Cid publicitaire

TYBOY Messages postés 16 Statut Membre -  
 gen-hackman -
Bonjour,
je suis envahie de pub cid publicitaire et j aimerais m'en débarasser.

merci
Configuration: Windows Vista Internet Explorer 7.0

18 réponses

  1. gen-hackman
     
    salut :

    ▶ télécharge LOP S&D sur ton Bureau.

    ▶ Double-clique dessus pour lancer l'installation
    ▶ Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
    ▶ Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
    ▶ Patiente jusqu'à la fin du scan

    ▶ Poste le rapport généré (C:\lopR.txt)
    0
  2. TYBOY Messages postés 16 Statut Membre
     
    ------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz )
    BIOS : Ver 1.00PARTTBL
    USER : fuselier ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:141 Go (Free:100 Go)
    D:\ (Local Disk) - NTFS - Total:7 Go (Free:2 Go)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 07/11/2009|19:01 )

    [ UAC => 1 ]

    --------------------\\ Listing des dossiers dans Local

    [19/12/2007|12:03] C:\Users\fuselier\AppData\Local\Adobe
    [26/01/2008|16:14] C:\Users\fuselier\AppData\Local\Apple
    [18/08/2008|08:45] C:\Users\fuselier\AppData\Local\Apple Computer
    [12/12/2007|20:47] C:\Users\fuselier\AppData\Local\Application Data
    [05/02/2008|11:28] C:\Users\fuselier\AppData\Local\Apps
    [12/12/2007|20:59] C:\Users\fuselier\AppData\Local\AtStart.txt
    [13/12/2007|23:17] C:\Users\fuselier\AppData\Local\capcom
    [12/01/2009|18:16] C:\Users\fuselier\AppData\Local\cmzmilfd.bat
    [04/11/2009|16:26] C:\Users\fuselier\AppData\Local\d3d9caps.dat
    [24/08/2009|14:50] C:\Users\fuselier\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [05/02/2008|11:29] C:\Users\fuselier\AppData\Local\Deployment
    [22/04/2009|23:30] C:\Users\fuselier\AppData\Local\Downloaded Installations
    [12/12/2007|20:59] C:\Users\fuselier\AppData\Local\DSwitch.txt
    [17/09/2008|08:11] C:\Users\fuselier\AppData\Local\FnF4.txt
    [13/02/2009|16:23] C:\Users\fuselier\AppData\Local\GDIPFONTCACHEV1.DAT
    [04/10/2008|08:47] C:\Users\fuselier\AppData\Local\Glowria
    [07/11/2009|09:25] C:\Users\fuselier\AppData\Local\Google
    [12/12/2007|20:47] C:\Users\fuselier\AppData\Local\Historique
    [16/12/2007|02:02] C:\Users\fuselier\AppData\Local\HP
    [06/11/2009|14:30] C:\Users\fuselier\AppData\Local\IconCache.db
    [17/12/2007|20:10] C:\Users\fuselier\AppData\Local\IsolatedStorage
    [17/01/2009|14:35] C:\Users\fuselier\AppData\Local\Microsoft
    [04/02/2008|23:15] C:\Users\fuselier\AppData\Local\Microsoft Games
    [20/12/2007|21:05] C:\Users\fuselier\AppData\Local\Microsoft Help
    [28/02/2008|18:19] C:\Users\fuselier\AppData\Local\MigWiz
    [06/04/2009|10:37] C:\Users\fuselier\AppData\Local\Mozilla
    [06/01/2009|19:04] C:\Users\fuselier\AppData\Local\Orange
    [22/04/2009|23:32] C:\Users\fuselier\AppData\Local\procaster
    [12/12/2007|20:59] C:\Users\fuselier\AppData\Local\QSwitch.txt
    [12/12/2007|18:59] C:\Users\fuselier\AppData\Local\QuickPlay
    [13/12/2007|21:26] C:\Users\fuselier\AppData\Local\Steam
    [15/12/2008|18:29] C:\Users\fuselier\AppData\Local\Symantec
    [07/11/2009|19:01] C:\Users\fuselier\AppData\Local\Temp
    [12/12/2007|20:47] C:\Users\fuselier\AppData\Local\Temporary Internet Files
    [16/12/2007|02:03] C:\Users\fuselier\AppData\Local\VirtualStore
    [07/01/2008|14:27] C:\Users\fuselier\AppData\Local\Windows Live Writer
    [30/05/2009|12:05] C:\Users\fuselier\AppData\Local\X-Plane Installer.prf
    [28/05/2009|19:32] C:\Users\fuselier\AppData\Local\x-plane_install.txt

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [07/11/2009 13:20][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [06/11/2009 14:42][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [26/10/2009 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - fuselier.job
    [07/11/2009 18:53][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{AB027A15-3301-4FB0-AACB-CAAA37702805}.job
    [06/11/2009 14:33][--ah-----] C:\Windows\tasks\SA.DAT
    [06/11/2009 14:31][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [26/11/2008|22:24] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [25/06/2007|21:53] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
    [03/06/2009|18:02] C:\ProgramData\Adobe
    [26/01/2008|16:13] C:\ProgramData\Apple
    [26/11/2008|22:23] C:\ProgramData\Apple Computer
    [12/12/2007|20:44] C:\ProgramData\Application Data
    [02/11/2009|10:02] C:\ProgramData\Avira
    [12/12/2007|20:44] C:\ProgramData\Bureau
    [14/04/2009|08:58] C:\ProgramData\CyberLink
    [12/12/2007|20:44] C:\ProgramData\Documents
    [25/04/2009|12:34] C:\ProgramData\Electronic Arts
    [14/03/2009|18:53] C:\ProgramData\EPSON
    [12/12/2007|20:44] C:\ProgramData\Favoris
    [06/11/2009|09:53] C:\ProgramData\Google
    [25/06/2007|22:27] C:\ProgramData\Hewlett-Packard
    [12/12/2007|18:26] C:\ProgramData\HP
    [25/06/2007|22:03] C:\ProgramData\hpzinstall.log
    [18/03/2008|15:43] C:\ProgramData\LogiShrd
    [18/03/2008|15:39] C:\ProgramData\Logitech
    [02/11/2009|11:06] C:\ProgramData\Malwarebytes
    [31/08/2008|13:02] C:\ProgramData\Media Center Programs
    [12/12/2007|20:44] C:\ProgramData\Menu D‚marrer
    [07/01/2008|11:12] C:\ProgramData\MGS
    [11/04/2009|16:36] C:\ProgramData\Microsoft
    [20/12/2007|22:37] C:\ProgramData\Microsoft Help
    [12/12/2007|20:44] C:\ProgramData\ModŠles
    [02/11/2009|14:03] C:\ProgramData\mp3 free delete.iogmyet
    [02/11/2009|09:29] C:\ProgramData\Norton
    [10/12/2008|12:40] C:\ProgramData\NortonInstaller
    [03/11/2009|21:43] C:\ProgramData\NVIDIA
    [07/11/2009|18:49] C:\ProgramData\nvModes.001
    [07/11/2009|18:49] C:\ProgramData\nvModes.dat
    [10/12/2008|12:40] C:\ProgramData\PCSettings
    [05/11/2009|11:15] C:\ProgramData\Peak Upload Second
    [25/06/2007|21:35] C:\ProgramData\Roxio
    [12/05/2008|08:17] C:\ProgramData\Skype
    [19/02/2008|15:53] C:\ProgramData\Sonic
    [26/02/2009|15:01] C:\ProgramData\SPL182C.tmp
    [03/11/2008|09:59] C:\ProgramData\SPL1A05.tmp
    [28/03/2008|19:38] C:\ProgramData\SPL1C9.tmp
    [28/01/2009|08:34] C:\ProgramData\SPL1D04.tmp
    [14/09/2008|16:09] C:\ProgramData\SPL1E85.tmp
    [27/09/2008|14:30] C:\ProgramData\SPL2010.tmp
    [28/09/2008|16:01] C:\ProgramData\SPL2590.tmp
    [18/04/2008|21:12] C:\ProgramData\SPL283A.tmp
    [25/11/2008|21:16] C:\ProgramData\SPL28D2.tmp
    [04/11/2008|19:06] C:\ProgramData\SPL2B31.tmp
    [27/12/2007|17:04] C:\ProgramData\SPL2DAA.tmp
    [04/11/2008|19:11] C:\ProgramData\SPL37E0.tmp
    [11/09/2008|18:49] C:\ProgramData\SPL4374.tmp
    [03/02/2009|11:28] C:\ProgramData\SPL456E.tmp
    [02/05/2008|13:06] C:\ProgramData\SPL4FF8.tmp
    [11/04/2008|13:21] C:\ProgramData\SPL5205.tmp
    [03/03/2009|19:45] C:\ProgramData\SPL5407.tmp
    [24/11/2008|20:58] C:\ProgramData\SPL5427.tmp
    [15/10/2008|13:11] C:\ProgramData\SPL574D.tmp
    [22/01/2009|13:49] C:\ProgramData\SPL5C17.tmp
    [24/11/2008|09:25] C:\ProgramData\SPL5F0C.tmp
    [27/04/2008|19:08] C:\ProgramData\SPL5F2F.tmp
    [22/01/2009|12:45] C:\ProgramData\SPL649B.tmp
    [11/04/2008|13:07] C:\ProgramData\SPL67CA.tmp
    [27/12/2007|17:11] C:\ProgramData\SPL67DE.tmp
    [30/04/2008|13:49] C:\ProgramData\SPL707F.tmp
    [26/11/2008|14:34] C:\ProgramData\SPL74CD.tmp
    [19/11/2008|06:19] C:\ProgramData\SPL74E0.tmp
    [30/04/2008|13:54] C:\ProgramData\SPL781F.tmp
    [22/01/2009|12:37] C:\ProgramData\SPL79C3.tmp
    [28/01/2009|08:31] C:\ProgramData\SPL7D3C.tmp
    [28/03/2008|19:30] C:\ProgramData\SPL7FEC.tmp
    [23/10/2008|14:08] C:\ProgramData\SPL8E4B.tmp
    [27/09/2008|14:51] C:\ProgramData\SPL954C.tmp
    [03/11/2008|09:57] C:\ProgramData\SPL9A0B.tmp
    [31/01/2009|18:54] C:\ProgramData\SPL9AC4.tmp
    [22/01/2009|12:30] C:\ProgramData\SPLADAE.tmp
    [11/04/2008|13:19] C:\ProgramData\SPLAE09.tmp
    [02/05/2008|12:17] C:\ProgramData\SPLB705.tmp
    [27/04/2008|19:00] C:\ProgramData\SPLB76A.tmp
    [18/04/2008|21:08] C:\ProgramData\SPLB846.tmp
    [26/02/2009|22:20] C:\ProgramData\SPLB940.tmp
    [04/03/2009|12:09] C:\ProgramData\SPLBBEA.tmp
    [08/06/2008|12:26] C:\ProgramData\SPLBF01.tmp
    [11/06/2008|20:12] C:\ProgramData\SPLC4BB.tmp
    [28/04/2008|16:58] C:\ProgramData\SPLC7BC.tmp
    [03/03/2009|19:54] C:\ProgramData\SPLC9B5.tmp
    [28/09/2008|16:00] C:\ProgramData\SPLD1B6.tmp
    [13/09/2008|16:26] C:\ProgramData\SPLD767.tmp
    [05/11/2008|20:22] C:\ProgramData\SPLD987.tmp
    [27/09/2008|14:28] C:\ProgramData\SPLD99E.tmp
    [18/11/2008|19:01] C:\ProgramData\SPLDA3A.tmp
    [27/09/2008|14:53] C:\ProgramData\SPLE7BF.tmp
    [18/11/2008|18:58] C:\ProgramData\SPLED3B.tmp
    [31/01/2009|18:51] C:\ProgramData\SPLF014.tmp
    [15/10/2008|13:08] C:\ProgramData\SPLFDD6.tmp
    [10/12/2008|12:49] C:\ProgramData\Symantec
    [10/12/2008|12:31] C:\ProgramData\Symantec Temporary Files
    [02/11/2009|09:42] C:\ProgramData\TEMP
    [02/11/2009|14:03] C:\ProgramData\Time Dead Warn Default
    [09/07/2009|22:06] C:\ProgramData\Type Hole Hole.5yued
    [02/11/2009|14:02] C:\ProgramData\Type Hole Hole.64ms1x
    [02/11/2009|14:02] C:\ProgramData\Type Hole Hole.kz11b6
    [14/03/2009|19:02] C:\ProgramData\UDL
    [12/08/2008|09:31] C:\ProgramData\WLInstaller

    --------------------\\ Listing des dossiers dans C:\Program Files

    [25/06/2007|21:53] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [03/06/2009|18:02] C:\Program Files\Adobe
    [22/01/2008|15:47] C:\Program Files\AOL Pictures
    [17/08/2008|09:52] C:\Program Files\Apple Software Update
    [02/11/2009|10:02] C:\Program Files\Avira
    [14/01/2009|21:59] C:\Program Files\Bonjour
    [15/12/2007|17:11] C:\Program Files\BoontyGames
    [02/11/2009|14:00] C:\Program Files\CCleaner
    [02/11/2009|09:44] C:\Program Files\Common Files
    [25/06/2007|22:05] C:\Program Files\EasyBits
    [17/06/2009|23:12] C:\Program Files\Electronic Arts
    [14/03/2009|19:00] C:\Program Files\epson
    [12/12/2007|20:44] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [06/11/2009|14:30] C:\Program Files\Google
    [09/10/2008|20:37] C:\Program Files\Hewlett-Packard
    [27/08/2008|16:18] C:\Program Files\HP
    [25/06/2007|22:11] C:\Program Files\HPQ
    [17/06/2009|23:12] C:\Program Files\InstallShield Installation Information
    [25/06/2007|21:16] C:\Program Files\Intel
    [03/11/2009|21:00] C:\Program Files\Internet Explorer
    [26/11/2008|22:24] C:\Program Files\iPod
    [26/11/2008|22:24] C:\Program Files\iTunes
    [26/03/2009|13:36] C:\Program Files\Java
    [13/02/2009|16:13] C:\Program Files\JRE
    [18/03/2008|15:39] C:\Program Files\Logitech
    [10/03/2009|17:04] C:\Program Files\Lx_cats
    [02/11/2009|11:06] C:\Program Files\Malwarebytes' Anti-Malware
    [14/03/2009|18:11] C:\Program Files\MFP Server
    [11/04/2009|16:31] C:\Program Files\Microsoft
    [15/12/2007|09:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [20/12/2007|23:23] C:\Program Files\Microsoft FrontPage
    [02/11/2006|13:37] C:\Program Files\Microsoft Games
    [28/12/2007|16:54] C:\Program Files\Microsoft Hardware
    [11/09/2009|12:45] C:\Program Files\Microsoft Silverlight
    [14/12/2007|16:52] C:\Program Files\Microsoft SQL Server Compact Edition
    [11/04/2009|16:36] C:\Program Files\Microsoft Sync Framework
    [06/12/2008|19:39] C:\Program Files\Microsoft Works
    [25/06/2007|20:55] C:\Program Files\Motorola
    [03/11/2009|21:00] C:\Program Files\Movie Maker
    [04/11/2009|15:14] C:\Program Files\Mozilla Firefox
    [02/11/2006|13:37] C:\Program Files\MSBuild
    [12/12/2007|21:33] C:\Program Files\MSXML 4.0
    [16/07/2008|13:24] C:\Program Files\Neuf
    [02/11/2009|09:34] C:\Program Files\Norton Internet Security
    [13/02/2009|16:13] C:\Program Files\OpenOffice.org 3
    [22/04/2009|23:02] C:\Program Files\Procaster
    [26/11/2008|22:22] C:\Program Files\QuickTime
    [25/06/2007|22:09] C:\Program Files\Realtek
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [25/06/2007|21:36] C:\Program Files\Roxio
    [25/06/2007|22:06] C:\Program Files\Services en ligne
    [12/05/2008|08:17] C:\Program Files\Skype
    [31/12/2007|16:12] C:\Program Files\Sony
    [20/12/2007|21:49] C:\Program Files\SP38015
    [25/06/2007|21:01] C:\Program Files\Synaptics
    [02/11/2006|14:01] C:\Program Files\Uninstall Information
    [03/11/2009|21:00] C:\Program Files\Windows Calendar
    [03/11/2009|21:00] C:\Program Files\Windows Collaboration
    [03/11/2009|21:00] C:\Program Files\Windows Defender
    [03/11/2009|21:00] C:\Program Files\Windows Journal
    [11/04/2009|16:37] C:\Program Files\Windows Live
    [14/12/2007|16:54] C:\Program Files\Windows Live Favorites
    [11/04/2009|16:31] C:\Program Files\Windows Live SkyDrive
    [11/04/2009|16:37] C:\Program Files\Windows Live Toolbar
    [03/11/2009|21:00] C:\Program Files\Windows Mail
    [03/11/2009|21:00] C:\Program Files\Windows Media Player
    [12/12/2007|20:44] C:\Program Files\Windows NT
    [03/11/2009|21:00] C:\Program Files\Windows Photo Gallery
    [03/11/2009|21:00] C:\Program Files\Windows Sidebar
    [04/01/2008|23:51] C:\Program Files\WMV9_VCM
    [07/01/2009|19:29] C:\Program Files\Yahoo!
    [10/12/2008|18:45] C:\Program Files\YesMessenger

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [03/06/2009|18:02] C:\Program Files\Common Files\Adobe
    [26/11/2008|22:24] C:\Program Files\Common Files\Apple
    [25/06/2007|22:03] C:\Program Files\Common Files\HP
    [14/03/2009|18:24] C:\Program Files\Common Files\InstallShield
    [25/06/2007|22:26] C:\Program Files\Common Files\Java
    [25/06/2007|22:11] C:\Program Files\Common Files\LightScribe
    [18/03/2008|15:39] C:\Program Files\Common Files\Logishrd
    [07/03/2009|14:57] C:\Program Files\Common Files\Logitech
    [06/03/2009|10:36] C:\Program Files\Common Files\microsoft shared
    [25/06/2007|21:35] C:\Program Files\Common Files\Roxio Shared
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [25/06/2007|21:34] C:\Program Files\Common Files\Sonic Shared
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [13/10/2008|19:02] C:\Program Files\Common Files\Steam
    [25/06/2007|21:36] C:\Program Files\Common Files\SureThing Shared
    [02/11/2009|09:28] C:\Program Files\Common Files\Symantec Shared
    [03/11/2009|21:00] C:\Program Files\Common Files\System
    [11/04/2009|16:21] C:\Program Files\Common Files\Windows Live
    [14/12/2007|16:49] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 107 Processes )

    iexplore.exe ~ [PID:2140]
    iexplore.exe ~ [PID:2720]
    iexplore.exe ~ [PID:5760]
    iexplore.exe ~ [PID:6116]
    iexplore.exe ~ [PID:4440]
    iexplore.exe ~ [PID:5580]
    iexplore.exe ~ [PID:4020]
    iexplore.exe ~ [PID:4868]
    iexplore.exe ~ [PID:5464]
    iexplore.exe ~ [PID:5664]
    iexplore.exe ~ [PID:6932]
    iexplore.exe ~ [PID:7504]
    iexplore.exe ~ [PID:8100]
    iexplore.exe ~ [PID:6792]
    iexplore.exe ~ [PID:7844]
    iexplore.exe ~ [PID:7660]
    iexplore.exe ~ [PID:7284]
    iexplore.exe ~ [PID:5868]
    iexplore.exe ~ [PID:7900]
    iexplore.exe ~ [PID:3948]
    iexplore.exe ~ [PID:8052]
    iexplore.exe ~ [PID:8032]
    iexplore.exe ~ [PID:7196]
    iexplore.exe ~ [PID:8120]

    --------------------\\ Recherche avec S_Lop

    C:\ProgramData\Type Hole Hole.5yued
    C:\ProgramData\Type Hole Hole.64ms1x
    C:\ProgramData\Type Hole Hole.kz11b6
    C:\ProgramData\mp3 free delete.iogmyet

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\ProgramData\Time Dead Warn Default
    C:\ProgramData\Time Dead Warn Default\Bash List.dat
    C:\ProgramData\Time Dead Warn Default\Bash List.exe
    C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies\fuselier@advertising[1].txt
    C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies\fuselier@advertising[2].txt
    C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies\fuselier@cotedazurpalace[2].txt
    C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies\fuselier@serve.cotedazurpalace[1].txt
    C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies\fuselier@www.cotedazurpalace[2].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Debug Locks"="\"C:\\ProgramData\\Type Hole Hole.kz11b6\""
    "warn default inter for"="\"C:\\ProgramData\\mp3 free delete.iogmyet\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-11-07 19:01:39
    Windows 6.0.6002 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 2

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\fuselier\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KLS4D265\mobifun_MBFII_AGR_CrackBonky_728x90_051109[1].gif

    [F:93][D:19]-> C:\Users\fuselier\AppData\Local\Temp
    [F:155][D:1]-> C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2866][D:4]-> C:\Users\fuselier\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:40][D:5]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 27/07/2009|15:13 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 05/11/2009|10:14 - Option : [1]
    3 - "C:\Lop SD\LopR_3.txt" - 06/11/2009|14:05 - Option : [1]
    4 - "C:\Lop SD\LopR_4.txt" - 07/11/2009| 9:43 - Option : [1]
    5 - "C:\Lop SD\LopR_5.txt" - 07/11/2009| 9:46 - Option : [1]
    6 - "C:\Lop SD\LopR_6.txt" - 07/11/2009|19:03 - Option : [1]
    0
  3. gen-hackman
     
    ▶ double-clique sur le raccourci Lop S&D présent sur ton Bureau

    ▶ Séléctionne la langue souhaitée , puis choisis l'option "Suppression + Hosts"
    ▶ Patiente jusqu'à la fin du scan
    ▶ Poste le rapport généré (C:\lopR.txt)
    0
  4. TYBOY Messages postés 16 Statut Membre
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz )
    BIOS : Ver 1.00PARTTBL
    USER : fuselier ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:141 Go (Free:100 Go)
    D:\ (Local Disk) - NTFS - Total:7 Go (Free:2 Go)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 08/11/2009| 9:30 )

    [ UAC => 1 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\ProgramData\Time Dead Warn Default\Bash List.dat
    Supprime! - C:\ProgramData\Time Dead Warn Default\Bash List.exe
    Supprime! - C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies\fuselier@advertising[1].txt
    Supprime! - C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies\fuselier@advertising[2].txt
    Supprime! - C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies\fuselier@cotedazurpalace[2].txt
    Supprime! - C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies\fuselier@serve.cotedazurpalace[1].txt
    Supprime! - C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies\fuselier@www.cotedazurpalace[2].txt
    Supprime! - C:\ProgramData\Type Hole Hole.5yued
    Supprime! - C:\ProgramData\Type Hole Hole.64ms1x
    Supprime! - C:\ProgramData\Type Hole Hole.kz11b6
    Supprime! - C:\ProgramData\mp3 free delete.iogmyet
    Supprime! - C:\ProgramData\Time Dead Warn Default
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans Local

    [19/12/2007|12:03] C:\Users\fuselier\AppData\Local\Adobe
    [26/01/2008|16:14] C:\Users\fuselier\AppData\Local\Apple
    [18/08/2008|08:45] C:\Users\fuselier\AppData\Local\Apple Computer
    [12/12/2007|20:47] C:\Users\fuselier\AppData\Local\Application Data
    [05/02/2008|11:28] C:\Users\fuselier\AppData\Local\Apps
    [12/12/2007|20:59] C:\Users\fuselier\AppData\Local\AtStart.txt
    [13/12/2007|23:17] C:\Users\fuselier\AppData\Local\capcom
    [12/01/2009|18:16] C:\Users\fuselier\AppData\Local\cmzmilfd.bat
    [04/11/2009|16:26] C:\Users\fuselier\AppData\Local\d3d9caps.dat
    [24/08/2009|14:50] C:\Users\fuselier\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [05/02/2008|11:29] C:\Users\fuselier\AppData\Local\Deployment
    [22/04/2009|23:30] C:\Users\fuselier\AppData\Local\Downloaded Installations
    [12/12/2007|20:59] C:\Users\fuselier\AppData\Local\DSwitch.txt
    [17/09/2008|08:11] C:\Users\fuselier\AppData\Local\FnF4.txt
    [13/02/2009|16:23] C:\Users\fuselier\AppData\Local\GDIPFONTCACHEV1.DAT
    [04/10/2008|08:47] C:\Users\fuselier\AppData\Local\Glowria
    [07/11/2009|09:25] C:\Users\fuselier\AppData\Local\Google
    [12/12/2007|20:47] C:\Users\fuselier\AppData\Local\Historique
    [16/12/2007|02:02] C:\Users\fuselier\AppData\Local\HP
    [06/11/2009|14:30] C:\Users\fuselier\AppData\Local\IconCache.db
    [17/12/2007|20:10] C:\Users\fuselier\AppData\Local\IsolatedStorage
    [17/01/2009|14:35] C:\Users\fuselier\AppData\Local\Microsoft
    [04/02/2008|23:15] C:\Users\fuselier\AppData\Local\Microsoft Games
    [20/12/2007|21:05] C:\Users\fuselier\AppData\Local\Microsoft Help
    [28/02/2008|18:19] C:\Users\fuselier\AppData\Local\MigWiz
    [06/04/2009|10:37] C:\Users\fuselier\AppData\Local\Mozilla
    [06/01/2009|19:04] C:\Users\fuselier\AppData\Local\Orange
    [22/04/2009|23:32] C:\Users\fuselier\AppData\Local\procaster
    [12/12/2007|20:59] C:\Users\fuselier\AppData\Local\QSwitch.txt
    [12/12/2007|18:59] C:\Users\fuselier\AppData\Local\QuickPlay
    [13/12/2007|21:26] C:\Users\fuselier\AppData\Local\Steam
    [15/12/2008|18:29] C:\Users\fuselier\AppData\Local\Symantec
    [08/11/2009|09:30] C:\Users\fuselier\AppData\Local\Temp
    [12/12/2007|20:47] C:\Users\fuselier\AppData\Local\Temporary Internet Files
    [16/12/2007|02:03] C:\Users\fuselier\AppData\Local\VirtualStore
    [07/01/2008|14:27] C:\Users\fuselier\AppData\Local\Windows Live Writer
    [30/05/2009|12:05] C:\Users\fuselier\AppData\Local\X-Plane Installer.prf
    [28/05/2009|19:32] C:\Users\fuselier\AppData\Local\x-plane_install.txt

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [08/11/2009 09:26][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [08/11/2009 07:48][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [26/10/2009 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - fuselier.job
    [08/11/2009 00:02][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{AB027A15-3301-4FB0-AACB-CAAA37702805}.job
    [08/11/2009 07:47][--ah-----] C:\Windows\tasks\SA.DAT
    [06/11/2009 14:31][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [26/11/2008|22:24] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [25/06/2007|21:53] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
    [03/06/2009|18:02] C:\ProgramData\Adobe
    [26/01/2008|16:13] C:\ProgramData\Apple
    [26/11/2008|22:23] C:\ProgramData\Apple Computer
    [12/12/2007|20:44] C:\ProgramData\Application Data
    [02/11/2009|10:02] C:\ProgramData\Avira
    [12/12/2007|20:44] C:\ProgramData\Bureau
    [14/04/2009|08:58] C:\ProgramData\CyberLink
    [12/12/2007|20:44] C:\ProgramData\Documents
    [25/04/2009|12:34] C:\ProgramData\Electronic Arts
    [14/03/2009|18:53] C:\ProgramData\EPSON
    [12/12/2007|20:44] C:\ProgramData\Favoris
    [06/11/2009|09:53] C:\ProgramData\Google
    [25/06/2007|22:27] C:\ProgramData\Hewlett-Packard
    [12/12/2007|18:26] C:\ProgramData\HP
    [25/06/2007|22:03] C:\ProgramData\hpzinstall.log
    [18/03/2008|15:43] C:\ProgramData\LogiShrd
    [18/03/2008|15:39] C:\ProgramData\Logitech
    [02/11/2009|11:06] C:\ProgramData\Malwarebytes
    [31/08/2008|13:02] C:\ProgramData\Media Center Programs
    [12/12/2007|20:44] C:\ProgramData\Menu D‚marrer
    [07/01/2008|11:12] C:\ProgramData\MGS
    [11/04/2009|16:36] C:\ProgramData\Microsoft
    [20/12/2007|22:37] C:\ProgramData\Microsoft Help
    [12/12/2007|20:44] C:\ProgramData\ModŠles
    [02/11/2009|09:29] C:\ProgramData\Norton
    [10/12/2008|12:40] C:\ProgramData\NortonInstaller
    [03/11/2009|21:43] C:\ProgramData\NVIDIA
    [08/11/2009|09:26] C:\ProgramData\nvModes.001
    [08/11/2009|09:26] C:\ProgramData\nvModes.dat
    [10/12/2008|12:40] C:\ProgramData\PCSettings
    [05/11/2009|11:15] C:\ProgramData\Peak Upload Second
    [25/06/2007|21:35] C:\ProgramData\Roxio
    [12/05/2008|08:17] C:\ProgramData\Skype
    [19/02/2008|15:53] C:\ProgramData\Sonic
    [26/02/2009|15:01] C:\ProgramData\SPL182C.tmp
    [03/11/2008|09:59] C:\ProgramData\SPL1A05.tmp
    [28/03/2008|19:38] C:\ProgramData\SPL1C9.tmp
    [28/01/2009|08:34] C:\ProgramData\SPL1D04.tmp
    [14/09/2008|16:09] C:\ProgramData\SPL1E85.tmp
    [27/09/2008|14:30] C:\ProgramData\SPL2010.tmp
    [28/09/2008|16:01] C:\ProgramData\SPL2590.tmp
    [18/04/2008|21:12] C:\ProgramData\SPL283A.tmp
    [25/11/2008|21:16] C:\ProgramData\SPL28D2.tmp
    [04/11/2008|19:06] C:\ProgramData\SPL2B31.tmp
    [27/12/2007|17:04] C:\ProgramData\SPL2DAA.tmp
    [04/11/2008|19:11] C:\ProgramData\SPL37E0.tmp
    [11/09/2008|18:49] C:\ProgramData\SPL4374.tmp
    [03/02/2009|11:28] C:\ProgramData\SPL456E.tmp
    [02/05/2008|13:06] C:\ProgramData\SPL4FF8.tmp
    [11/04/2008|13:21] C:\ProgramData\SPL5205.tmp
    [03/03/2009|19:45] C:\ProgramData\SPL5407.tmp
    [24/11/2008|20:58] C:\ProgramData\SPL5427.tmp
    [15/10/2008|13:11] C:\ProgramData\SPL574D.tmp
    [22/01/2009|13:49] C:\ProgramData\SPL5C17.tmp
    [24/11/2008|09:25] C:\ProgramData\SPL5F0C.tmp
    [27/04/2008|19:08] C:\ProgramData\SPL5F2F.tmp
    [22/01/2009|12:45] C:\ProgramData\SPL649B.tmp
    [11/04/2008|13:07] C:\ProgramData\SPL67CA.tmp
    [27/12/2007|17:11] C:\ProgramData\SPL67DE.tmp
    [30/04/2008|13:49] C:\ProgramData\SPL707F.tmp
    [26/11/2008|14:34] C:\ProgramData\SPL74CD.tmp
    [19/11/2008|06:19] C:\ProgramData\SPL74E0.tmp
    [30/04/2008|13:54] C:\ProgramData\SPL781F.tmp
    [22/01/2009|12:37] C:\ProgramData\SPL79C3.tmp
    [28/01/2009|08:31] C:\ProgramData\SPL7D3C.tmp
    [28/03/2008|19:30] C:\ProgramData\SPL7FEC.tmp
    [23/10/2008|14:08] C:\ProgramData\SPL8E4B.tmp
    [27/09/2008|14:51] C:\ProgramData\SPL954C.tmp
    [03/11/2008|09:57] C:\ProgramData\SPL9A0B.tmp
    [31/01/2009|18:54] C:\ProgramData\SPL9AC4.tmp
    [22/01/2009|12:30] C:\ProgramData\SPLADAE.tmp
    [11/04/2008|13:19] C:\ProgramData\SPLAE09.tmp
    [02/05/2008|12:17] C:\ProgramData\SPLB705.tmp
    [27/04/2008|19:00] C:\ProgramData\SPLB76A.tmp
    [18/04/2008|21:08] C:\ProgramData\SPLB846.tmp
    [26/02/2009|22:20] C:\ProgramData\SPLB940.tmp
    [04/03/2009|12:09] C:\ProgramData\SPLBBEA.tmp
    [08/06/2008|12:26] C:\ProgramData\SPLBF01.tmp
    [11/06/2008|20:12] C:\ProgramData\SPLC4BB.tmp
    [28/04/2008|16:58] C:\ProgramData\SPLC7BC.tmp
    [03/03/2009|19:54] C:\ProgramData\SPLC9B5.tmp
    [28/09/2008|16:00] C:\ProgramData\SPLD1B6.tmp
    [13/09/2008|16:26] C:\ProgramData\SPLD767.tmp
    [05/11/2008|20:22] C:\ProgramData\SPLD987.tmp
    [27/09/2008|14:28] C:\ProgramData\SPLD99E.tmp
    [18/11/2008|19:01] C:\ProgramData\SPLDA3A.tmp
    [27/09/2008|14:53] C:\ProgramData\SPLE7BF.tmp
    [18/11/2008|18:58] C:\ProgramData\SPLED3B.tmp
    [31/01/2009|18:51] C:\ProgramData\SPLF014.tmp
    [15/10/2008|13:08] C:\ProgramData\SPLFDD6.tmp
    [10/12/2008|12:49] C:\ProgramData\Symantec
    [10/12/2008|12:31] C:\ProgramData\Symantec Temporary Files
    [02/11/2009|09:42] C:\ProgramData\TEMP
    [14/03/2009|19:02] C:\ProgramData\UDL
    [12/08/2008|09:31] C:\ProgramData\WLInstaller

    --------------------\\ Listing des dossiers dans C:\Program Files

    [25/06/2007|21:53] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [03/06/2009|18:02] C:\Program Files\Adobe
    [22/01/2008|15:47] C:\Program Files\AOL Pictures
    [17/08/2008|09:52] C:\Program Files\Apple Software Update
    [02/11/2009|10:02] C:\Program Files\Avira
    [14/01/2009|21:59] C:\Program Files\Bonjour
    [15/12/2007|17:11] C:\Program Files\BoontyGames
    [02/11/2009|14:00] C:\Program Files\CCleaner
    [02/11/2009|09:44] C:\Program Files\Common Files
    [25/06/2007|22:05] C:\Program Files\EasyBits
    [17/06/2009|23:12] C:\Program Files\Electronic Arts
    [14/03/2009|19:00] C:\Program Files\epson
    [12/12/2007|20:44] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [06/11/2009|14:30] C:\Program Files\Google
    [09/10/2008|20:37] C:\Program Files\Hewlett-Packard
    [27/08/2008|16:18] C:\Program Files\HP
    [25/06/2007|22:11] C:\Program Files\HPQ
    [17/06/2009|23:12] C:\Program Files\InstallShield Installation Information
    [25/06/2007|21:16] C:\Program Files\Intel
    [03/11/2009|21:00] C:\Program Files\Internet Explorer
    [26/11/2008|22:24] C:\Program Files\iPod
    [26/11/2008|22:24] C:\Program Files\iTunes
    [26/03/2009|13:36] C:\Program Files\Java
    [13/02/2009|16:13] C:\Program Files\JRE
    [18/03/2008|15:39] C:\Program Files\Logitech
    [10/03/2009|17:04] C:\Program Files\Lx_cats
    [02/11/2009|11:06] C:\Program Files\Malwarebytes' Anti-Malware
    [14/03/2009|18:11] C:\Program Files\MFP Server
    [11/04/2009|16:31] C:\Program Files\Microsoft
    [15/12/2007|09:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [20/12/2007|23:23] C:\Program Files\Microsoft FrontPage
    [02/11/2006|13:37] C:\Program Files\Microsoft Games
    [28/12/2007|16:54] C:\Program Files\Microsoft Hardware
    [11/09/2009|12:45] C:\Program Files\Microsoft Silverlight
    [14/12/2007|16:52] C:\Program Files\Microsoft SQL Server Compact Edition
    [11/04/2009|16:36] C:\Program Files\Microsoft Sync Framework
    [06/12/2008|19:39] C:\Program Files\Microsoft Works
    [25/06/2007|20:55] C:\Program Files\Motorola
    [03/11/2009|21:00] C:\Program Files\Movie Maker
    [04/11/2009|15:14] C:\Program Files\Mozilla Firefox
    [02/11/2006|13:37] C:\Program Files\MSBuild
    [12/12/2007|21:33] C:\Program Files\MSXML 4.0
    [16/07/2008|13:24] C:\Program Files\Neuf
    [02/11/2009|09:34] C:\Program Files\Norton Internet Security
    [13/02/2009|16:13] C:\Program Files\OpenOffice.org 3
    [22/04/2009|23:02] C:\Program Files\Procaster
    [26/11/2008|22:22] C:\Program Files\QuickTime
    [25/06/2007|22:09] C:\Program Files\Realtek
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [25/06/2007|21:36] C:\Program Files\Roxio
    [25/06/2007|22:06] C:\Program Files\Services en ligne
    [12/05/2008|08:17] C:\Program Files\Skype
    [31/12/2007|16:12] C:\Program Files\Sony
    [20/12/2007|21:49] C:\Program Files\SP38015
    [25/06/2007|21:01] C:\Program Files\Synaptics
    [02/11/2006|14:01] C:\Program Files\Uninstall Information
    [03/11/2009|21:00] C:\Program Files\Windows Calendar
    [03/11/2009|21:00] C:\Program Files\Windows Collaboration
    [03/11/2009|21:00] C:\Program Files\Windows Defender
    [03/11/2009|21:00] C:\Program Files\Windows Journal
    [11/04/2009|16:37] C:\Program Files\Windows Live
    [14/12/2007|16:54] C:\Program Files\Windows Live Favorites
    [11/04/2009|16:31] C:\Program Files\Windows Live SkyDrive
    [11/04/2009|16:37] C:\Program Files\Windows Live Toolbar
    [03/11/2009|21:00] C:\Program Files\Windows Mail
    [03/11/2009|21:00] C:\Program Files\Windows Media Player
    [12/12/2007|20:44] C:\Program Files\Windows NT
    [03/11/2009|21:00] C:\Program Files\Windows Photo Gallery
    [03/11/2009|21:00] C:\Program Files\Windows Sidebar
    [04/01/2008|23:51] C:\Program Files\WMV9_VCM
    [07/01/2009|19:29] C:\Program Files\Yahoo!
    [10/12/2008|18:45] C:\Program Files\YesMessenger

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [03/06/2009|18:02] C:\Program Files\Common Files\Adobe
    [26/11/2008|22:24] C:\Program Files\Common Files\Apple
    [25/06/2007|22:03] C:\Program Files\Common Files\HP
    [14/03/2009|18:24] C:\Program Files\Common Files\InstallShield
    [25/06/2007|22:26] C:\Program Files\Common Files\Java
    [25/06/2007|22:11] C:\Program Files\Common Files\LightScribe
    [18/03/2008|15:39] C:\Program Files\Common Files\Logishrd
    [07/03/2009|14:57] C:\Program Files\Common Files\Logitech
    [06/03/2009|10:36] C:\Program Files\Common Files\microsoft shared
    [25/06/2007|21:35] C:\Program Files\Common Files\Roxio Shared
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [25/06/2007|21:34] C:\Program Files\Common Files\Sonic Shared
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [13/10/2008|19:02] C:\Program Files\Common Files\Steam
    [25/06/2007|21:36] C:\Program Files\Common Files\SureThing Shared
    [02/11/2009|09:28] C:\Program Files\Common Files\Symantec Shared
    [03/11/2009|21:00] C:\Program Files\Common Files\System
    [11/04/2009|16:21] C:\Program Files\Common Files\Windows Live
    [14/12/2007|16:49] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 79 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-11-08 09:30:51
    Windows 6.0.6002 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 2

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:111][D:19]-> C:\Users\fuselier\AppData\Local\Temp
    [F:155][D:1]-> C:\Users\fuselier\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:1534][D:5]-> C:\Users\fuselier\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:40][D:5]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 27/07/2009|15:13 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 05/11/2009|10:14 - Option : [1]
    3 - "C:\Lop SD\LopR_3.txt" - 06/11/2009|14:05 - Option : [1]
    4 - "C:\Lop SD\LopR_4.txt" - 07/11/2009| 9:43 - Option : [1]
    5 - "C:\Lop SD\LopR_5.txt" - 07/11/2009| 9:46 - Option : [1]
    6 - "C:\Lop SD\LopR_6.txt" - 07/11/2009|19:03 - Option : [1]
    7 - "C:\Lop SD\LopR_7.txt" - 08/11/2009| 9:32 - Option : [2]

    --------------------\\ Fin du rapport a 9:32:40
    [ UAC => 1 ]
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. gen-hackman
     
    Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

    ▶ Télécharge List&Kill'em et enregistre le sur ton bureau

    Il ne necessite pas d'installation

    ▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

    choisis la langue puis choisis l'option 1 = Mode Recherche

    ▶laisse travailler l'outil

    le rapport va s'afficher , une fois le scan fini

    ▶colle le contenu dans ta prochaine réponse
    0
  7. TYBOY Messages postés 16 Statut Membre
     
    st'em by g3n-h@ckm@n 1.0.5.2

    Thx to Chiquitine29.....

    User : fuselier (Administrateurs) # PC-DE-FUSELIER
    Update on 07/11/2009 by g3n-h@ckm@n ::::: 20.00
    Start at: 11:57:34 | 08/11/2009
    Contact : g3n-h@ckm@n sur CCM

    Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18828
    Windows Firewall Status : Enabled

    C:\ -> Disque fixe local | 141,59 Go (99,97 Go free) | NTFS
    D:\ -> Disque fixe local | 7,45 Go (2,3 Go free) [HP_RECOVERY] | NTFS
    E:\ -> Disque CD-ROM

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours

    C:\Windows\System32\smss.exe 476
    C:\Windows\system32\csrss.exe 548
    C:\Windows\system32\wininit.exe 600
    C:\Windows\system32\csrss.exe 612
    C:\Windows\system32\services.exe 648
    C:\Windows\system32\lsass.exe 660
    C:\Windows\system32\lsm.exe 668
    C:\Windows\system32\svchost.exe 812
    C:\Windows\system32\nvvsvc.exe 876
    C:\Windows\system32\svchost.exe 904
    C:\Windows\System32\svchost.exe 1004
    C:\Windows\System32\svchost.exe 1032
    C:\Windows\system32\svchost.exe 1044
    C:\Windows\system32\svchost.exe 1144
    C:\Windows\system32\SLsvc.exe 1160
    C:\Windows\system32\svchost.exe 1204
    C:\Windows\system32\winlogon.exe 1308
    C:\Windows\system32\svchost.exe 1380
    C:\Windows\System32\spoolsv.exe 1624
    C:\Windows\system32\rundll32.exe 1648
    C:\Program Files\Avira\AntiVir Desktop\sched.exe 1704
    C:\Windows\system32\svchost.exe 1740
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe 2032
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 308
    C:\Program Files\Bonjour\mDNSResponder.exe 368
    C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe 420
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 228
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe 760
    C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe 2064
    C:\Windows\system32\svchost.exe 2080
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2104
    C:\Windows\system32\svchost.exe 2144
    C:\Windows\System32\svchost.exe 2232
    C:\Windows\system32\SearchIndexer.exe 2268
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 2376
    C:\Windows\system32\taskeng.exe 2700
    C:\Windows\system32\Dwm.exe 2920
    C:\Windows\system32\taskeng.exe 2984
    C:\Windows\Explorer.EXE 3032
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe 2852
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3280
    C:\Windows\RtHDVCpl.exe 3124
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3136
    C:\Program Files\HP\QuickPlay\QPService.exe 3112
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe 3232
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe 1632
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe 1528
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe 1496
    C:\Program Files\iTunes\iTunesHelper.exe 1324
    C:\Windows\System32\ServoApp.exe 3220
    C:\Program Files\Java\jre6\bin\jusched.exe 1996
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 2908
    C:\Windows\System32\rundll32.exe 2464
    C:\Program Files\Windows Sidebar\sidebar.exe 2228
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1768
    C:\Windows\ehome\ehtray.exe 3300
    C:\Program Files\Skype\Phone\Skype.exe 2632
    C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXE 1564
    C:\Program Files\Electronic Arts\EADM\Core.exe 2916
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 3296
    C:\Program Files\Logitech\SetPoint\SetPoint.exe 3416
    C:\Program Files\OpenOffice.org 3\program\soffice.exe 3644
    C:\Windows\system32\wbem\unsecapp.exe 340
    C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe 3668
    C:\Windows\system32\wbem\wmiprvse.exe 3544
    C:\Windows\ehome\ehmsas.exe 3760
    C:\Program Files\OpenOffice.org 3\program\soffice.bin 592
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe 2608
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE 3900
    C:\Program Files\iPod\bin\iPodService.exe 2176
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 4024
    C:\Program Files\Internet Explorer\iexplore.exe 2360
    C:\Program Files\Internet Explorer\iexplore.exe 1776
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe 4164
    C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4668
    C:\Users\fuselier\Desktop\List_Killem.exe 4984
    C:\Windows\system32\conime.exe 3924
    C:\Windows\system32\cmd.exe 4816
    C:\Windows\system32\wbem\wmiprvse.exe 4316
    C:\Users\fuselier\AppData\Local\Temp\1F14.tmp\pv.exe 3508

    ======================
    Cles de demarrage "Run"
    ======================
    Windows Registry Editor Version 5.00

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"
    "msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
    "ehTray.exe"="C:\\Windows\\ehome\\ehTray.exe"
    "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
    "EPSON Stylus SX400 Series"="C:\\Windows\\system32\\spool\\DRIVERS\\W32X86\\3\\E_FATIEGE.EXE /FU \"C:\\Users\\fuselier\\AppData\\Local\\Temp\\E_SAF61.tmp\" /EF \"HKCU\""
    "EPSON Stylus SX400 Series (Copie 1)"="C:\\Windows\\system32\\spool\\DRIVERS\\W32X86\\3\\E_FATIEGE.EXE /FU \"C:\\Windows\\TEMP\\E_SEB97.tmp\" /EF \"HKCU\""
    "EA Core"="\"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe\" -silent"
    "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
    "swg"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,\
    00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,\
    73,00,20,00,44,00,65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,4d,00,53,\
    00,41,00,53,00,43,00,75,00,69,00,2e,00,65,00,78,00,65,00,20,00,2d,00,68,00,\
    69,00,64,00,65,00,00,00
    "SMSERIAL"="C:\\Program Files\\Motorola\\SMSERIAL\\sm56hlpr.exe"
    "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
    "RtHDVCpl"="RtHDVCpl.exe"
    "IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"
    "QPService"="\"C:\\Program Files\\HP\\QuickPlay\\QPService.exe\""
    "QlbCtrl"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,\
    6c,00,65,00,73,00,25,00,5c,00,48,00,65,00,77,00,6c,00,65,00,74,00,74,00,2d,\
    00,50,00,61,00,63,00,6b,00,61,00,72,00,64,00,5c,00,48,00,50,00,20,00,51,00,\
    75,00,69,00,63,00,6b,00,20,00,4c,00,61,00,75,00,6e,00,63,00,68,00,20,00,42,\
    00,75,00,74,00,74,00,6f,00,6e,00,73,00,5c,00,51,00,6c,00,62,00,43,00,74,00,\
    72,00,6c,00,2e,00,65,00,78,00,65,00,20,00,2f,00,53,00,74,00,61,00,72,00,74,\
    00,00,00
    "HP Health Check Scheduler"="C:\\Program Files\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe"
    "hpWirelessAssistant"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
    46,00,69,00,6c,00,65,00,73,00,25,00,5c,00,48,00,65,00,77,00,6c,00,65,00,74,\
    00,74,00,2d,00,50,00,61,00,63,00,6b,00,61,00,72,00,64,00,5c,00,48,00,50,00,\
    20,00,57,00,69,00,72,00,65,00,6c,00,65,00,73,00,73,00,20,00,41,00,73,00,73,\
    00,69,00,73,00,74,00,61,00,6e,00,74,00,5c,00,48,00,50,00,57,00,41,00,4d,00,\
    61,00,69,00,6e,00,2e,00,65,00,78,00,65,00,00,00
    "WAWifiMessage"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,\
    69,00,6c,00,65,00,73,00,25,00,5c,00,48,00,65,00,77,00,6c,00,65,00,74,00,74,\
    00,2d,00,50,00,61,00,63,00,6b,00,61,00,72,00,64,00,5c,00,48,00,50,00,20,00,\
    57,00,69,00,72,00,65,00,6c,00,65,00,73,00,73,00,20,00,41,00,73,00,73,00,69,\
    00,73,00,74,00,61,00,6e,00,74,00,5c,00,57,00,69,00,46,00,69,00,4d,00,73,00,\
    67,00,2e,00,65,00,78,00,65,00,00,00
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
    "HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"
    "AppleSyncNotifier"="C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleSyncNotifier.exe"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "Server Application"="C:\\Windows\\system32\\ServoApp.exe"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""
    "Procaster"="\"C:\\Program Files\\Procaster\\Procaster.exe\" -autorun"
    "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
    "avgnt"="\"C:\\Program Files\\Avira\\AntiVir Desktop\\avgnt.exe\" /min"
    "Malwarebytes Anti-Malware (reboot)"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe\" /runcleanupscript"
    "NvCplDaemon"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"
    "NvMediaCenter"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
    "Installed"="1"
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
    "NoChange"="1"
    "Installed"="1"
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
    "Installed"="1"
    @=""

    =====================
    cles additionnelles
    =====================
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=dword:00000002
    "ConsentPromptBehaviorUser"=dword:00000001
    "EnableInstallerDetection"=dword:00000001
    "EnableLUA"=dword:00000001
    "EnableSecureUIAPaths"=dword:00000001
    "EnableVirtualization"=dword:00000001
    "PromptOnSecureDesktop"=dword:00000001
    "ValidateAdminCodeSignatures"=dword:00000000
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "scforceoption"=dword:00000000
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001
    "FilterAdministratorToken"=dword:00000000
    "EnableUIADesktopToggle"=dword:00000000

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
    "CF_TEXT"=dword:00000001
    "CF_BITMAP"=dword:00000002
    "CF_OEMTEXT"=dword:00000007
    "CF_DIB"=dword:00000008
    "CF_PALETTE"=dword:00000009
    "CF_UNICODETEXT"=dword:0000000d
    "CF_DIBV5"=dword:00000011

    ===============
    ===============
    ===============
    ===============
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"

    ======
    BHO :
    ======
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\NoExplorer]
    @=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    @="Search Helper"
    "NoExplorer"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    @="Google Dictionary Compression sdch"
    "NoExplorer"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    "NoExplorer"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    "NoExplorer"=dword:00000001

    ==========================

    ===============
    Path : C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
    ===============
    ¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

    C:\ProgramData\Application Data\Microsoft\Network\Downloader\qmgr0.dat
    C:\ProgramData\Application Data\Microsoft\Network\Downloader\qmgr1.dat
    C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    C:\Windows\system32\drivers\Sonyhcp.dll
    C:\Users\fuselier\LOCAL Settings\Temp\wlsetup-cvr.exe

    ¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

    ¤¤¤¤¤¤¤¤¤¤ C:\Windows\Prefetch :

    ACRORD32.EXE-89736734.pf
    AgAppLaunch.db
    AgCx_Hibernate.snp.db
    AgCx_SC1.db
    AgCx_SC1.db.trx
    AgCx_SC2.db
    AgGlFaultHistory.db
    AgGlFgAppHistory.db
    AgGlGlobalHistory.db
    AgGlUAD_P_S-1-5-21-3853129347-1298890495-163268213-1000.db
    AgGlUAD_S-1-5-21-3853129347-1298890495-163268213-1000.db
    AgRobust.db
    ATTRIB.EXE-C481CEC1.pf
    AVGNT.EXE-C4FB88B7.pf
    AVNOTIFY.EXE-4291C867.pf
    AVWSC.EXE-877F4F63.pf
    CATCHME.EXE-B2576861.pf
    CHCP.COM-950EAF32.pf
    CMD.EXE-89305D47.pf
    CONIME.EXE-B273009A.pf
    CONSENT.EXE-65F6206D.pf
    CONTROL.EXE-9459D5A0.pf
    CSCRIPT.EXE-E4C98DEB.pf
    DEFRAG.EXE-738093E8.pf
    DFRGNTFS.EXE-4F838A89.pf
    DLLHOST.EXE-6202E8F2.pf
    DLLHOST.EXE-71214090.pf
    DLLHOST.EXE-893DDF55.pf
    EHMSAS.EXE-6BE9D904.pf
    FIND.EXE-162DFE58.pf
    FINDSTR.EXE-4176B665.pf
    FIREFOX.EXE-E60C0AA7.pf
    GOOGLETOOLBARUSER_32.EXE-6E5896AD.pf
    GOOGLEUPDATE.EXE-8973CEDD.pf
    GOOGLEUPDATERSERVICE.EXE-600E0B48.pf
    HPHC_SERVICE.EXE-B8B935C8.pf
    HPQTOASTER.EXE-3B718527.pf
    IEXPLORE.EXE-1B894AFB.pf
    IPODSERVICE.EXE-FE1A6FF7.pf
    Layout.ini
    LIST_KILLEM.EXE-6266EF32.pf
    LOGONUI.EXE-1BEE4A84.pf
    LOPSD.EXE-ADB8B447.pf
    LOPSD[1].EXE-F0F99434.pf
    LSTASKS.EXE-524D3AE1.pf
    LULNCHR.EXE-8F9D089F.pf
    MOBSYNC.EXE-D8BC6ED2.pf
    MODE.COM-0F3F3F6D.pf
    MSFEEDSSYNC.EXE-1F01ED17.pf
    NOTEPAD.EXE-EB1B961A.pf
    NTOSBOOT-B00DFAAD.pf
    OSV.EXE-19F0ED90.pf
    PfSvPerfStats.bin
    PHOTOSCREENSAVER.SCR-F1874E40.pf
    PV.EXE-397E0EFE.pf
    PV.EXE-FCF36648.pf
    ReadyBoot
    REG.EXE-26976709.pf
    REGEDIT.EXE-4748FE01.pf
    RUNDLL32.EXE-905D47B9.pf
    RUNDLL32.EXE-C681A23C.pf
    RUNDLL32.EXE-CE557EE2.pf
    RUNDLL32.EXE-F452D79D.pf
    SCALC.EXE-EB3F5356.pf
    SCHTASKS.EXE-2DE769BF.pf
    SEARCHFILTERHOST.EXE-AA7A1FDD.pf
    SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf
    SED.EXE-35A5DBB4.pf
    SETPATH.EXE-41103175.pf
    SOFFICE.BIN-AB381126.pf
    SOFFICE.EXE-B7A9F84B.pf
    SSVAGENT.EXE-B025FA52.pf
    SVCHOST.EXE-8FD92526.pf
    SYNTPHELPER.EXE-4B6F43CF.pf
    TASKENG.EXE-5BAF290C.pf
    TRUSTEDINSTALLER.EXE-031B6478.pf
    UNSECAPP.EXE-CD982D99.pf
    VERCLSID.EXE-4D95F5A7.pf
    VSSVC.EXE-04D079CC.pf
    WERFAULT.EXE-B7E27BE5.pf
    WERMGR.EXE-2A1BCBC7.pf
    WINCAL.EXE-468711D0.pf
    WINMAIL.EXE-D6E90604.pf
    WMIADAP.EXE-369DF1CD.pf
    WMIPRVSE.EXE-43972D0F.pf
    WMPNSCFG.EXE-DF1DD51A.pf
    WSCRIPT.EXE-65A9658F.pf

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  8. gen-hackman
     
    REDEMARRE EN MODE SANS ECHEC , puis :

    ▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),

    mais cette fois-ci :

    ▶ choisis l'option 2 = Mode Destruction

    laisse travailler l'outil

    apres les verifications , un rapport va s'ouvrir.

    ▶ ferme-le.

    un deuxieme rapport va s'ouvrir ,

    ▶ colle son contenu dans ta reponse apres avoir redemarré en mode normal
    0
  9. TYBOY Messages postés 16 Statut Membre
     
    comment demarrer mode sans echec
    merci
    0
  10. gen-hackman
     
    Comment aller en Mode sans échec :

    ▶ Redémarres ton ordi
    ▶ Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
    ▶ Tu verras un écran avec options de démarrage apparaître
    ▶ Choisis la première option : Sans Échec, et valide avec "Entrée"
    ▶ Choisis ton compte habituel, et non Administrateur (si besoin ... )

    (attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)
    0
  11. TYBOY Messages postés 16 Statut Membre
     
    OK MERCI
    CI JOIC:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
    ===============
    ¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

    ¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

    ¤¤¤¤¤¤¤¤¤¤ C:\Windows\Prefetch :

    AgAppLaunch.db
    AgCx_Hibernate.snp.db
    AgCx_SC1.db
    AgCx_SC1.db.trx
    AgCx_SC2.db
    AgGlFaultHistory.db
    AgGlFgAppHistory.db
    AgGlGlobalHistory.db
    AgGlUAD_P_S-1-5-21-3853129347-1298890495-163268213-1000.db
    AgGlUAD_S-1-5-21-3853129347-1298890495-163268213-1000.db
    AgRobust.db
    Layout.ini
    NTOSBOOT-B00DFAAD.pf
    PfSvPerfStats.bin
    ReadyBoot

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    NT RAPPORT
    0
  12. gen-hackman
     
    Télécharge OTL de OLDTimer

    enregistre le sur ton Bureau.

    ▶ Double clic ( pour vista => clic droit "executer en tant qu'administrateur") sur OTL.exe pour le lancer.

    ▶ Coche les 2 cases Lop et Purity

    ▶ Coche la case devant scan all users

    ▶ règle-le sur "60 Days"

    ▶ dans la colonne de gauche , mets tout sur all

    ne modifie pas ceci :

    "files created whithin" et "files modified whithin"


    ▶Clic sur Run Scan.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

    Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

    ▶▶▶ NE LE POSTE PAS SUR LE FORUM

    Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

    ▶ Clique sur Parcourir et cherche le fichier ci-dessus.

    ▶ Clique sur Ouvrir.

    ▶ Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

    est ajouté dans la page.

    ▶ Copie ce lien dans ta réponse.

    Tu feras la meme chose avec le "Extra.txt".
    0
  13. TYBOY Messages postés 16 Statut Membre
     
    http://www.cijoint.fr/cjlink.php?file=cj200911/cij8B0uw09.txt
    0
  14. gen-hackman
     
    ▶ Double clic sur OTL.exe pour le lancer.

    ▶Copie la liste qui se trouve en gras ci-dessous,

    ▶ colle-la dans la zone sous Customs Scans/Fixes :

    :processes
    explorer.exe
    iexplore.exe
    firefox.exe
    msnmsgr.exe
    Teatimer.exe

    :services
    Bonjour Service

    :OTL
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O8 - Extra context menu item: Add to Windows &Live Favorites - File not found
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2

    :reg
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"=-
    "HP Software Update"=-
    "iTunesHelper"=-
    "QuickTime Task"=-

    :files
    C:\Kill'em
    C:\Users\fuselier\Desktop\List_Killem.exe

    :commands
    [emptytemp]
    [start explorer]
    [reboot]


    ▶ Clique sur RunFix pour lancer la suppression.

    ▶ Poste le rapport.
    0
  15. TYBOY Messages postés 16 Statut Membre
     
    PAS SUR D AVOIR PIGE LE PROCEDE
    0
  16. gen-hackman
     
    tu copie/colle tout ce qui est en gras dans la case d'en bas et tu fais "run fix" et laisse tourner
    0
    1. TYBOY Messages postés 16 Statut Membre
       
      QUELLE CASE ET COMMENT FAIS JE UN RUN FIX
      0
    2. TYBOY Messages postés 16 Statut Membre
       
      es killed
      Error: Unable to interpret <processes > in the current context!
      Error: Unable to interpret <explorer.exe > in the current context!
      Error: Unable to interpret <iexplore.exe > in the current context!
      Error: Unable to interpret <firefox.exe > in the current context!
      Error: Unable to interpret <msnmsgr.exe > in the current context!
      Error: Unable to interpret <Teatimer.exe > in the current context!
      ========== SERVICES/DRIVERS ==========
      Service Bonjour Service stopped successfully!
      Service Bonjour Service deleted successfully!
      ========== OTL ==========
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
      Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Windows &Live Favorites\ deleted successfully.
      Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
      C:\Windows\Downloaded Program Files\erma.inf moved successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
      Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
      ========== REGISTRY ==========
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
      ========== FILES ==========
      C:\Kill'em\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em\x86\x86 folder moved successfully.
      C:\Kill'em\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em\x86 folder moved successfully.
      C:\Kill'em\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em folder moved successfully.
      C:\Kill'em folder moved successfully.
      C:\Users\fuselier\Desktop\List_Killem.exe moved successfully.
      ========== COMMANDS ==========

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: fuselier
      ->Temp folder emptied: 204622823 bytes
      ->Temporary Internet Files folder emptied: 46613298 bytes
      ->Java cache emptied: 83842234 bytes
      ->FireFox cache emptied: 85192783 bytes
      ->Apple Safari cache emptied: 1525109 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      Windows Temp folder emptied: 245304 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 402,52 mb


      OTL by OldTimer - Version 3.1.4.0 log created on 11082009_155218

      Files\Folders moved on Reboot...

      Registry entries deleted on Reboot...
      0
    1. TYBOY Messages postés 16 Statut Membre
       
      JE NE PIGE RIEN
      0
    2. TYBOY Messages postés 16 Statut Membre
       
      JE SUIS PERDUE
      0
    3. TYBOY Messages postés 16 Statut Membre
       
      C EST BON OU PAS
      0
    4. TYBOY Messages postés 16 Statut Membre
       
      ath : C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
      ===============
      ¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :


      ¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :


      ¤¤¤¤¤¤¤¤¤¤ C:\Windows\Prefetch :

      AgAppLaunch.db
      AgCx_Hibernate.snp.db
      AgCx_SC1.db
      AgCx_SC1.db.trx
      AgCx_SC2.db
      AgGlFaultHistory.db
      AgGlFgAppHistory.db
      AgGlGlobalHistory.db
      AgGlUAD_P_S-1-5-21-3853129347-1298890495-163268213-1000.db
      AgGlUAD_S-1-5-21-3853129347-1298890495-163268213-1000.db
      AgRobust.db
      Layout.ini
      NTOSBOOT-B00DFAAD.pf
      PfSvPerfStats.bin
      ReadyBoot




      ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
      0
  17. gen-hackman
     
    Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

    ▶ Télécharge :

    Malwarebytes

    ou :

    Malwarebytes

    ▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

    (NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

    ▶ Potasses le Tuto pour te familiariser avec le prg :

    ( cela dit, il est très simple d'utilisation ).

    relance malwarebytes en suivant scrupuleusement ces consignes :

    ! Déconnecte toi et ferme toutes applications en cours !

    ▶ Lance Malwarebyte's .

    Fais un examen dit "Complet" .

    ▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
    ▶ à la fin tu cliques sur "résultat" .
    Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

    Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

    Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

    0
    1. TYBOY Messages postés 16 Statut Membre
       
      BONSOIR

      ME REVOILA
      DEJA D UNE MERCI BEAUCOUP , je n ai plu de cid publicitaire
      vous êtes tres efficace
      JE DOIS MAINTENANT TELECHARGER MALWAREBYTES
      0
    2. TYBOY Messages postés 16 Statut Membre
       
      oui je vais le faire des que possible
      0
  18. gen-hackman
     
    salut j ai du m absenter

    un rapport de malwarebytes ?
    0