APPLIC~1\DivX
[17/08/2009|23:55] D:\DOCUME~1\TEMP\APPLIC~1\dvdcss
[02/08/2009|23:17] D:\DOCUME~1\TEMP\APPLIC~1\FLV Extract
[04/08/2009|00:50] D:\DOCUME~1\TEMP\APPLIC~1\FMZilla
[22/08/2009|22:46] D:\DOCUME~1\TEMP\APPLIC~1\GetRightToGo
[22/08/2009|23:35] D:\DOCUME~1\TEMP\APPLIC~1\Grisoft
[24/09/2004|04:25] D:\DOCUME~1\TEMP\APPLIC~1\Identities
[22/08/2009|22:55] D:\DOCUME~1\TEMP\APPLIC~1\InstallShield
[16/03/2008|21:16] D:\DOCUME~1\TEMP\APPLIC~1\Lavasoft
[22/07/2009|11:46] D:\DOCUME~1\TEMP\APPLIC~1\Macromedia
[19/08/2009|22:47] D:\DOCUME~1\TEMP\APPLIC~1\Malwarebytes
[24/07/2009|19:49] D:\DOCUME~1\TEMP\APPLIC~1\Media Player Classic
[12/08/2009|16:48] D:\DOCUME~1\TEMP\APPLIC~1\Microsoft
[22/07/2009|18:22] D:\DOCUME~1\TEMP\APPLIC~1\Microsoft Games
[22/07/2009|01:35] D:\DOCUME~1\TEMP\APPLIC~1\Mozilla
[22/07/2009|01:28] D:\DOCUME~1\TEMP\APPLIC~1\OD2
[29/07/2009|21:04] D:\DOCUME~1\TEMP\APPLIC~1\Red Alert 3
[22/08/2009|17:08] D:\DOCUME~1\TEMP\APPLIC~1\Software Informer
[22/08/2009|17:59] D:\DOCUME~1\TEMP\APPLIC~1\Sun
[22/07/2009|08:56] D:\DOCUME~1\TEMP\APPLIC~1\TuneUp Software
[22/07/2009|08:31] D:\DOCUME~1\TEMP\APPLIC~1\Ubisoft
[23/08/2009|12:53] D:\DOCUME~1\TEMP\APPLIC~1\uTorrent
[23/08/2009|11:58] D:\DOCUME~1\TEMP\APPLIC~1\vlc
[06/10/2006|19:35] D:\DOCUME~1\TEMP\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[22/08/2009 19:03][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[23/08/2009 13:54][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[12/07/2008|17:29] C:\Program Files\7-Zip
[16/03/2008|21:14] C:\Program Files\Adobe
[02/03/2009|00:37] C:\Program Files\AGEIA Technologies
[02/03/2009|00:37] C:\Program Files\AOL 9.0
[16/03/2008|21:15] C:\Program Files\AOL Compagnon
[16/03/2008|18:28] C:\Program Files\ATI Technologies
[02/03/2009|00:41] C:\Program Files\Audacity 1.3 Beta (Unicode)
[22/08/2009|23:08] C:\Program Files\Avira
[12/11/2008|01:45] C:\Program Files\AviSynth 2.5
[29/03/2009|19:12] C:\Program Files\CAPCOM
[23/08/2009|00:01] C:\Program Files\CCleaner
[22/02/2009|21:35] C:\Program Files\CDisplay
[19/08/2009|18:11] C:\Program Files\Common Files
[23/09/2004|20:03] C:\Program Files\ComPlus Applications
[25/06/2009|12:58] C:\Program Files\DAMN NFO Viewer
[02/03/2009|00:38] C:\Program Files\DivX
[20/05/2009|17:27] C:\Program Files\DownloadToolz
[19/03/2008|19:26] C:\Program Files\D-Tools
[07/10/2008|22:39] C:\Program Files\ElcomSoft
[23/08/2009|13:38] C:\Program Files\Fichiers communs
[08/08/2008|20:02] C:\Program Files\Free Audio Pack
[04/08/2009|01:00] C:\Program Files\Free Music Zilla
[16/05/2009|12:47] C:\Program Files\FrostWire
[22/08/2008|11:36] C:\Program Files\GetRight
[22/08/2009|23:35] C:\Program Files\Grisoft
[19/08/2008|22:43] C:\Program Files\In Flames - Used & Abused
[22/08/2009|23:48] C:\Program Files\InstallShield Installation Information
[30/07/2009|12:02] C:\Program Files\Internet Explorer
[30/04/2008|16:42] C:\Program Files\Java
[22/08/2009|23:00] C:\Program Files\Kaspersky Lab
[17/03/2008|19:20] C:\Program Files\Lavalys
[16/03/2008|21:15] C:\Program Files\Learn2.com
[02/03/2009|00:38] C:\Program Files\LimeWire
[07/03/2009|12:54] C:\Program Files\Logitech
[23/08/2009|00:29] C:\Program Files\Malwarebytes' Anti-Malware
[02/03/2009|00:38] C:\Program Files\Mass Downloader
[21/03/2008|18:45] C:\Program Files\Maxtor
[02/03/2009|00:38] C:\Program Files\Messenger
[08/06/2008|14:13] C:\Program Files\Messenger Plus! Live
[22/07/2009|16:33] C:\Program Files\Microsoft
[21/10/2008|22:07] C:\Program Files\Microsoft ActiveSync
[08/03/2009|13:33] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[23/09/2004|20:15] C:\Program Files\microsoft frontpage
[26/12/2008|19:37] C:\Program Files\Microsoft Games for Windows - LIVE
[02/03/2009|00:38] C:\Program Files\Microsoft Works
[26/05/2009|12:52] C:\Program Files\Microsoft WSE
[02/03/2009|00:38] C:\Program Files\Movie Maker
[23/08/2009|13:57] C:\Program Files\Mozilla Firefox
[08/08/2009|02:03] C:\Program Files\MSBuild
[23/09/2004|19:59] C:\Program Files\MSN
[23/09/2004|19:59] C:\Program Files\MSN Gaming Zone
[21/03/2008|18:43] C:\Program Files\MSXML 6.0
[22/08/2009|23:48] C:\Program Files\NCSoft
[03/09/2008|17:00] C:\Program Files\NetMeeting
[23/09/2004|20:03] C:\Program Files\Online Services
[01/05/2008|10:54] C:\Program Files\OO Software
[13/08/2009|11:29] C:\Program Files\Outlook Express
[16/03/2008|21:15] C:\Program Files\QuickTime
[02/03/2009|00:38] C:\Program Files\Real Alternative
[16/03/2008|18:30] C:\Program Files\Realtek
[12/11/2008|01:45] C:\Program Files\Red Kawa
[08/08/2009|02:03] C:\Program Files\Reference Assemblies
[18/03/2008|16:27] C:\Program Files\SAGEM
[23/09/2004|20:08] C:\Program Files\Services en ligne
[02/04/2009|16:25] C:\Program Files\Skype
[22/08/2009|17:08] C:\Program Files\Software Informer
[01/05/2008|21:33] C:\Program Files\The GodFather
[08/07/2009|22:35] C:\Program Files\The Witcher Enhanced Edition
[17/03/2008|19:23] C:\Program Files\ToniArts
[22/08/2009|23:21] C:\Program Files\trend micro
[19/03/2008|15:47] C:\Program Files\TuneUp Utilities 2007
[23/09/2004|20:25] C:\Program Files\Uninstall Information
[13/12/2008|13:08] C:\Program Files\Unlocker
[11/04/2009|15:21] C:\Program Files\UseNeXT
[27/06/2009|20:47] C:\Program Files\uTorrent
[09/07/2009|14:31] C:\Program Files\VDOWNLOADER
[18/03/2008|19:35] C:\Program Files\VideoLAN
[23/08/2009|13:56] C:\Program Files\Wanadoo
[02/03/2009|00:38] C:\Program Files\Wanadoo Messager
[22/07/2009|16:34] C:\Program Files\Windows Live
[22/07/2009|16:33] C:\Program Files\Windows Live SkyDrive
[18/05/2008|16:56] C:\Program Files\Windows Media Connect 2
[18/03/2008|21:48] C:\Program Files\Windows Media Player
[24/05/2008|21:07] C:\Program Files\Windows Mobile Device Handbook
[03/09/2008|17:00] C:\Program Files\Windows NT
[23/09/2004|20:01] C:\Program Files\Windows Plus
[23/09/2004|20:09] C:\Program Files\WindowsUpdate
[22/06/2008|16:38] C:\Program Files\WinRAR
[16/03/2008|18:28] C:\Program Files\X10 Hardware
[23/09/2004|20:15] C:\Program Files\xerox
[05/08/2009|20:56] C:\Program Files\XviD

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[16/03/2008|21:14] C:\Program Files\Fichiers communs\Adobe
[16/03/2008|21:15] C:\Program Files\Fichiers communs\AOL
[16/03/2008|21:15] C:\Program Files\Fichiers communs\aolshare
[15/10/2008|18:23] C:\Program Files\Fichiers communs\Blizzard Entertainment
[16/03/2008|18:28] C:\Program Files\Fichiers communs\InstallShield
[16/03/2008|18:38] C:\Program Files\Fichiers communs\Java
[07/03/2009|12:54] C:\Program Files\Fichiers communs\logishrd
[22/07/2009|16:33] C:\Program Files\Fichiers communs\Microsoft Shared
[23/09/2004|20:07] C:\Program Files\Fichiers communs\MSSoap
[16/03/2008|21:15] C:\Program Files\Fichiers communs\Nullsoft
[23/09/2004|19:53] C:\Program Files\Fichiers communs\ODBC
[16/04/2008|15:47] C:\Program Files\Fichiers communs\Real
[23/09/2004|20:07] C:\Program Files\Fichiers communs\Services
[02/04/2009|16:25] C:\Program Files\Fichiers communs\Skype
[23/09/2004|19:53] C:\Program Files\Fichiers communs\SpeechEngines
[10/10/2008|17:20] C:\Program Files\Fichiers communs\SWF Studio
[03/09/2008|17:00] C:\Program Files\Fichiers communs\System
[22/07/2009|11:54] C:\Program Files\Fichiers communs\Windows Live
[24/03/2008|13:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[14/02/2009|13:57] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 39 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-23 14:14:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
folder error: D:\DOCUME~1\TEMP\LOCALS~1\APPLIC~1

--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

--------------------\\ Cracks & Keygens ..

D:\DOCUME~1\TEMP\Bureau\JEUX\EA Games keygen.rar
D:\DOCUME~1\TEMP\Bureau\JEUX\The_Sims_3_Keygen.exe
D:\DOCUME~1\TEMP\Mes documents\Downloads\Full- With -Crack-3D-Kyodai Mahjong -Maluga-.zip
D:\DOCUME~1\TEMP\Mes documents\Downloads\Mah Jong Quest v1.125 + Crack.rar
D:\DOCUME~1\TEMP\Mes documents\Downloads\Mirrors.Edge.Crack.+.Keygen.ONLY-RELOADED.rar
D:\DOCUME~1\TEMP\Mes documents\Downloads\Metadata\Antivirus - MC AFEE - VIRUS SCAN 8 & FIREWALL & SPAM KILLER + CRACK.rar.xml
D:\DOCUME~1\TEMP\Mes documents\Downloads\Metadata\Avast.Antivirus.Pro.v4.7.844.FR.Incl-Keygen.rar.xml
D:\DOCUME~1\TEMP\Mes documents\Downloads\Metadata\Crack.No-Cd.Halo.Combat.Evolved.Crack.NoCd.v1.02.Incl.Battle.Net.+.Keygen.+.Patch.+.Trainer.+.Cover.Us.Fr.By.ced{cosmos}.rar.xml
D:\DOCUME~1\TEMP\Mes documents\Downloads\Total_Recorder_6.0_Professional_Edition_Incl_All_Add-On-=(E.D)=-SiC\Crack
D:\DOCUME~1\TEMP\Mes documents\Downloads\Total_Recorder_6.0_Professional_Edition_Incl_All_Add-On-=(E.D)=-SiC\Crack\How to use the PATCH.txt
D:\DOCUME~1\TEMP\Mes documents\jeux(install)\mahjongg\Mah Jong Quest v1.125 Keygen.zip
D:\DOCUME~1\TEMP\Mes documents\jeux(install)\mahjongg\Master Qwan's Mahjongg - (with crack).zip
D:\DOCUME~1\TEMP\Mes documents\jeux(install)\mahjongg\[games] Kyodai Mahjongg v19.75 + Keygen.zip
D:\DOCUME~1\TEMP\Mes documents\Ma musique\Metal\Death Melodic\Raunchy\2002 - Velvet Noise\07 - Crack Of Dawn.mp3
D:\DOCUME~1\TEMP\Mes documents\Ma musique\Punk Rock\Brand New\Deja Entendu\11-brand_new-play_crack_the_sky-fnt.mp3
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\crack de wow.jpg
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\CRACK.NoCD.Painkiller.by.eMule-Paradise.com.zip
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\DEViANCE-NoCD-Keygen-for-Painkiller.rar
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\Far Cry 1.3 - 1.31 No Cd Multiplayer Crack 100% Working 2005 (Farcrymp Farcry Mp).zip
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\FAR.CRY.[Crack.No.DVD.(no.cd)]by.Zamona.from.DEViANCE.rar
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\Keygen
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\O&O.Defrag.Server.Edition.v8.0.1564.FR.Incl-Keygen.rar
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\QUAKE.4.NODVD.Crack-DEViANCE.ShadowCast.rar
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\The_Sims_3_Keygen.exe
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\The_Sims_3_Keygen.rar
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\WarCraft III The Frozen Throne No CD Crack.zip
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\Keygen\keygen.exe
D:\DOCUME~1\TEMP\Mes documents\Mes fichiers re‡us\Keygen\tuneup2006keygen.exe


[F:11][D:4]-> D:\DOCUME~1\TEMP\LOCALS~1\Temp
[F:31][D:0]-> D:\DOCUME~1\TEMP\Cookies
[F:2][D:0]-> D:\DOCUME~1\TEMP\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 23/08/2009|12:01 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 23/08/2009|14:16 - Option : [2]

--------------------\\ Fin du rapport a 14:16:35
0
Réponse 18 / 26
Utilisateur anonyme
 
supprime tous ces keygens source d'infection puis :

▶ Double clic sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous Customs Scans/Fixes :

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:reg
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

:commands
[emptytemp]
[reboot]


▶ Clique sur RunFix pour lancer la suppression.


▶ Poste le rapport.
0
Réponse 19 / 26
link348 Messages postés 22 Statut Membre 1
 
Re, et un rapport de plus xD :

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: EMILE.YZUL
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: LocalService
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 16786 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: TEMP
->Temp folder emptied: 2679 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 62453331 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 577 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 59,67 mb


OTL by OldTimer - Version 3.0.10.7 log created on 08232009_145521

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
0
Réponse 20 / 26
Utilisateur anonyme
 
Télécharge OTL de OLDTimer

enregistre le sur ton Bureau.

▶ Double clic sur OTL.exe pour le lancer.

▶ Coche les 2 cases Lop et Purity

▶ Coche la case devant scan all users

▶ règle-le sur "60 Days"

▶ dans la colonne de gauche , mets tout sur all

▶Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

ou celui-ci : https://www.cjoint.com/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

Tu feras la meme chose avec le "Extra.txt".
0

Discussions similaires

iexplore.exe ou iexplorer.exe?
sakos6 -
thesound -

36 réponses