Ouverture fenetre cid de pub

Résolu
budwork Messages postés 47 Statut Membre -  
 Utilisateur anonyme -
Bonjour, quelq'un peut t'il m'aider j'ai des fenetres cid qui n'arrete pas de s'ouvrir des que j'ouvre IE mais apres avoir telecharger la version 8
Configuration: Windows XP Internet Explorer 8.0

22 réponses

  • 1
  • 2
Résumé de la discussion

Des fenêtres indésirables s'ouvrent automatiquement lors de l'ouverture d'Internet Explorer sur Windows XP après l'installation de la version 8, indiquant une infection par adware ou malware. Plusieurs conseils proposent d'utiliser ToolsCleaner2 et HijackThis pour repérer et supprimer les composants indésirables, notamment dans les répertoires, les tâches planifiées et les fichiers de démarrage. L'approche recommandée consiste à lancer ToolsCleaner2, effectuer une recherche, supprimer les éléments détectés et transmettre le rapport TCleaner.txt pour poursuivre le nettoyage et vérifier ensuite l'efficacité des suppressions. En complément, des rapports HijackThis ou des listes d'emplacements problématiques peuvent révéler des éléments tels que Ad-remover et Toolbar SD, et l'analyse du fichier Hosts et des paramètres du registre peut prévenir les réinfections.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    bonsoir
    Télécharges hijackthis
    https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
    .Cliques sur "télécharger hijackthis"
    .enregistres le sur le bureau
    .Renommes hijackthis en tutu.exe
    .Tu fermes tout les programmes ouverts y compris le navigateur. sauf ton anti-virus et pare-feux
    .installes le , il va s'installer par défaut dans C:\Program Files\Trend Micro\HijackThis
    .Cliques sur "Do a system scan and save the logfile"
    .Cela va t'ouvrir un bloc note à la fin du scan.
    .Copie son contenu et poste le dans ton prochain message. sinon le rapport est dans C:\Program Files\Trend Micro\HijackThis\ hijackthis "document texte"
    0
  2. budwork Messages postés 47 Statut Membre
     
    je viens de faire ce que vous m'avez dit et voila le rapport

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:14:39, on 26/08/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\WINDOWS\tsnpstd3.exe
    C:\WINDOWS\vsnpstd3.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
    C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\espmain.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [Video64] C:\WINDOWS\system32\ConRoot\csrss.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\TWINTO~1\MouseElf.EXE
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
    O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [Grey Show] C:\DOCUME~1\Fanny\APPLIC~1\THUNKL~1\Mailbuild.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: EPSON SMART PANEL for Scanner.lnk = C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\espmain.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.vm-wl.com/DownloadManager/Release/Prod/DownMan.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f002.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\WINDOWS\System32\es32.dll
    O20 - Winlogon Notify: 4f49860517 - C:\WINDOWS\System32\es32.dll (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    0
    1. Utilisateur anonyme
       
      O4 - HKCU\..\Run: [Grey Show] C:\DOCUME~1\Fanny\APPLIC~1\THUNKL~1\Mailbuild.exe
      Tu as une infection LOP

      Elles s'installent par ces programmes :

      * Le sponsor de Messenger Plus!
      * Bittorent
      * BitDownload
      * BitGrabber
      * NetPumper
      * BitRoll
      * TorrentQ
      * Torrent101

      Télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

      * Double-clique dessus pour lancer l'installation
      * Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
      * Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
      * Patiente jusqu'à la fin du scan
      * Poste le rapport généré (C:\lopR.txt)
      0
  3. budwork Messages postés 47 Statut Membre
     
    et voila le prochain rapport en tout cas merci de m'aider

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
    BIOS : Ver 1.00PARTTBL
    USER : Fanny ( Administrator )
    BOOT : Normal boot
    Antivirus : Bitdefender Antivirus 8.0 (Activated)
    Firewall : Bitdefender Firewall 8.0 (Activated)
    C:\ (Local Disk) - NTFS - Total:67 Go (Free:18 Go)
    D:\ (Local Disk) - NTFS - Total:74 Go (Free:74 Go)
    E:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
    F:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 26/08/2009|23:21 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [12/01/2008|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [17/12/2006|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [17/12/2006|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
    [23/08/2009|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [01/02/2008|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
    [27/02/2006|05:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [24/02/2009|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [27/02/2006|05:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [12/07/2009|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
    [12/07/2009|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
    [27/02/2006|05:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [25/08/2009|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
    [04/01/2007|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [26/05/2009|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [10/09/2007|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
    [27/02/2006|04:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [15/05/2006|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [15/06/2006|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [27/02/2006|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [20/06/2009|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [27/02/2006|04:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [27/04/2006|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [17/01/2008|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [27/04/2006|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [15/06/2006|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [23/05/2006|15:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [11/12/2006|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [13/11/2007|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [27/02/2006|13:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [05/10/2007|22:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [27/02/2006|04:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [30/09/2007|13:13] C:\DOCUME~1\Fanny\APPLIC~1\Adobe
    [04/06/2007|20:21] C:\DOCUME~1\Fanny\APPLIC~1\AdobeUM
    [01/06/2007|19:21] C:\DOCUME~1\Fanny\APPLIC~1\Ahead
    [23/08/2009|12:06] C:\DOCUME~1\Fanny\APPLIC~1\Azureus
    [01/02/2008|21:31] C:\DOCUME~1\Fanny\APPLIC~1\BitDefender
    [25/08/2009|18:35] C:\DOCUME~1\Fanny\APPLIC~1\BitTorrent
    [25/12/2006|14:14] C:\DOCUME~1\Fanny\APPLIC~1\CyberLink
    [11/09/2007|16:29] C:\DOCUME~1\Fanny\APPLIC~1\Google
    [26/03/2009|19:29] C:\DOCUME~1\Fanny\APPLIC~1\Graphe Easy
    [29/12/2006|14:54] C:\DOCUME~1\Fanny\APPLIC~1\Help
    [25/12/2006|14:14] C:\DOCUME~1\Fanny\APPLIC~1\HP
    [27/02/2006|13:29] C:\DOCUME~1\Fanny\APPLIC~1\Identities
    [16/06/2009|19:47] C:\DOCUME~1\Fanny\APPLIC~1\LimeWire
    [19/01/2008|14:29] C:\DOCUME~1\Fanny\APPLIC~1\Macromedia
    [21/08/2009|20:57] C:\DOCUME~1\Fanny\APPLIC~1\Microsoft
    [16/06/2009|18:23] C:\DOCUME~1\Fanny\APPLIC~1\Mozilla
    [10/10/2008|19:00] C:\DOCUME~1\Fanny\APPLIC~1\MPMAN
    [14/04/2008|14:43] C:\DOCUME~1\Fanny\APPLIC~1\Real
    [14/01/2008|19:30] C:\DOCUME~1\Fanny\APPLIC~1\Regressi
    [23/04/2008|14:05] C:\DOCUME~1\Fanny\APPLIC~1\Samsung
    [08/04/2009|16:04] C:\DOCUME~1\Fanny\APPLIC~1\skypePM
    [16/02/2007|15:15] C:\DOCUME~1\Fanny\APPLIC~1\Sonic
    [02/03/2007|19:49] C:\DOCUME~1\Fanny\APPLIC~1\Sun
    [09/12/2007|15:29] C:\DOCUME~1\Fanny\APPLIC~1\Talkback
    [18/05/2009|15:44] C:\DOCUME~1\Fanny\APPLIC~1\teamspeak2
    [25/08/2009|18:50] C:\DOCUME~1\Fanny\APPLIC~1\thunk lite city
    [26/07/2009|22:39] C:\DOCUME~1\Fanny\APPLIC~1\U3
    [14/06/2008|17:35] C:\DOCUME~1\Fanny\APPLIC~1\Viewpoint
    [25/08/2009|17:43] C:\DOCUME~1\Fanny\APPLIC~1\vlc
    [17/01/2008|17:18] C:\DOCUME~1\Fanny\APPLIC~1\VMNTOOLBAR
    [01/06/2007|19:20] C:\DOCUME~1\Fanny\APPLIC~1\Winamp
    [03/10/2008|16:08] C:\DOCUME~1\Fanny\APPLIC~1\Yahoo!

    [27/02/2006|04:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [28/12/2007|13:49] C:\DOCUME~1\Lucie\APPLIC~1\Adobe
    [02/06/2007|12:05] C:\DOCUME~1\Lucie\APPLIC~1\AdobeUM
    [02/02/2008|13:55] C:\DOCUME~1\Lucie\APPLIC~1\BitDefender
    [11/09/2007|11:52] C:\DOCUME~1\Lucie\APPLIC~1\CyberLink
    [30/12/2006|20:06] C:\DOCUME~1\Lucie\APPLIC~1\Google
    [29/03/2007|17:09] C:\DOCUME~1\Lucie\APPLIC~1\Help
    [11/09/2007|11:52] C:\DOCUME~1\Lucie\APPLIC~1\HP
    [27/02/2006|13:29] C:\DOCUME~1\Lucie\APPLIC~1\Identities
    [22/08/2008|16:22] C:\DOCUME~1\Lucie\APPLIC~1\InstallShield
    [16/06/2009|14:28] C:\DOCUME~1\Lucie\APPLIC~1\LimeWire
    [30/12/2006|20:26] C:\DOCUME~1\Lucie\APPLIC~1\Macromedia
    [22/04/2009|13:57] C:\DOCUME~1\Lucie\APPLIC~1\Microsoft
    [28/12/2007|13:48] C:\DOCUME~1\Lucie\APPLIC~1\Mozilla
    [17/04/2008|21:24] C:\DOCUME~1\Lucie\APPLIC~1\Real
    [26/03/2009|18:44] C:\DOCUME~1\Lucie\APPLIC~1\Sun
    [28/12/2007|13:49] C:\DOCUME~1\Lucie\APPLIC~1\Talkback
    [24/07/2008|23:40] C:\DOCUME~1\Lucie\APPLIC~1\thunk lite city
    [17/08/2008|00:59] C:\DOCUME~1\Lucie\APPLIC~1\Viewpoint
    [23/08/2009|22:14] C:\DOCUME~1\Lucie\APPLIC~1\vlc
    [16/01/2008|23:31] C:\DOCUME~1\Lucie\APPLIC~1\VMNTOOLBAR
    [27/06/2007|20:46] C:\DOCUME~1\Lucie\APPLIC~1\Winamp
    [03/10/2008|18:55] C:\DOCUME~1\Lucie\APPLIC~1\Yahoo!

    [27/02/2006|04:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [05/10/2007|22:54] C:\DOCUME~1\TEMP\APPLIC~1\Macromedia
    [01/11/2007|19:13] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft
    [01/11/2007|19:13] C:\DOCUME~1\TEMP\APPLIC~1\VMNTOOLBAR

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [26/08/2009 23:00][--ah-----] C:\WINDOWS\tasks\AD5653089185CAB0.job
    [26/08/2009 22:48][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 10:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini

    ( AD5653089185CAB0.job )=( c:\docume~1\fanny\applic~1\thunkl~1\softholeroam.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [27/04/2006|19:58] C:\Program Files\Accessories
    [22/02/2008|18:33] C:\Program Files\Adobe
    [09/07/2007|19:29] C:\Program Files\Adverts
    [16/06/2008|20:03] C:\Program Files\Anuman Interactive
    [18/06/2009|10:41] C:\Program Files\AskBarDis
    [01/02/2008|19:54] C:\Program Files\BitDefender
    [07/07/2009|11:11] C:\Program Files\BitTorrent
    [25/08/2009|18:36] C:\Program Files\Circle Developement
    [19/06/2006|23:40] C:\Program Files\Common Files
    [27/02/2006|04:37] C:\Program Files\CONEXANT
    [23/12/2006|12:47] C:\Program Files\directx
    [03/10/2008|16:06] C:\Program Files\DivX
    [21/08/2009|20:49] C:\Program Files\DNA
    [21/05/2007|20:45] C:\Program Files\eMule
    [20/06/2009|18:10] C:\Program Files\EPSON
    [25/03/2009|10:35] C:\Program Files\EPSON Print CD
    [22/11/2008|18:34] C:\Program Files\Evariste
    [20/06/2009|18:16] C:\Program Files\Fichiers communs
    [20/06/2009|18:09] C:\Program Files\Google
    [27/02/2006|05:15] C:\Program Files\Hewlett-Packard
    [27/02/2006|05:15] C:\Program Files\HP
    [20/06/2009|18:10] C:\Program Files\HPQ
    [12/07/2009|10:52] C:\Program Files\IncrediMail
    [01/06/2007|19:54] C:\Program Files\InfraRecorder
    [03/08/2009|21:23] C:\Program Files\InstallShield Installation Information
    [10/11/2006|22:28] C:\Program Files\InstantTouch
    [27/02/2006|04:38] C:\Program Files\Intel
    [26/08/2009|22:48] C:\Program Files\Internet Explorer
    [25/12/2006|22:05] C:\Program Files\IZArc
    [20/06/2009|18:05] C:\Program Files\Java
    [20/06/2009|18:02] C:\Program Files\Livre Album Fuji Photo
    [28/11/2006|16:06] C:\Program Files\Macromedia
    [24/01/2009|12:40] C:\Program Files\Messenger
    [24/05/2009|20:43] C:\Program Files\Messenger Plus! Live
    [20/06/2009|18:08] C:\Program Files\Micro Application
    [17/01/2008|17:34] C:\Program Files\Microsoft
    [21/05/2007|20:45] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [27/02/2006|13:29] C:\Program Files\microsoft frontpage
    [07/12/2006|20:05] C:\Program Files\Microsoft IntelliPoint
    [14/08/2006|00:07] C:\Program Files\Microsoft Office
    [01/08/2009|07:49] C:\Program Files\Microsoft Silverlight
    [13/11/2007|18:37] C:\Program Files\Microsoft SQL Server Compact Edition
    [17/01/2008|17:37] C:\Program Files\Microsoft Sync Framework
    [14/08/2006|00:07] C:\Program Files\Microsoft Works
    [13/08/2006|23:59] C:\Program Files\Microsoft Works Suite 2005
    [24/01/2009|12:33] C:\Program Files\Movie Maker
    [16/06/2009|19:55] C:\Program Files\Mozilla Firefox
    [22/08/2009|17:47] C:\Program Files\MSBuild
    [02/05/2006|18:26] C:\Program Files\MSN
    [27/02/2006|13:29] C:\Program Files\MSN Gaming Zone
    [16/08/2007|18:47] C:\Program Files\MSXML 4.0
    [24/01/2009|12:29] C:\Program Files\NetMeeting
    [29/12/2006|21:24] C:\Program Files\Neuf
    [27/06/2006|15:24] C:\Program Files\Oberon Media
    [27/02/2006|13:29] C:\Program Files\Online Services
    [17/12/2006|14:55] C:\Program Files\OpenOffice.org 2.0
    [12/08/2009|23:34] C:\Program Files\Outlook Express
    [17/12/2006|15:15] C:\Program Files\PartyGaming.Net
    [27/05/2006|17:12] C:\Program Files\PIXELA
    [27/04/2006|21:07] C:\Program Files\Qualcomm
    [21/08/2009|20:56] C:\Program Files\QuickTime
    [14/04/2008|14:37] C:\Program Files\Real
    [22/08/2009|17:47] C:\Program Files\Reference Assemblies
    [17/12/2006|14:54] C:\Program Files\Samsung
    [24/07/2009|14:57] C:\Program Files\Seagrand
    [27/02/2006|05:13] C:\Program Files\Services en ligne
    [06/10/2006|18:29] C:\Program Files\Softwin
    [20/06/2009|18:15] C:\Program Files\Sonic
    [29/12/2006|14:25] C:\Program Files\Sony Corporation
    [18/05/2009|15:44] C:\Program Files\Teamspeak2_RC2
    [14/08/2009|20:09] C:\Program Files\thunk lite city
    [26/08/2009|23:13] C:\Program Files\Trend Micro
    [17/05/2006|21:17] C:\Program Files\TwinTouch LuxeMate
    [02/08/2009|15:17] C:\Program Files\Ubi Soft
    [06/08/2009|22:58] C:\Program Files\Ubisoft
    [23/12/2006|12:47] C:\Program Files\Ulead Systems
    [28/11/2006|16:51] C:\Program Files\Uninstall Information
    [24/01/2009|12:20] C:\Program Files\V-Gear BEE
    [24/01/2009|12:21] C:\Program Files\V-Gear LiveShow
    [18/08/2009|21:24] C:\Program Files\VideoLAN
    [15/06/2006|20:22] C:\Program Files\Viewpoint
    [17/12/2006|15:15] C:\Program Files\VirginMega
    [08/06/2006|11:11] C:\Program Files\Visicom Media
    [23/08/2009|12:29] C:\Program Files\Vuze
    [02/01/2007|15:06] C:\Program Files\Wanadoo
    [27/04/2006|16:29] C:\Program Files\WIDCOMM
    [22/02/2009|12:39] C:\Program Files\Windows Live
    [30/11/2007|17:35] C:\Program Files\Windows Live Favorites
    [12/07/2009|19:30] C:\Program Files\Windows Live Safety Center
    [17/01/2008|17:33] C:\Program Files\Windows Live SkyDrive
    [17/01/2008|17:37] C:\Program Files\Windows Live Toolbar
    [14/12/2006|09:39] C:\Program Files\Windows Media Connect 2
    [24/01/2009|12:29] C:\Program Files\Windows Media Player
    [24/01/2009|12:28] C:\Program Files\Windows NT
    [27/02/2006|13:29] C:\Program Files\xerox
    [17/01/2008|17:53] C:\Program Files\Yahoo!
    [18/01/2009|12:56] C:\Program Files\Zero G Registry
    [23/12/2006|11:25] C:\Program Files\ZTE Corporation

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [22/02/2008|18:33] C:\Program Files\Fichiers communs\Adobe
    [17/12/2006|14:54] C:\Program Files\Fichiers communs\AOL
    [15/06/2006|20:22] C:\Program Files\Fichiers communs\aolback
    [01/02/2008|19:54] C:\Program Files\Fichiers communs\BitDefender
    [21/03/2009|21:33] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [17/12/2006|15:12] C:\Program Files\Fichiers communs\Designer
    [24/11/2006|22:50] C:\Program Files\Fichiers communs\DirectX
    [27/02/2006|04:50] C:\Program Files\Fichiers communs\HP
    [20/06/2009|18:17] C:\Program Files\Fichiers communs\InstallShield
    [27/02/2006|04:42] C:\Program Files\Fichiers communs\Java
    [27/02/2006|05:16] C:\Program Files\Fichiers communs\LightScribe
    [30/03/2007|20:53] C:\Program Files\Fichiers communs\Micro Application Shared
    [22/02/2009|12:35] C:\Program Files\Fichiers communs\Microsoft Shared
    [27/02/2006|13:29] C:\Program Files\Fichiers communs\MSSoap
    [15/06/2006|20:21] C:\Program Files\Fichiers communs\Nullsoft
    [22/11/2008|18:17] C:\Program Files\Fichiers communs\ODBC
    [22/08/2008|17:28] C:\Program Files\Fichiers communs\Real
    [27/02/2006|13:29] C:\Program Files\Fichiers communs\Services
    [22/08/2008|17:34] C:\Program Files\Fichiers communs\snpstd3
    [06/10/2006|18:30] C:\Program Files\Fichiers communs\Softwin
    [20/06/2009|18:16] C:\Program Files\Fichiers communs\Sonic Shared
    [27/02/2006|13:29] C:\Program Files\Fichiers communs\SpeechEngines
    [25/09/2006|13:22] C:\Program Files\Fichiers communs\SWF Studio
    [27/04/2006|19:32] C:\Program Files\Fichiers communs\Symantec Shared
    [24/01/2009|12:28] C:\Program Files\Fichiers communs\System
    [05/12/2006|13:06] C:\Program Files\Fichiers communs\Totem Shared
    [17/01/2008|17:25] C:\Program Files\Fichiers communs\Windows Live
    [13/11/2007|18:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 58 Processes )

    IEXPLORE.EXE ~ [PID:2044]
    IEXPLORE.EXE ~ [PID:2620]
    iexplore.exe ~ [PID:328]
    iexplore.exe ~ [PID:1092]
    iexplore.exe ~ [PID:660]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\Glue Amen.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\Glue Amen.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\Wait debug.dat
    C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1
    C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1\Mailbuild.exe
    C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1\mspxphqg.exe
    C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1\softholeroam.exe
    C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1\Wait Open That Admin.exe
    C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1\zmxolpgx.exe
    C:\DOCUME~1\Lucie\APPLIC~1\thunkl~1
    C:\Program Files\thunkl~1
    C:\DOCUME~1\Fanny\LOCALS~1\Temp\sta22.exe
    C:\Program Files\Adverts
    C:\Program Files\Circle Developement
    C:\DOCUME~1\Fanny\Cookies\fanny@advertstream[2].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@d2.advertserve[1].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@adserver5[1].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@www.adserver5[1].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@advertising[1].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@ero-advertising[1].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@casinoking-net[1].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@cotedazurpalace[2].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@serve.cotedazurpalace[2].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@www.cotedazurpalace[2].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@adopt.euroclick[1].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@partypoker[2].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@serve.32vegas[2].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@vegas-millions[1].txt
    C:\WINDOWS\Tasks\AD5653089185CAB0.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Grey Show"="C:\\DOCUME~1\\Fanny\\APPLIC~1\\THUNKL~1\\Mailbuild.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
    127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
    127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

    -> 72 [ 70 ## added by CiD ]

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-08-26 23:22:26
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 922

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:87][D:15]-> C:\DOCUME~1\Fanny\LOCALS~1\Temp
    [F:940][D:0]-> C:\DOCUME~1\Fanny\Cookies
    [F:2316][D:36]-> C:\DOCUME~1\Fanny\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 26/08/2009|23:26 - Option : [1]

    --------------------\\ Fin du rapport a 23:26:42
    0
    1. Utilisateur anonyme
       
      double-clique sur le raccourci Lop S&D présent sur ton Bureau
      * Séléctionne la langue souhaitée , puis choisis l'option "Suppression + Hosts"
      * Patiente jusqu'à la fin du scan
      * Poste le rapport généré (C:\lopR.txt)

      après, on va traiter une toolbar infectée
      0
  4. budwork Messages postés 47 Statut Membre
     
    la suite

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
    BIOS : Ver 1.00PARTTBL
    USER : Fanny ( Administrator )
    BOOT : Normal boot
    Antivirus : Bitdefender Antivirus 8.0 (Activated)
    Firewall : Bitdefender Firewall 8.0 (Activated)
    C:\ (Local Disk) - NTFS - Total:67 Go (Free:18 Go)
    D:\ (Local Disk) - NTFS - Total:74 Go (Free:74 Go)
    E:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
    F:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 26/08/2009|23:30 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\Glue Amen.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\Glue Amen.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\Wait debug.dat
    Supprime! - C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1\Mailbuild.exe
    Supprime! - C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1\mspxphqg.exe
    Supprime! - C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1\softholeroam.exe
    Supprime! - C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1\Wait Open That Admin.exe
    Supprime! - C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1\zmxolpgx.exe
    Supprime! - C:\DOCUME~1\Fanny\LOCALS~1\Temp\sta22.exe
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@advertstream[2].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@d2.advertserve[1].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@adserver5[1].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@www.adserver5[1].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@advertising[1].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@ero-advertising[1].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@casinoking-net[1].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@banner.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@serve.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@www.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@adopt.euroclick[1].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@partypoker[2].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@serve.32vegas[2].txt
    Supprime! - C:\DOCUME~1\Fanny\Cookies\fanny@vegas-millions[1].txt
    Supprime! - C:\WINDOWS\Tasks\AD5653089185CAB0.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
    Supprime! - C:\DOCUME~1\Fanny\APPLIC~1\thunkl~1
    Supprime! - C:\DOCUME~1\Lucie\APPLIC~1\thunkl~1
    Supprime! - C:\Program Files\thunkl~1
    Supprime! - C:\Program Files\Adverts
    Supprime! - C:\Program Files\Circle Developement
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\Program Files\Viewpoint
    Supprime! - C:\DOCUME~1\Fanny\APPLIC~1\Viewpoint
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [12/01/2008|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [17/12/2006|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [17/12/2006|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
    [23/08/2009|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [01/02/2008|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
    [27/02/2006|05:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [24/02/2009|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [27/02/2006|05:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [12/07/2009|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
    [12/07/2009|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
    [27/02/2006|05:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [04/01/2007|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [26/05/2009|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [10/09/2007|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
    [27/02/2006|04:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [15/05/2006|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [15/06/2006|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [27/02/2006|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [20/06/2009|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [27/02/2006|04:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [27/04/2006|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [17/01/2008|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [27/04/2006|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [23/05/2006|15:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [11/12/2006|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [13/11/2007|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [27/02/2006|13:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [05/10/2007|22:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [27/02/2006|04:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [30/09/2007|13:13] C:\DOCUME~1\Fanny\APPLIC~1\Adobe
    [04/06/2007|20:21] C:\DOCUME~1\Fanny\APPLIC~1\AdobeUM
    [01/06/2007|19:21] C:\DOCUME~1\Fanny\APPLIC~1\Ahead
    [23/08/2009|12:06] C:\DOCUME~1\Fanny\APPLIC~1\Azureus
    [01/02/2008|21:31] C:\DOCUME~1\Fanny\APPLIC~1\BitDefender
    [25/08/2009|18:35] C:\DOCUME~1\Fanny\APPLIC~1\BitTorrent
    [25/12/2006|14:14] C:\DOCUME~1\Fanny\APPLIC~1\CyberLink
    [11/09/2007|16:29] C:\DOCUME~1\Fanny\APPLIC~1\Google
    [26/03/2009|19:29] C:\DOCUME~1\Fanny\APPLIC~1\Graphe Easy
    [29/12/2006|14:54] C:\DOCUME~1\Fanny\APPLIC~1\Help
    [25/12/2006|14:14] C:\DOCUME~1\Fanny\APPLIC~1\HP
    [27/02/2006|13:29] C:\DOCUME~1\Fanny\APPLIC~1\Identities
    [16/06/2009|19:47] C:\DOCUME~1\Fanny\APPLIC~1\LimeWire
    [19/01/2008|14:29] C:\DOCUME~1\Fanny\APPLIC~1\Macromedia
    [21/08/2009|20:57] C:\DOCUME~1\Fanny\APPLIC~1\Microsoft
    [16/06/2009|18:23] C:\DOCUME~1\Fanny\APPLIC~1\Mozilla
    [10/10/2008|19:00] C:\DOCUME~1\Fanny\APPLIC~1\MPMAN
    [14/04/2008|14:43] C:\DOCUME~1\Fanny\APPLIC~1\Real
    [14/01/2008|19:30] C:\DOCUME~1\Fanny\APPLIC~1\Regressi
    [23/04/2008|14:05] C:\DOCUME~1\Fanny\APPLIC~1\Samsung
    [08/04/2009|16:04] C:\DOCUME~1\Fanny\APPLIC~1\skypePM
    [16/02/2007|15:15] C:\DOCUME~1\Fanny\APPLIC~1\Sonic
    [02/03/2007|19:49] C:\DOCUME~1\Fanny\APPLIC~1\Sun
    [09/12/2007|15:29] C:\DOCUME~1\Fanny\APPLIC~1\Talkback
    [18/05/2009|15:44] C:\DOCUME~1\Fanny\APPLIC~1\teamspeak2
    [26/07/2009|22:39] C:\DOCUME~1\Fanny\APPLIC~1\U3
    [25/08/2009|17:43] C:\DOCUME~1\Fanny\APPLIC~1\vlc
    [17/01/2008|17:18] C:\DOCUME~1\Fanny\APPLIC~1\VMNTOOLBAR
    [01/06/2007|19:20] C:\DOCUME~1\Fanny\APPLIC~1\Winamp
    [03/10/2008|16:08] C:\DOCUME~1\Fanny\APPLIC~1\Yahoo!

    [27/02/2006|04:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [28/12/2007|13:49] C:\DOCUME~1\Lucie\APPLIC~1\Adobe
    [02/06/2007|12:05] C:\DOCUME~1\Lucie\APPLIC~1\AdobeUM
    [02/02/2008|13:55] C:\DOCUME~1\Lucie\APPLIC~1\BitDefender
    [11/09/2007|11:52] C:\DOCUME~1\Lucie\APPLIC~1\CyberLink
    [30/12/2006|20:06] C:\DOCUME~1\Lucie\APPLIC~1\Google
    [29/03/2007|17:09] C:\DOCUME~1\Lucie\APPLIC~1\Help
    [11/09/2007|11:52] C:\DOCUME~1\Lucie\APPLIC~1\HP
    [27/02/2006|13:29] C:\DOCUME~1\Lucie\APPLIC~1\Identities
    [22/08/2008|16:22] C:\DOCUME~1\Lucie\APPLIC~1\InstallShield
    [16/06/2009|14:28] C:\DOCUME~1\Lucie\APPLIC~1\LimeWire
    [30/12/2006|20:26] C:\DOCUME~1\Lucie\APPLIC~1\Macromedia
    [22/04/2009|13:57] C:\DOCUME~1\Lucie\APPLIC~1\Microsoft
    [28/12/2007|13:48] C:\DOCUME~1\Lucie\APPLIC~1\Mozilla
    [17/04/2008|21:24] C:\DOCUME~1\Lucie\APPLIC~1\Real
    [26/03/2009|18:44] C:\DOCUME~1\Lucie\APPLIC~1\Sun
    [28/12/2007|13:49] C:\DOCUME~1\Lucie\APPLIC~1\Talkback
    [17/08/2008|00:59] C:\DOCUME~1\Lucie\APPLIC~1\Viewpoint
    [23/08/2009|22:14] C:\DOCUME~1\Lucie\APPLIC~1\vlc
    [16/01/2008|23:31] C:\DOCUME~1\Lucie\APPLIC~1\VMNTOOLBAR
    [27/06/2007|20:46] C:\DOCUME~1\Lucie\APPLIC~1\Winamp
    [03/10/2008|18:55] C:\DOCUME~1\Lucie\APPLIC~1\Yahoo!

    [27/02/2006|04:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [05/10/2007|22:54] C:\DOCUME~1\TEMP\APPLIC~1\Macromedia
    [01/11/2007|19:13] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft
    [01/11/2007|19:13] C:\DOCUME~1\TEMP\APPLIC~1\VMNTOOLBAR

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [26/08/2009 22:48][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 10:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [27/04/2006|19:58] C:\Program Files\Accessories
    [22/02/2008|18:33] C:\Program Files\Adobe
    [16/06/2008|20:03] C:\Program Files\Anuman Interactive
    [18/06/2009|10:41] C:\Program Files\AskBarDis
    [01/02/2008|19:54] C:\Program Files\BitDefender
    [07/07/2009|11:11] C:\Program Files\BitTorrent
    [19/06/2006|23:40] C:\Program Files\Common Files
    [27/02/2006|04:37] C:\Program Files\CONEXANT
    [23/12/2006|12:47] C:\Program Files\directx
    [03/10/2008|16:06] C:\Program Files\DivX
    [21/08/2009|20:49] C:\Program Files\DNA
    [21/05/2007|20:45] C:\Program Files\eMule
    [20/06/2009|18:10] C:\Program Files\EPSON
    [25/03/2009|10:35] C:\Program Files\EPSON Print CD
    [22/11/2008|18:34] C:\Program Files\Evariste
    [20/06/2009|18:16] C:\Program Files\Fichiers communs
    [20/06/2009|18:09] C:\Program Files\Google
    [27/02/2006|05:15] C:\Program Files\Hewlett-Packard
    [27/02/2006|05:15] C:\Program Files\HP
    [20/06/2009|18:10] C:\Program Files\HPQ
    [12/07/2009|10:52] C:\Program Files\IncrediMail
    [01/06/2007|19:54] C:\Program Files\InfraRecorder
    [03/08/2009|21:23] C:\Program Files\InstallShield Installation Information
    [10/11/2006|22:28] C:\Program Files\InstantTouch
    [27/02/2006|04:38] C:\Program Files\Intel
    [26/08/2009|22:48] C:\Program Files\Internet Explorer
    [25/12/2006|22:05] C:\Program Files\IZArc
    [20/06/2009|18:05] C:\Program Files\Java
    [20/06/2009|18:02] C:\Program Files\Livre Album Fuji Photo
    [28/11/2006|16:06] C:\Program Files\Macromedia
    [24/01/2009|12:40] C:\Program Files\Messenger
    [24/05/2009|20:43] C:\Program Files\Messenger Plus! Live
    [20/06/2009|18:08] C:\Program Files\Micro Application
    [17/01/2008|17:34] C:\Program Files\Microsoft
    [21/05/2007|20:45] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [27/02/2006|13:29] C:\Program Files\microsoft frontpage
    [07/12/2006|20:05] C:\Program Files\Microsoft IntelliPoint
    [14/08/2006|00:07] C:\Program Files\Microsoft Office
    [01/08/2009|07:49] C:\Program Files\Microsoft Silverlight
    [13/11/2007|18:37] C:\Program Files\Microsoft SQL Server Compact Edition
    [17/01/2008|17:37] C:\Program Files\Microsoft Sync Framework
    [14/08/2006|00:07] C:\Program Files\Microsoft Works
    [13/08/2006|23:59] C:\Program Files\Microsoft Works Suite 2005
    [24/01/2009|12:33] C:\Program Files\Movie Maker
    [16/06/2009|19:55] C:\Program Files\Mozilla Firefox
    [22/08/2009|17:47] C:\Program Files\MSBuild
    [02/05/2006|18:26] C:\Program Files\MSN
    [27/02/2006|13:29] C:\Program Files\MSN Gaming Zone
    [16/08/2007|18:47] C:\Program Files\MSXML 4.0
    [24/01/2009|12:29] C:\Program Files\NetMeeting
    [29/12/2006|21:24] C:\Program Files\Neuf
    [27/06/2006|15:24] C:\Program Files\Oberon Media
    [27/02/2006|13:29] C:\Program Files\Online Services
    [17/12/2006|14:55] C:\Program Files\OpenOffice.org 2.0
    [12/08/2009|23:34] C:\Program Files\Outlook Express
    [17/12/2006|15:15] C:\Program Files\PartyGaming.Net
    [27/05/2006|17:12] C:\Program Files\PIXELA
    [27/04/2006|21:07] C:\Program Files\Qualcomm
    [21/08/2009|20:56] C:\Program Files\QuickTime
    [14/04/2008|14:37] C:\Program Files\Real
    [22/08/2009|17:47] C:\Program Files\Reference Assemblies
    [17/12/2006|14:54] C:\Program Files\Samsung
    [24/07/2009|14:57] C:\Program Files\Seagrand
    [27/02/2006|05:13] C:\Program Files\Services en ligne
    [06/10/2006|18:29] C:\Program Files\Softwin
    [20/06/2009|18:15] C:\Program Files\Sonic
    [29/12/2006|14:25] C:\Program Files\Sony Corporation
    [18/05/2009|15:44] C:\Program Files\Teamspeak2_RC2
    [26/08/2009|23:13] C:\Program Files\Trend Micro
    [17/05/2006|21:17] C:\Program Files\TwinTouch LuxeMate
    [02/08/2009|15:17] C:\Program Files\Ubi Soft
    [06/08/2009|22:58] C:\Program Files\Ubisoft
    [23/12/2006|12:47] C:\Program Files\Ulead Systems
    [28/11/2006|16:51] C:\Program Files\Uninstall Information
    [24/01/2009|12:20] C:\Program Files\V-Gear BEE
    [24/01/2009|12:21] C:\Program Files\V-Gear LiveShow
    [18/08/2009|21:24] C:\Program Files\VideoLAN
    [17/12/2006|15:15] C:\Program Files\VirginMega
    [08/06/2006|11:11] C:\Program Files\Visicom Media
    [23/08/2009|12:29] C:\Program Files\Vuze
    [02/01/2007|15:06] C:\Program Files\Wanadoo
    [27/04/2006|16:29] C:\Program Files\WIDCOMM
    [22/02/2009|12:39] C:\Program Files\Windows Live
    [30/11/2007|17:35] C:\Program Files\Windows Live Favorites
    [12/07/2009|19:30] C:\Program Files\Windows Live Safety Center
    [17/01/2008|17:33] C:\Program Files\Windows Live SkyDrive
    [17/01/2008|17:37] C:\Program Files\Windows Live Toolbar
    [14/12/2006|09:39] C:\Program Files\Windows Media Connect 2
    [24/01/2009|12:29] C:\Program Files\Windows Media Player
    [24/01/2009|12:28] C:\Program Files\Windows NT
    [27/02/2006|13:29] C:\Program Files\xerox
    [17/01/2008|17:53] C:\Program Files\Yahoo!
    [18/01/2009|12:56] C:\Program Files\Zero G Registry
    [23/12/2006|11:25] C:\Program Files\ZTE Corporation

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [22/02/2008|18:33] C:\Program Files\Fichiers communs\Adobe
    [17/12/2006|14:54] C:\Program Files\Fichiers communs\AOL
    [15/06/2006|20:22] C:\Program Files\Fichiers communs\aolback
    [01/02/2008|19:54] C:\Program Files\Fichiers communs\BitDefender
    [21/03/2009|21:33] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [17/12/2006|15:12] C:\Program Files\Fichiers communs\Designer
    [24/11/2006|22:50] C:\Program Files\Fichiers communs\DirectX
    [27/02/2006|04:50] C:\Program Files\Fichiers communs\HP
    [20/06/2009|18:17] C:\Program Files\Fichiers communs\InstallShield
    [27/02/2006|04:42] C:\Program Files\Fichiers communs\Java
    [27/02/2006|05:16] C:\Program Files\Fichiers communs\LightScribe
    [30/03/2007|20:53] C:\Program Files\Fichiers communs\Micro Application Shared
    [22/02/2009|12:35] C:\Program Files\Fichiers communs\Microsoft Shared
    [27/02/2006|13:29] C:\Program Files\Fichiers communs\MSSoap
    [15/06/2006|20:21] C:\Program Files\Fichiers communs\Nullsoft
    [22/11/2008|18:17] C:\Program Files\Fichiers communs\ODBC
    [22/08/2008|17:28] C:\Program Files\Fichiers communs\Real
    [27/02/2006|13:29] C:\Program Files\Fichiers communs\Services
    [22/08/2008|17:34] C:\Program Files\Fichiers communs\snpstd3
    [06/10/2006|18:30] C:\Program Files\Fichiers communs\Softwin
    [20/06/2009|18:16] C:\Program Files\Fichiers communs\Sonic Shared
    [27/02/2006|13:29] C:\Program Files\Fichiers communs\SpeechEngines
    [25/09/2006|13:22] C:\Program Files\Fichiers communs\SWF Studio
    [27/04/2006|19:32] C:\Program Files\Fichiers communs\Symantec Shared
    [24/01/2009|12:28] C:\Program Files\Fichiers communs\System
    [05/12/2006|13:06] C:\Program Files\Fichiers communs\Totem Shared
    [17/01/2008|17:25] C:\Program Files\Fichiers communs\Windows Live
    [13/11/2007|18:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 53 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-08-26 23:31:56
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 922

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:75][D:15]-> C:\DOCUME~1\Fanny\LOCALS~1\Temp
    [F:925][D:0]-> C:\DOCUME~1\Fanny\Cookies
    [F:2353][D:36]-> C:\DOCUME~1\Fanny\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 26/08/2009|23:26 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 26/08/2009|23:34 - Option : [2]

    --------------------\\ Fin du rapport a 23:34:40
    0
    1. Utilisateur anonyme
       
      bien
      Les toolbars, c'est pas obligatoire
      Je vais te donner ceci en passant, c'est à lire
      https://forum.malekal.com/viewtopic.php?f=45&t=6173

      tu as ask toolbar, néfaste


      Télécharge Toolbar-S&D (Eric_71, Angeldark, Sham_Rock et XmichouX) sur ton Bureau.
      https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

      !! Déconnecte toi et fermes toute tes applications en cours le temps de la manipe !! désactive ton antivirus.

      * Lance l'installation du programme en exécutant le fichier téléchargé.
      * Double-clique sur le raccourci de Toolbar-S&D.
      * Sélectionne la langue souhaitée en tapant la lettre de ton choix puis valide avec la touche "Entrée".
      * Choisis l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
      * Poste le rapport généré. (C:\TB.txt)
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. budwork Messages postés 47 Statut Membre
     
    as tu recu le dernier rapport des toolbar je l'ai envoye mais il ne s'affiche pas sur le net et quand je veux le remettre il me dit message deja envoye
    0
    1. Utilisateur anonyme
       
      non, je n'ai rien reçu
      héberge le sur ci-joint.com et donne le lien
      0
  7. budwork Messages postés 47 Statut Membre
     
    0
    1. Utilisateur anonyme
       
      tu as 2 toolbars néfastes, dont aussi la VMNT qui est mauvaise, c'est une toolbar espion
      fait attention quand tu installes des logiciels gratuits ou tu les mets à jour, te précipites pas et lit bien tout ce qu'on te propose, décoche les cases concernant les toolbar car ils nous piègent avec leurs toolbars espion


      Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
      *** Ne ferme pas la fenêtre lors de la suppression ***
      Un rapport sera créé, poste son contenu ici.


      Après tu me posteras un nouveau rapport Hijackthis pour voir l'évolution de la désinfection
      Ce n'est pas finit, on continuera demain, car il est tard

      Plus de fenètres CID ?
      0
  8. budwork Messages postés 47 Statut Membre
     
    je reffais comment avant parcequ'il ne ma de nouveau pas copier le rapport donc voici le lient

    https://www.cjoint.com/?iBaocLvXUN

    ok la je lance encore un rapport hijackthis et je te le post et apres au dodo merci pour deja pour ce coup de main je ne serai que la demain soir vers 19h00 toi tu seras la ?
    0
  9. budwork Messages postés 47 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:16:28, on 27/08/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\WINDOWS\tsnpstd3.exe
    C:\WINDOWS\vsnpstd3.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
    C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\espmain.exe
    C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [Video64] C:\WINDOWS\system32\ConRoot\csrss.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\TWINTO~1\MouseElf.EXE
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
    O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: EPSON SMART PANEL for Scanner.lnk = C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\espmain.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.vm-wl.com/DownloadManager/Release/Prod/DownMan.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f002.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\WINDOWS\System32\es32.dll
    O20 - Winlogon Notify: 4f49860517 - C:\WINDOWS\System32\es32.dll (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    0
    1. Utilisateur anonyme
       
      bonjour,
      O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\WINDOWS\System32\es32.dll
      O20 - Winlogon Notify: 4f49860517 - C:\WINDOWS\System32\es32.dll (file missing)

      elles me paraissent suspectes, il y a un orphelin

      Télécharge malwarebytes' anti-malware
      https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
      Enregistre le sur le bureau
      Double-clique sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation
      Si la pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
      Il va se mettre à jour une fois faite
      Va dans l'onglet recherche
      Sélectionne exécuter un examen complet
      Clique sur rechercher
      Le scan démarre
      A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.
      Clique sur afficher les résultats pour afficher les objets trouvés
      Clique sur OK pour pousuivre
      Si des malwares ont été détectés, cliquer sur afficher les résultats
      Sélectionne tout (ou laisser coché)
      Clique sur supprimer la sélection
      Malwarebytes va détruire les fichiers et les clés de registre et en mettre une
      copie dans la quarantaine
      Malewarebytes va ouvrir le bloc-note et y copier le rapport
      Redémarre le PC
      Une fois redémarré, double-clique sur Malewarebytes
      Va dans l'onglet rapport/log
      Clique dessus pour l'afficher une fois affiché, cliquer sur édition en haut du
      bloc-note puis sur sélectionner tout
      Revient sur édition, puis sur copier et revient sur le forum et dans ta réponse
      Clic droit dans le cadre de la réponse et coller
      0
  10. Utilisateur anonyme
     
    budwork, je suis là, tu peux faire le post 14
    0
  11. budwork Messages postés 47 Statut Membre
     
    c entrain ca fait 1h10 qu'il tourne je paniquais deja de ne plus te retrouver

    Merci
    0
  12. kduc Messages postés 1537 Statut Membre 133
     
    Salut à vous deux

    De passage ...

    Penser à virer les restes de Norton/Symantec :

    [27/04/2006|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [27/04/2006|19:32] C:\Program Files\Fichiers communs\Symantec Shared
    0
    1. Utilisateur anonyme
       
      salut kduc
      chaque chose en son temps
      0
  13. budwork Messages postés 47 Statut Membre
     
    ca peut durer longtemps il tourne encore ?
    0
    1. Utilisateur anonyme
       
      cela dépend, si tu as plusieurs disques durs à scanner, et du nombre de fichiers et dossiers
      0
  14. budwork Messages postés 47 Statut Membre
     
    ok on va attendre alors
    0
  15. budwork Messages postés 47 Statut Membre
     
    et voila le rapport

    Malwarebytes' Anti-Malware 1.40
    Version de la base de données: 2710
    Windows 5.1.2600 Service Pack 3

    28/08/2009 23:17:45
    mbam-log-2009-08-28 (23-17-45).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|)
    Eléments examinés: 258860
    Temps écoulé: 2 hour(s), 18 minute(s), 11 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 4

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\8.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\F.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
    C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
    0
    1. Utilisateur anonyme
       
      vide la quarantaine de malwarebytes

      supprime les traces de Symantec
      http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
      0
  16. budwork Messages postés 47 Statut Membre
     
    c ok c fait
    0
    1. Utilisateur anonyme
       
      tu n'as plus de fenetres CID ?
      0
  17. budwork Messages postés 47 Statut Membre
     
    non il n'y a plus de fenetre qui s'ouvre
    0
    1. Utilisateur anonyme
       
      Télécharges http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe ( de Cyrildu17 / C_XX ) sur ton bureau :
      Désactiver l'anti-virus

      /!\ Déconnecte toi et fermes toutes applications en cours

      Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files ), puis lance AD Remover
      Au menu principal choisi l'option L
      Postes le rapport qui apparait à la fin .

      ( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

      (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

      Note :

      "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
      Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
      Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall
      0
  18. budwork Messages postés 47 Statut Membre
     
    je suis sur un autre ordi un mac (ou j'ai dailleur moin de probleme ) je scan est en cour mais je voulais savoir commetn supprimer tous les logiels qu'on a telecharger et d'on l'icone est sur le bureau ou je dois les laisser une fois qu'on aura finit ?
    0
    1. Utilisateur anonyme
       
      je ne connais pas les MACS
      On continuera demain, car je tombe de fatigue
      0
  19. budwork Messages postés 47 Statut Membre
     
    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.5_Q | UNIQUEMENT XP/VISTA/SEVEN =======
    .
    Mit à jour par C_XX le 26/08/2009 à 6:37 PM
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 23:48:00, 28/08/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-remover\
    Système d'exploitation: Microsoft® Windows XP™ v5.1.2600
    Nom du PC: YOUR-F14AC45099 | Utilisateur actuel: Fanny
    .
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    .
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCR\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKCR\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    .
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest.dev
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf.bak
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome\ajtoolbar.jar
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.gif
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.src
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat.bak
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\contents.rdf
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\snipit.js
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\manifest.mf
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.rsa
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.sf
    C:\DOCUME~1\Fanny\APPLIC~1\Mozilla\Firefox\Profiles\9vd6vnt2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    C:\DOCUME~1\Fanny\Cookies\fanny@search.conduit[2].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@search.conduit[3].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@sweetim[2].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@www.sweetim[2].txt
    C:\DOCUME~1\Fanny\Cookies\fanny@www.sweetim[3].txt
    C:\Documents and Settings\Lucie\Cookies\lucie@kiwee[2].txt
    C:\Documents and Settings\Lucie\Cookies\lucie@partypoker[2].txt
    C:\Documents and Settings\Lucie\Cookies\lucie@sweetim[1].txt
    C:\Documents and Settings\Lucie\Cookies\lucie@www.sweetim[2].txt

    (!) -- Fichiers temporaires supprimés.

    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 2.0.0.14 *
    .
    Nom du profil: 9vd6vnt2.default (Fanny)
    .
    (Prefs.js) user_pref("browser.search.defaultenginename", "Google");
    (Prefs.js) user_pref("browser.search.selectedEngine", "Google");
    (Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
    (Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.8.1.16");
    .
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs : res://ieframe.dll/tabswelcome.htm
    .
    .
    ============== Processus Cachés/Bloqués de l'API Windows ==============
    .
    [PID: 980 ] - 'xcommsvr.exe'
    [PID: 1008 ] - 'livesrv.exe'
    [PID: 1348 ] - 'vsserv.exe'
    [PID: 168 ] - 'svchost.exe'
    .
    .
    ============== Suspect (Cracks, Serials ... ) ==============
    .
    C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\Patch.txt
    C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\WoW-2.3.0.7561-to-2.3.2.7741-frFR-patch.exe
    C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\WoW-2.3.0-frFR-patch.exe
    C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\WoW-2.3.2.7741-to-2.3.3.7799-frFR-patch.exe
    .
    .
    ===================================
    .
    6132 Octet(s) - C:\Ad-Report-CLEAN.log
    .
    38 Fichier(s) - C:\DOCUME~1\Fanny\LOCALS~1\Temp
    1253 Fichier(s) - C:\WINDOWS\Temp
    .
    17 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
    17 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
    .
    Fin à: 0:10:53 | 29/08/2009
    .
    ============== E.O.F ==============
    .
    0
    1. Utilisateur anonyme
       
      lit ceci sur le danger des cracks en cliquant sur ce lien:
      https://forum.malekal.com/viewtopic.php?t=893&start=


      C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\Patch.txt
      C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\WoW-2.3.0.7561-to-2.3.2.7741-frFR-patch.exe
      C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\WoW-2.3.0-frFR-patch.exe
      C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\WoW-2.3.2.7741-to-2.3.3.7799-frFR-patch.exe
      cela génére des infections

      a demain
      0
  20. budwork Messages postés 47 Statut Membre
     
    ca roule de nouveau merci passe une bonne nuit
    0
  21. budwork Messages postés 47 Statut Membre
     
    salut je sais pas si tu est la mais que dois je faire ensuite ?
    0
    1. Utilisateur anonyme
       
      bonjour
      C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\Patch.txt
      C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\WoW-2.3.0.7561-to-2.3.2.7741-frFR-patch.exe
      C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\WoW-2.3.0-frFR-patch.exe
      C:\Documents and Settings\Fanny\Mes documents\World Of Warcraft 2\WoW-2.3.2.7741-to-2.3.3.7799-frFR-patch.exe

      supprime tout ceci car c'est pas bon du tout
      0
    2. budwork Messages postés 47 Statut Membre > Utilisateur anonyme
       
      ca roule j'ai supprimer les fichiers y a t'il encore quelque chose faire
      0
    3. Utilisateur anonyme > budwork Messages postés 47 Statut Membre
       
      refait moi un hijackhtis pour voir
      0
    4. budwork Messages postés 47 Statut Membre > Utilisateur anonyme
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 15:26:44, on 30/08/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v8.00 (8.00.6001.18702)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      C:\WINDOWS\System32\PAStiSvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
      C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
      C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
      C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\wbem\wmiapsrv.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\Program Files\HP\QuickPlay\QPService.exe
      C:\Program Files\Microsoft IntelliPoint\point32.exe
      C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe
      C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
      C:\WINDOWS\tsnpstd3.exe
      C:\WINDOWS\vsnpstd3.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
      C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\espmain.exe
      C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE
      C:\Program Files\IncrediMail\bin\IMApp.exe
      C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Windows Live\Toolbar\wltuser.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
      O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
      O4 - HKLM\..\Run: [Video64] C:\WINDOWS\system32\ConRoot\csrss.exe
      O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
      O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\TWINTO~1\MouseElf.EXE
      O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
      O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
      O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852"
      O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
      O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
      O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
      O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe
      O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
      O4 - Global Startup: BTTray.lnk = ?
      O4 - Global Startup: EPSON SMART PANEL for Scanner.lnk = C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\espmain.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
      O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
      O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
      O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
      O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
      O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
      O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
      O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
      O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.vm-wl.com/DownloadManager/Release/Prod/DownMan.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
      O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f002.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\WINDOWS\System32\es32.dll
      O20 - Winlogon Notify: 4f49860517 - C:\WINDOWS\System32\es32.dll (file missing)
      O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
      O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
      O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
      0
    5. budwork Messages postés 47 Statut Membre > Utilisateur anonyme
       
      alors quoi ca donne avec le rapport ?
      0
  • 1
  • 2