Pubs intempestives

yasom -  
 jacques.gache -
Bonjour,depuis un certains temps j'ai des pub qui s'affichent et qui ralentissent mon ordi.je ne sait pas quoi faire.J'ai fait une analyse avec malwarebytes puis supprimer ce qui n'allait pas.
j'ai vraiment besoin d'aide!!Voici un rapport hijackthis:mercii

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:43:42, on 31/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoCtlSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Steam\Steam.exe
C:\Documents and Settings\myriam\Bureau\Shareaza\Shareaza.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\EZ-DUB\EZ-DUB.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Yassine\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://g.msn.fr/8SEFRFR030000TBR/FRWCompleteTBSiteFinalDEFAULT
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (VC0305)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Flag Owns Live Grim] C:\Documents and Settings\All Users\Application Data\Software rule flag owns\flaw bash.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [win else] C:\DOCUME~1\Yassine\APPLIC~1\USERST~1\DUPE DASH.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Shareaza] "C:\Documents and Settings\myriam\Bureau\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: EZ-DUB Finder.lnk = C:\Program Files\EZ-DUB\EZ-DUB.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.69.25.47.96.downloads.estara.com./...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O20 - AppInit_DLLs: cfgshl.dll
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoCtlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 14501 bytes
Configuration: Windows XP
Firefox 3.0.16

21 réponses

  • 1
  • 2
Résumé de la discussion

Des publicités intempestives ralentissent l’ordinateur et une analyse avec Malwarebytes a signalé des éléments problématiques, le rapport HijackThis indiquant des extensions et services potentiellement nuisibles sur Windows XP SP3.
Plusieurs éléments repérés concernent des barres d’outils et des processus de sécurité tiers, des services et des programmes qui démarrent automatiquement, ce qui peut injecter des publicités et compromettre les performances.
En cas de remédiation, les solutions consistent à supprimer programmes suspects et barres d’outils indésirables, puis à vérifier les éléments de démarrage, lancer une analyse et mettre à jour les protections antivirus.
D'autres vérifications utiles incluent l'examen des extensions du navigateur et la suppression manuelle d'entrées de démarrage non reconnues afin de restaurer durablement des performances plus stables.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    bonsoir

    O4 - HKLM\..\Run: [Flag Owns Live Grim] C:\Documents and Settings\All Users\Application Data\Software rule flag owns\flaw bash.exe
    O4 - HKCU\..\Run: [win else] C:\DOCUME~1\Yassine\APPLIC~1\USERST~1\DUPE DASH.exe


    Tu as une infection LOP, ce qui fait apparaitre des pop-up CID
    Elles s'installent par ces programmes qu'il éviter à tout prix:
    * Le sponsor de Messenger Plus!
    * Bittorent
    * BitDownload
    * BitGrabber
    * NetPumper
    * BitRoll
    * TorrentQ
    * Torrent101

    Télécharge Lop S&D(de Eric_71 et Angeldark) sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
    http://eric71.geekstogo.com/tools/LopSD.exe

    * Double-clique dessus pour lancer l'installation
    * Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
    * Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
    * Patiente jusqu'à la fin du scan
    * Poste le rapport généré (C:\lopR.txt)
    1
  2. archet9
     
    Bonsoir et bonnes fêtes....

    ---> Télécharge OTM (OldTimer) sur ton Bureau :
    http: http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/

    ---> Double-clique sur OTMoveIt3.exe afin de le lancer.

    ---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :

    :processes
    explorer.exe

    :files
    c:\documents and settings\all users\application data\software rule flag owns\flaw bash.exe

    :reg
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Flag Owns Live Grim"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "win else"=-

    :commands
    [purity]
    [emptytemp]
    [start explorer]
    [Reboot]


    ---> Colle (Ctrl+V) le texte précédemment copié dans le cadre:
    Paste Instructions for Items to be Moved.
    ---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

    ---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ************************
    Fais un scan avec cet antispyware :
    Malwarebytes + tutoriel

    Tu l´installes; mets le a jour...(onglet mise a jour)
    Click maintenant sur l´onglet recherche et coche la case :
    "Executer un examen rapide".
    Puis click sur "rechercher".
    Laisses le scanner le pc...
    A la fin du scan, clique sur Afficher les résultats
    Si des elements on ete trouvés :
    > click sur supprimer la selection.

    si il t´es demandé de redemarrer > click sur "oui".
    A la fin un rapport va s´ouvrir;
    sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
    Copies et colles le rapport stp.

    a+

    0
  3. yasom
     
    merci pour vos réponses très rapides,pour répondre a nathandre voici mon rapport lop

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : Phoenix - Award BIOS v6.00PG
    USER : Yassine ( Administrator )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 2005 (Activated)
    Firewall : Norton Internet Security 2005 (Activated)
    C:\ (Local Disk) - NTFS - Total:142 Go (Free:77 Go)
    D:\ (Local Disk) - FAT32 - Total:6 Go (Free:2 Go)
    E:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 31/12/2009|22:46 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [25/01/2009|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [02/04/2006|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [29/11/2009|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [29/11/2009|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/05/2008|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [18/06/2008|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [28/12/2009|13:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [04/09/2009|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [14/08/2008|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [28/01/2009|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
    [01/01/2005|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [01/01/2005|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [14/08/2008|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [29/12/2009|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [13/11/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [19/12/2009|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [27/11/2009|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [26/06/2006|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
    [07/02/2006|09:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [17/04/2006|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [01/01/2005|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [27/12/2009|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
    [01/01/2005|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [31/10/2009|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sports Interactive
    [01/01/2005|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [21/04/2007|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [20/12/2006|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [25/10/2006|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [15/05/2009|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [01/10/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [01/02/2008|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!

    [01/01/2005|16:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
    [25/11/2004|04:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [01/01/2005|16:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
    [29/11/2009|11:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [28/11/2007|19:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [01/01/2005|17:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [01/01/2005|17:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [04/10/2009|17:11] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
    [01/01/2005|16:58] C:\DOCUME~1\INVIT~1\APPLIC~1\Apple Computer
    [14/03/2007|15:27] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
    [13/12/2009|16:55] C:\DOCUME~1\INVIT~1\APPLIC~1\HouseCall 6.6
    [25/06/2007|07:20] C:\DOCUME~1\INVIT~1\APPLIC~1\HP
    [25/11/2004|04:26] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [01/01/2005|16:55] C:\DOCUME~1\INVIT~1\APPLIC~1\Intervideo
    [09/04/2006|11:03] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
    [21/12/2009|18:37] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [28/12/2008|15:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
    [05/01/2008|23:10] C:\DOCUME~1\INVIT~1\APPLIC~1\OpenOffice.org2
    [08/12/2009|19:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Real
    [01/01/2005|17:02] C:\DOCUME~1\INVIT~1\APPLIC~1\SampleView
    [04/10/2009|18:19] C:\DOCUME~1\INVIT~1\APPLIC~1\Sun
    [01/01/2005|17:12] C:\DOCUME~1\INVIT~1\APPLIC~1\Symantec
    [27/10/2007|14:35] C:\DOCUME~1\INVIT~1\APPLIC~1\Windows Desktop Search

    [03/02/2008|12:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [14/08/2008|20:38] C:\DOCUME~1\myriam\APPLIC~1\Adobe
    [28/12/2008|17:48] C:\DOCUME~1\myriam\APPLIC~1\AdobeUM
    [01/01/2005|16:58] C:\DOCUME~1\myriam\APPLIC~1\Apple Computer
    [26/06/2006|14:48] C:\DOCUME~1\myriam\APPLIC~1\ArcSoft
    [22/02/2009|19:36] C:\DOCUME~1\myriam\APPLIC~1\DivX
    [16/12/2006|15:55] C:\DOCUME~1\myriam\APPLIC~1\Google
    [01/07/2006|16:16] C:\DOCUME~1\myriam\APPLIC~1\Help
    [03/05/2008|16:54] C:\DOCUME~1\myriam\APPLIC~1\HP
    [26/06/2006|11:33] C:\DOCUME~1\myriam\APPLIC~1\HPQ
    [25/11/2004|04:26] C:\DOCUME~1\myriam\APPLIC~1\Identities
    [01/01/2005|16:55] C:\DOCUME~1\myriam\APPLIC~1\Intervideo
    [26/06/2006|11:30] C:\DOCUME~1\myriam\APPLIC~1\Leadertech
    [13/05/2006|16:03] C:\DOCUME~1\myriam\APPLIC~1\Macromedia
    [11/07/2009|21:19] C:\DOCUME~1\myriam\APPLIC~1\Microsoft
    [19/11/2007|19:27] C:\DOCUME~1\myriam\APPLIC~1\Moyea
    [10/08/2008|15:46] C:\DOCUME~1\myriam\APPLIC~1\Mozilla
    [13/05/2006|16:02] C:\DOCUME~1\myriam\APPLIC~1\MSNInstaller
    [25/01/2009|17:55] C:\DOCUME~1\myriam\APPLIC~1\OpenOffice.org
    [17/05/2008|17:11] C:\DOCUME~1\myriam\APPLIC~1\OpenOffice.org2
    [17/02/2008|13:11] C:\DOCUME~1\myriam\APPLIC~1\Real
    [01/01/2005|17:02] C:\DOCUME~1\myriam\APPLIC~1\SampleView
    [25/01/2009|14:35] C:\DOCUME~1\myriam\APPLIC~1\Shareaza
    [19/06/2008|11:48] C:\DOCUME~1\myriam\APPLIC~1\Sonic
    [04/02/2008|12:43] C:\DOCUME~1\myriam\APPLIC~1\Sports Interactive
    [01/12/2006|13:12] C:\DOCUME~1\myriam\APPLIC~1\Sun
    [22/06/2006|09:18] C:\DOCUME~1\myriam\APPLIC~1\Symantec
    [21/06/2006|18:07] C:\DOCUME~1\myriam\APPLIC~1\Template
    [10/02/2009|18:37] C:\DOCUME~1\myriam\APPLIC~1\Ulead Systems
    [27/12/2009|18:45] C:\DOCUME~1\myriam\APPLIC~1\UserStyleHold
    [22/10/2008|17:06] C:\DOCUME~1\myriam\APPLIC~1\vlc
    [18/10/2007|17:20] C:\DOCUME~1\myriam\APPLIC~1\Windows Desktop Search
    [18/05/2008|15:33] C:\DOCUME~1\myriam\APPLIC~1\Yahoo!

    [18/10/2007|16:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [06/06/2009|17:00] C:\DOCUME~1\Yassine\APPLIC~1\Adobe
    [14/02/2008|20:27] C:\DOCUME~1\Yassine\APPLIC~1\AdobeUM
    [01/01/2005|16:58] C:\DOCUME~1\Yassine\APPLIC~1\Apple Computer
    [17/02/2009|10:18] C:\DOCUME~1\Yassine\APPLIC~1\DivX
    [06/04/2008|11:35] C:\DOCUME~1\Yassine\APPLIC~1\EPSON
    [07/01/2009|16:57] C:\DOCUME~1\Yassine\APPLIC~1\FileZilla
    [03/09/2008|13:02] C:\DOCUME~1\Yassine\APPLIC~1\Google
    [22/05/2007|16:33] C:\DOCUME~1\Yassine\APPLIC~1\HP
    [27/02/2007|14:51] C:\DOCUME~1\Yassine\APPLIC~1\HPQ
    [25/11/2004|04:26] C:\DOCUME~1\Yassine\APPLIC~1\Identities
    [10/05/2007|18:47] C:\DOCUME~1\Yassine\APPLIC~1\Intervideo
    [27/02/2007|10:19] C:\DOCUME~1\Yassine\APPLIC~1\ItsLabel
    [13/07/2008|21:23] C:\DOCUME~1\Yassine\APPLIC~1\Lavasoft
    [26/09/2008|15:46] C:\DOCUME~1\Yassine\APPLIC~1\LogoMaker
    [25/02/2007|19:47] C:\DOCUME~1\Yassine\APPLIC~1\Macromedia
    [29/12/2009|15:39] C:\DOCUME~1\Yassine\APPLIC~1\Malwarebytes
    [30/01/2008|16:18] C:\DOCUME~1\Yassine\APPLIC~1\Megaupload
    [23/06/2009|13:12] C:\DOCUME~1\Yassine\APPLIC~1\Microsoft
    [05/11/2009|20:27] C:\DOCUME~1\Yassine\APPLIC~1\Mostick
    [16/11/2007|17:48] C:\DOCUME~1\Yassine\APPLIC~1\Moyea
    [27/09/2008|17:37] C:\DOCUME~1\Yassine\APPLIC~1\Mozilla
    [20/11/2007|20:52] C:\DOCUME~1\Yassine\APPLIC~1\MSNInstaller
    [10/08/2007|12:15] C:\DOCUME~1\Yassine\APPLIC~1\muvee Technologies
    [13/02/2009|16:57] C:\DOCUME~1\Yassine\APPLIC~1\Neverball
    [28/02/2009|20:24] C:\DOCUME~1\Yassine\APPLIC~1\OpenOffice.org
    [31/12/2009|20:17] C:\DOCUME~1\Yassine\APPLIC~1\OpenOffice.org2
    [04/02/2008|11:42] C:\DOCUME~1\Yassine\APPLIC~1\Real
    [01/01/2005|17:02] C:\DOCUME~1\Yassine\APPLIC~1\SampleView
    [09/08/2007|15:18] C:\DOCUME~1\Yassine\APPLIC~1\Screenshot Sender
    [20/11/2007|13:17] C:\DOCUME~1\Yassine\APPLIC~1\SecuROM
    [28/01/2009|16:11] C:\DOCUME~1\Yassine\APPLIC~1\Shareaza
    [26/09/2008|16:29] C:\DOCUME~1\Yassine\APPLIC~1\SlySoft
    [31/10/2009|22:42] C:\DOCUME~1\Yassine\APPLIC~1\Sports Interactive
    [01/03/2007|11:49] C:\DOCUME~1\Yassine\APPLIC~1\Sun
    [02/03/2007|12:21] C:\DOCUME~1\Yassine\APPLIC~1\Symantec
    [25/02/2007|19:28] C:\DOCUME~1\Yassine\APPLIC~1\Template
    [16/02/2008|21:32] C:\DOCUME~1\Yassine\APPLIC~1\TVU networks
    [21/04/2007|16:34] C:\DOCUME~1\Yassine\APPLIC~1\Ulead Systems
    [17/12/2009|14:55] C:\DOCUME~1\Yassine\APPLIC~1\UserStyleHold
    [21/07/2008|14:37] C:\DOCUME~1\Yassine\APPLIC~1\vlc
    [19/10/2007|11:47] C:\DOCUME~1\Yassine\APPLIC~1\Windows Desktop Search
    [23/12/2009|17:02] C:\DOCUME~1\Yassine\APPLIC~1\WinRAR
    [18/05/2008|14:17] C:\DOCUME~1\Yassine\APPLIC~1\Yahoo!

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [31/12/2009 22:00][--ah-----] C:\WINDOWS\tasks\AAAE50F5918DC5D5.job
    [31/12/2009 22:00][--ah-----] C:\WINDOWS\tasks\ACED7427918EE8F7.job
    [31/12/2009 20:15][--a------] C:\WINDOWS\tasks\Google Software Updater.job
    [31/12/2009 22:45][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{79C8FF5A-454E-488A-86B6-25FCB3570166}.job
    [25/06/2007 07:19][--ah-----] C:\WINDOWS\tasks\MP Scheduled Quick Scan.job
    [18/12/2009 20:00][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur - Yassine.job
    [28/02/2007 12:17][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
    [31/12/2009 20:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 19:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

    ( AAAE50F5918DC5D5.job )=( c:\docume~1\myriam\applic~1\userst~1\rulepollslow.exe )
    ( ACED7427918EE8F7.job )=( c:\docume~1\yassine\applic~1\userst~1\rulepollslow.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [04/05/2008|14:00] C:\Program Files\7-Zip
    [06/04/2008|11:31] C:\Program Files\Adobe
    [12/11/2009|22:04] C:\Program Files\adslTV
    [19/05/2007|09:59] C:\Program Files\Alwil Software
    [25/02/2006|11:07] C:\Program Files\ArcSoft
    [26/09/2008|17:43] C:\Program Files\AviSynth 2.5
    [29/12/2009|22:36] C:\Program Files\CASIO
    [18/06/2008|11:22] C:\Program Files\CCleaner
    [14/03/2008|17:30] C:\Program Files\Design Science
    [23/06/2009|17:55] C:\Program Files\DivX
    [06/05/2006|19:19] C:\Program Files\Easy Internet signup
    [19/12/2009|23:36] C:\Program Files\eMule
    [21/04/2007|10:45] C:\Program Files\EZ-DUB
    [27/12/2009|20:20] C:\Program Files\Fichiers communs
    [05/01/2009|19:56] C:\Program Files\FileZilla FTP Client
    [11/07/2008|08:50] C:\Program Files\Free
    [01/06/2009|20:52] C:\Program Files\GeoGebra
    [28/12/2009|13:40] C:\Program Files\Google
    [27/12/2009|20:23] C:\Program Files\GSC Game World
    [18/06/2007|20:31] C:\Program Files\Hewlett-Packard
    [28/01/2009|16:14] C:\Program Files\HP
    [13/07/2008|17:46] C:\Program Files\InstallShield Installation Information
    [09/12/2009|23:01] C:\Program Files\Internet Explorer
    [26/01/2008|13:17] C:\Program Files\InterVideo
    [05/10/2009|20:31] C:\Program Files\Java
    [25/01/2009|17:47] C:\Program Files\JRE
    [28/03/2006|20:13] C:\Program Files\Kit ADSL
    [05/02/2006|18:18] C:\Program Files\Learn2.com
    [29/12/2009|15:39] C:\Program Files\Malwarebytes' Anti-Malware
    [26/09/2008|15:59] C:\Program Files\Messenger
    [27/12/2009|19:06] C:\Program Files\Messenger Plus! Live
    [15/05/2009|18:00] C:\Program Files\Microsoft
    [09/05/2007|15:56] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [25/11/2004|04:27] C:\Program Files\microsoft frontpage
    [17/05/2008|10:23] C:\Program Files\Microsoft Office
    [18/10/2007|16:31] C:\Program Files\Microsoft SQL Server Compact Edition
    [15/05/2009|18:06] C:\Program Files\Microsoft Sync Framework
    [23/11/2007|12:59] C:\Program Files\Mindscape
    [26/09/2008|15:48] C:\Program Files\Movie Maker
    [31/12/2009|20:45] C:\Program Files\Mozilla Firefox
    [25/07/2009|22:09] C:\Program Files\MSBuild
    [20/11/2007|20:53] C:\Program Files\MSN
    [25/11/2004|04:27] C:\Program Files\MSN Gaming Zone
    [26/10/2006|11:05] C:\Program Files\MSXML 4.0
    [01/01/2005|17:00] C:\Program Files\muvee Technologies
    [26/09/2008|15:39] C:\Program Files\NetMeeting
    [01/01/2005|17:14] C:\Program Files\Norton Internet Security
    [28/03/2007|12:56] C:\Program Files\NudgeMania
    [19/11/2007|19:13] C:\Program Files\OpenOffice.org 2.1
    [17/05/2008|19:48] C:\Program Files\OpenOffice.org 2.3
    [18/09/2008|15:49] C:\Program Files\OpenOffice.org 2.4
    [25/01/2009|17:47] C:\Program Files\OpenOffice.org 3
    [12/08/2009|22:23] C:\Program Files\Outlook Express
    [01/01/2005|17:11] C:\Program Files\PC-Doctor 5 for Windows
    [27/09/2007|13:24] C:\Program Files\Psykos 7
    [29/11/2009|14:13] C:\Program Files\QuickTime
    [01/02/2008|16:20] C:\Program Files\Real Alternative
    [23/06/2009|13:06] C:\Program Files\Red Kawa
    [25/07/2009|22:08] C:\Program Files\Reference Assemblies
    [01/01/2005|17:09] C:\Program Files\Services en ligne
    [05/10/2008|18:28] C:\Program Files\SlySoft
    [23/11/2007|12:47] C:\Program Files\Sonic
    [28/12/2009|13:26] C:\Program Files\Sports Interactive
    [31/12/2009|20:16] C:\Program Files\Steam
    [01/01/2005|17:14] C:\Program Files\Symantec
    [13/07/2008|17:45] C:\Program Files\TRENDnet
    [22/12/2006|19:51] C:\Program Files\Uninstall Information
    [05/02/2006|17:51] C:\Program Files\USB Driver-Express
    [27/12/2009|18:44] C:\Program Files\UserStyleHold
    [18/06/2008|11:16] C:\Program Files\VideoLAN
    [15/07/2006|17:56] C:\Program Files\Virtools Web Player 3.5
    [28/12/2009|14:02] C:\Program Files\VS Revo Group
    [19/05/2007|10:08] C:\Program Files\Web Media Player
    [18/10/2007|16:31] C:\Program Files\Windows Desktop Search
    [04/04/2007|12:55] C:\Program Files\Windows Journal Viewer
    [25/11/2009|17:40] C:\Program Files\Windows Live
    [01/10/2008|18:33] C:\Program Files\Windows Live Favorites
    [15/05/2009|18:00] C:\Program Files\Windows Live SkyDrive
    [15/05/2009|18:06] C:\Program Files\Windows Live Toolbar
    [11/05/2007|18:34] C:\Program Files\Windows Media Connect 2
    [26/09/2008|15:39] C:\Program Files\Windows Media Player
    [26/09/2008|15:39] C:\Program Files\Windows NT
    [05/04/2006|19:12] C:\Program Files\WindowsUpdate
    [23/12/2009|17:02] C:\Program Files\WinRAR
    [25/11/2004|04:28] C:\Program Files\xerox
    [24/06/2008|10:59] C:\Program Files\Yahoo!
    [15/10/2007|17:52] C:\Program Files\Zero G Registry
    [29/01/2007|17:10] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [06/04/2008|11:31] C:\Program Files\Fichiers communs\Adobe
    [29/11/2009|14:11] C:\Program Files\Fichiers communs\Apple
    [03/05/2008|21:11] C:\Program Files\Fichiers communs\BOONTY Shared
    [01/01/2005|16:47] C:\Program Files\Fichiers communs\Hewlett-Packard
    [18/06/2007|20:38] C:\Program Files\Fichiers communs\HP
    [28/08/2007|06:32] C:\Program Files\Fichiers communs\InstallShield
    [01/01/2005|16:54] C:\Program Files\Fichiers communs\InterVideo
    [01/01/2005|16:29] C:\Program Files\Fichiers communs\Java
    [19/12/2009|23:42] C:\Program Files\Fichiers communs\Microsoft Shared
    [25/11/2004|04:26] C:\Program Files\Fichiers communs\MSSoap
    [05/02/2006|18:18] C:\Program Files\Fichiers communs\Nullsoft
    [26/01/2008|13:14] C:\Program Files\Fichiers communs\Real
    [01/02/2005|08:50] C:\Program Files\Fichiers communs\Services
    [18/06/2007|20:40] C:\Program Files\Fichiers communs\Sonic Shared
    [25/11/2004|04:26] C:\Program Files\Fichiers communs\SpeechEngines
    [01/01/2005|16:51] C:\Program Files\Fichiers communs\SureThing Shared
    [05/02/2008|19:37] C:\Program Files\Fichiers communs\SWF Studio
    [31/12/2009|14:51] C:\Program Files\Fichiers communs\Symantec Shared
    [04/02/2008|12:30] C:\Program Files\Fichiers communs\Synacast
    [27/11/2009|23:32] C:\Program Files\Fichiers communs\System
    [21/04/2007|10:44] C:\Program Files\Fichiers communs\Ulead Systems
    [15/05/2009|17:22] C:\Program Files\Fichiers communs\Windows Live
    [01/10/2008|18:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 61 Processes )

    IEXPLORE.EXE ~ [PID:3588]
    IEXPLORE.EXE ~ [PID:3624]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Five the.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Five the.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\flag 32.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\flag 32.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\flaw bash.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\flaw bash.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Support Heck.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Support Mags.dat
    C:\DOCUME~1\myriam\APPLIC~1\userst~1
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\amfpuirt.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\DUPE DASH.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\foqsfizl.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\funljjiz.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\hyicwdhf.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\ijwcuggu.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\imtnlyzo.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\mmbloeyf.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\ncjxnmhk.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\obkmqzrr.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\piyaafoj.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\qbkytxfo.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\rgavrdsy.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\rule poll slow.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\sivzuzph.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\smqzlntg.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\soap less the 16.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\sznsbfwy.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\tcoucuog.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\wqtuzfyu.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\wxqkqmqd.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\xmzktvsv.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\xoftvbwn.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\ykskceau.exe
    C:\DOCUME~1\myriam\APPLIC~1\userst~1\yuuldczo.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\bhmhpbal.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\boxvykfl.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\DUPE DASH.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\dyrrvhym.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\fddwrjtb.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\gdgtxjxm.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\gkcnpsfr.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\hfjgjuqp.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\jiyctwwi.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\jqxortye.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\lngbrxvq.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\nkovttcd.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\qzbepcvo.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\rlucwisn.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\rule poll slow.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\soap less the 16.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\tfowngzn.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\wizrojdf.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\wjsshpmw.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\zaczslym.exe
    C:\DOCUME~1\Yassine\APPLIC~1\userst~1\zmbqzptu.exe
    C:\Program Files\userst~1
    C:\DOCUME~1\Yassine\Cookies\yassine@advertstream[1].txt
    C:\DOCUME~1\Yassine\Cookies\yassine@advertising[1].txt
    C:\DOCUME~1\Yassine\Cookies\yassine@cotedazurpalace[2].txt
    C:\DOCUME~1\Yassine\Cookies\yassine@serve.cotedazurpalace[2].txt
    C:\DOCUME~1\Yassine\Cookies\yassine@fr.partypoker[1].txt
    C:\DOCUME~1\Yassine\Cookies\yassine@partypoker[1].txt
    C:\WINDOWS\Tasks\AAAE50F5918DC5D5.job
    C:\WINDOWS\Tasks\ACED7427918EE8F7.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "win else"="C:\\DOCUME~1\\Yassine\\APPLIC~1\\USERST~1\\DUPE DASH.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Flag Owns Live Grim"="C:\\Documents and Settings\\All Users\\Application Data\\Software rule flag owns\\flaw bash.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-31 22:50:48
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 122

    --------------------\\ Recherche d'autres infections

    C:\WINDOWS\Pack.epk

    C:\WINDOWS\System32\agyey.dat
    C:\WINDOWS\System32\agyey_navup.dat
    [b]==> EGDACCESS <==/b

    [F:131][D:9]-> C:\DOCUME~1\Yassine\LOCALS~1\Temp
    [F:108][D:0]-> C:\DOCUME~1\Yassine\Cookies
    [F:1453][D:6]-> C:\DOCUME~1\Yassine\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 31/12/2009|22:54 - Option : [1]

    --------------------\\ Fin du rapport a 22:54:30

    ==============}Ensuite pour archet9,un rapport malwarebyte mais d'un examen complet
    Malwarebytes' Anti-Malware 1.42
    Version de la base de données: 3289
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.13

    31/12/2009 20:11:17
    mbam-log-2009-12-31 (20-11-17).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 295890
    Temps écoulé: 4 hour(s), 53 minute(s), 39 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 32

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP633\A0242831.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP633\A0242836.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP633\A0242928.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP638\A0243793.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP633\A0242902.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP633\A0242929.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP633\A0242960.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP633\A0242974.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP634\A0243017.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP634\A0243018.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP634\A0243030.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP637\A0243611.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP638\A0243740.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP639\A0243846.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP639\A0243850.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP634\A0243028.exe (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP637\A0243610.exe (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP638\A0243738.exe (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP633\A0242900.exe (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP639\A0243848.exe (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c001649.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c0018BE.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c0029.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c002CD6.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c003D6C.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c004823.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c004AE1.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c005F90.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c006784.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c006952.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c006DF1.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\__c0072AE.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    0
    1. Utilisateur anonyme
       
      double-clique sur le raccourci Lop S&D présent sur ton Bureau
      * Séléctionne la langue souhaitée , puis choisis l'option "Suppression + Hosts"
      * Patiente jusqu'à la fin du scan
      * Poste le rapport généré (C:\lopR.txt)
      0
  4. yasom
     
    et voila mon nouveau rapport,

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : Phoenix - Award BIOS v6.00PG
    USER : Yassine ( Administrator )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 2005 (Activated)
    Firewall : Norton Internet Security 2005 (Activated)
    C:\ (Local Disk) - NTFS - Total:142 Go (Free:89 Go)
    D:\ (Local Disk) - FAT32 - Total:6 Go (Free:2 Go)
    E:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 31/12/2009|23:39 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Five the.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Five the.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\flag 32.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\flag 32.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\flaw bash.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Support Heck.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Support Mags.dat
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\amfpuirt.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\DUPE DASH.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\foqsfizl.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\funljjiz.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\hyicwdhf.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\ijwcuggu.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\imtnlyzo.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\mmbloeyf.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\ncjxnmhk.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\obkmqzrr.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\piyaafoj.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\qbkytxfo.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\rgavrdsy.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\rule poll slow.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\sivzuzph.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\smqzlntg.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\soap less the 16.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\sznsbfwy.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\tcoucuog.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\wqtuzfyu.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\wxqkqmqd.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\xmzktvsv.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\xoftvbwn.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\ykskceau.exe
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1\yuuldczo.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\bhmhpbal.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\boxvykfl.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\DUPE DASH.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\dyrrvhym.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\fddwrjtb.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\gdgtxjxm.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\gkcnpsfr.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\hfjgjuqp.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\jiyctwwi.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\jqxortye.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\lngbrxvq.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\nkovttcd.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\qzbepcvo.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\rlucwisn.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\rule poll slow.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\soap less the 16.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\tfowngzn.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\wizrojdf.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\wjsshpmw.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\zaczslym.exe
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1\zmbqzptu.exe
    Supprime! - C:\DOCUME~1\Yassine\Cookies\yassine@advertstream[1].txt
    Supprime! - C:\DOCUME~1\Yassine\Cookies\yassine@advertising[1].txt
    Supprime! - C:\DOCUME~1\Yassine\Cookies\yassine@cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\Yassine\Cookies\yassine@serve.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\Yassine\Cookies\yassine@fr.partypoker[1].txt
    Supprime! - C:\DOCUME~1\Yassine\Cookies\yassine@partypoker[1].txt
    Supprime! - C:\WINDOWS\Tasks\AAAE50F5918DC5D5.job
    Supprime! - C:\WINDOWS\Tasks\ACED7427918EE8F7.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
    Supprime! - C:\DOCUME~1\myriam\APPLIC~1\userst~1
    Supprime! - C:\DOCUME~1\Yassine\APPLIC~1\userst~1
    Supprime! - C:\Program Files\userst~1
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [25/01/2009|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [02/04/2006|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [29/11/2009|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [29/11/2009|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/05/2008|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [18/06/2008|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [28/12/2009|13:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [04/09/2009|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [14/08/2008|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [28/01/2009|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
    [01/01/2005|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [01/01/2005|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [14/08/2008|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [29/12/2009|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [13/11/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [19/12/2009|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [27/11/2009|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [26/06/2006|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
    [07/02/2006|09:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [17/04/2006|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [01/01/2005|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [01/01/2005|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [31/10/2009|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sports Interactive
    [01/01/2005|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [21/04/2007|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [20/12/2006|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [25/10/2006|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [15/05/2009|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [01/10/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [01/02/2008|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!

    [01/01/2005|16:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
    [25/11/2004|04:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [01/01/2005|16:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
    [29/11/2009|11:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [28/11/2007|19:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [01/01/2005|17:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [01/01/2005|17:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [04/10/2009|17:11] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
    [01/01/2005|16:58] C:\DOCUME~1\INVIT~1\APPLIC~1\Apple Computer
    [14/03/2007|15:27] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
    [13/12/2009|16:55] C:\DOCUME~1\INVIT~1\APPLIC~1\HouseCall 6.6
    [25/06/2007|07:20] C:\DOCUME~1\INVIT~1\APPLIC~1\HP
    [25/11/2004|04:26] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [01/01/2005|16:55] C:\DOCUME~1\INVIT~1\APPLIC~1\Intervideo
    [09/04/2006|11:03] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
    [21/12/2009|18:37] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [28/12/2008|15:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
    [05/01/2008|23:10] C:\DOCUME~1\INVIT~1\APPLIC~1\OpenOffice.org2
    [08/12/2009|19:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Real
    [01/01/2005|17:02] C:\DOCUME~1\INVIT~1\APPLIC~1\SampleView
    [04/10/2009|18:19] C:\DOCUME~1\INVIT~1\APPLIC~1\Sun
    [01/01/2005|17:12] C:\DOCUME~1\INVIT~1\APPLIC~1\Symantec
    [27/10/2007|14:35] C:\DOCUME~1\INVIT~1\APPLIC~1\Windows Desktop Search

    [03/02/2008|12:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [14/08/2008|20:38] C:\DOCUME~1\myriam\APPLIC~1\Adobe
    [28/12/2008|17:48] C:\DOCUME~1\myriam\APPLIC~1\AdobeUM
    [01/01/2005|16:58] C:\DOCUME~1\myriam\APPLIC~1\Apple Computer
    [26/06/2006|14:48] C:\DOCUME~1\myriam\APPLIC~1\ArcSoft
    [22/02/2009|19:36] C:\DOCUME~1\myriam\APPLIC~1\DivX
    [16/12/2006|15:55] C:\DOCUME~1\myriam\APPLIC~1\Google
    [01/07/2006|16:16] C:\DOCUME~1\myriam\APPLIC~1\Help
    [03/05/2008|16:54] C:\DOCUME~1\myriam\APPLIC~1\HP
    [26/06/2006|11:33] C:\DOCUME~1\myriam\APPLIC~1\HPQ
    [25/11/2004|04:26] C:\DOCUME~1\myriam\APPLIC~1\Identities
    [01/01/2005|16:55] C:\DOCUME~1\myriam\APPLIC~1\Intervideo
    [26/06/2006|11:30] C:\DOCUME~1\myriam\APPLIC~1\Leadertech
    [13/05/2006|16:03] C:\DOCUME~1\myriam\APPLIC~1\Macromedia
    [11/07/2009|21:19] C:\DOCUME~1\myriam\APPLIC~1\Microsoft
    [19/11/2007|19:27] C:\DOCUME~1\myriam\APPLIC~1\Moyea
    [10/08/2008|15:46] C:\DOCUME~1\myriam\APPLIC~1\Mozilla
    [13/05/2006|16:02] C:\DOCUME~1\myriam\APPLIC~1\MSNInstaller
    [25/01/2009|17:55] C:\DOCUME~1\myriam\APPLIC~1\OpenOffice.org
    [17/05/2008|17:11] C:\DOCUME~1\myriam\APPLIC~1\OpenOffice.org2
    [17/02/2008|13:11] C:\DOCUME~1\myriam\APPLIC~1\Real
    [01/01/2005|17:02] C:\DOCUME~1\myriam\APPLIC~1\SampleView
    [25/01/2009|14:35] C:\DOCUME~1\myriam\APPLIC~1\Shareaza
    [19/06/2008|11:48] C:\DOCUME~1\myriam\APPLIC~1\Sonic
    [04/02/2008|12:43] C:\DOCUME~1\myriam\APPLIC~1\Sports Interactive
    [01/12/2006|13:12] C:\DOCUME~1\myriam\APPLIC~1\Sun
    [22/06/2006|09:18] C:\DOCUME~1\myriam\APPLIC~1\Symantec
    [21/06/2006|18:07] C:\DOCUME~1\myriam\APPLIC~1\Template
    [10/02/2009|18:37] C:\DOCUME~1\myriam\APPLIC~1\Ulead Systems
    [22/10/2008|17:06] C:\DOCUME~1\myriam\APPLIC~1\vlc
    [18/10/2007|17:20] C:\DOCUME~1\myriam\APPLIC~1\Windows Desktop Search
    [18/05/2008|15:33] C:\DOCUME~1\myriam\APPLIC~1\Yahoo!

    [18/10/2007|16:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [06/06/2009|17:00] C:\DOCUME~1\Yassine\APPLIC~1\Adobe
    [14/02/2008|20:27] C:\DOCUME~1\Yassine\APPLIC~1\AdobeUM
    [01/01/2005|16:58] C:\DOCUME~1\Yassine\APPLIC~1\Apple Computer
    [17/02/2009|10:18] C:\DOCUME~1\Yassine\APPLIC~1\DivX
    [06/04/2008|11:35] C:\DOCUME~1\Yassine\APPLIC~1\EPSON
    [07/01/2009|16:57] C:\DOCUME~1\Yassine\APPLIC~1\FileZilla
    [03/09/2008|13:02] C:\DOCUME~1\Yassine\APPLIC~1\Google
    [22/05/2007|16:33] C:\DOCUME~1\Yassine\APPLIC~1\HP
    [27/02/2007|14:51] C:\DOCUME~1\Yassine\APPLIC~1\HPQ
    [25/11/2004|04:26] C:\DOCUME~1\Yassine\APPLIC~1\Identities
    [10/05/2007|18:47] C:\DOCUME~1\Yassine\APPLIC~1\Intervideo
    [27/02/2007|10:19] C:\DOCUME~1\Yassine\APPLIC~1\ItsLabel
    [13/07/2008|21:23] C:\DOCUME~1\Yassine\APPLIC~1\Lavasoft
    [26/09/2008|15:46] C:\DOCUME~1\Yassine\APPLIC~1\LogoMaker
    [25/02/2007|19:47] C:\DOCUME~1\Yassine\APPLIC~1\Macromedia
    [29/12/2009|15:39] C:\DOCUME~1\Yassine\APPLIC~1\Malwarebytes
    [30/01/2008|16:18] C:\DOCUME~1\Yassine\APPLIC~1\Megaupload
    [23/06/2009|13:12] C:\DOCUME~1\Yassine\APPLIC~1\Microsoft
    [05/11/2009|20:27] C:\DOCUME~1\Yassine\APPLIC~1\Mostick
    [16/11/2007|17:48] C:\DOCUME~1\Yassine\APPLIC~1\Moyea
    [27/09/2008|17:37] C:\DOCUME~1\Yassine\APPLIC~1\Mozilla
    [20/11/2007|20:52] C:\DOCUME~1\Yassine\APPLIC~1\MSNInstaller
    [10/08/2007|12:15] C:\DOCUME~1\Yassine\APPLIC~1\muvee Technologies
    [13/02/2009|16:57] C:\DOCUME~1\Yassine\APPLIC~1\Neverball
    [28/02/2009|20:24] C:\DOCUME~1\Yassine\APPLIC~1\OpenOffice.org
    [31/12/2009|23:18] C:\DOCUME~1\Yassine\APPLIC~1\OpenOffice.org2
    [04/02/2008|11:42] C:\DOCUME~1\Yassine\APPLIC~1\Real
    [01/01/2005|17:02] C:\DOCUME~1\Yassine\APPLIC~1\SampleView
    [09/08/2007|15:18] C:\DOCUME~1\Yassine\APPLIC~1\Screenshot Sender
    [20/11/2007|13:17] C:\DOCUME~1\Yassine\APPLIC~1\SecuROM
    [28/01/2009|16:11] C:\DOCUME~1\Yassine\APPLIC~1\Shareaza
    [26/09/2008|16:29] C:\DOCUME~1\Yassine\APPLIC~1\SlySoft
    [31/10/2009|22:42] C:\DOCUME~1\Yassine\APPLIC~1\Sports Interactive
    [01/03/2007|11:49] C:\DOCUME~1\Yassine\APPLIC~1\Sun
    [02/03/2007|12:21] C:\DOCUME~1\Yassine\APPLIC~1\Symantec
    [25/02/2007|19:28] C:\DOCUME~1\Yassine\APPLIC~1\Template
    [16/02/2008|21:32] C:\DOCUME~1\Yassine\APPLIC~1\TVU networks
    [21/04/2007|16:34] C:\DOCUME~1\Yassine\APPLIC~1\Ulead Systems
    [21/07/2008|14:37] C:\DOCUME~1\Yassine\APPLIC~1\vlc
    [19/10/2007|11:47] C:\DOCUME~1\Yassine\APPLIC~1\Windows Desktop Search
    [23/12/2009|17:02] C:\DOCUME~1\Yassine\APPLIC~1\WinRAR
    [18/05/2008|14:17] C:\DOCUME~1\Yassine\APPLIC~1\Yahoo!

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [31/12/2009 23:15][--a------] C:\WINDOWS\tasks\Google Software Updater.job
    [31/12/2009 23:40][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{79C8FF5A-454E-488A-86B6-25FCB3570166}.job
    [25/06/2007 07:19][--ah-----] C:\WINDOWS\tasks\MP Scheduled Quick Scan.job
    [18/12/2009 20:00][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur - Yassine.job
    [28/02/2007 12:17][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
    [31/12/2009 23:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 19:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [04/05/2008|14:00] C:\Program Files\7-Zip
    [06/04/2008|11:31] C:\Program Files\Adobe
    [12/11/2009|22:04] C:\Program Files\adslTV
    [19/05/2007|09:59] C:\Program Files\Alwil Software
    [25/02/2006|11:07] C:\Program Files\ArcSoft
    [26/09/2008|17:43] C:\Program Files\AviSynth 2.5
    [29/12/2009|22:36] C:\Program Files\CASIO
    [18/06/2008|11:22] C:\Program Files\CCleaner
    [14/03/2008|17:30] C:\Program Files\Design Science
    [23/06/2009|17:55] C:\Program Files\DivX
    [06/05/2006|19:19] C:\Program Files\Easy Internet signup
    [19/12/2009|23:36] C:\Program Files\eMule
    [21/04/2007|10:45] C:\Program Files\EZ-DUB
    [27/12/2009|20:20] C:\Program Files\Fichiers communs
    [05/01/2009|19:56] C:\Program Files\FileZilla FTP Client
    [11/07/2008|08:50] C:\Program Files\Free
    [01/06/2009|20:52] C:\Program Files\GeoGebra
    [28/12/2009|13:40] C:\Program Files\Google
    [27/12/2009|20:23] C:\Program Files\GSC Game World
    [18/06/2007|20:31] C:\Program Files\Hewlett-Packard
    [28/01/2009|16:14] C:\Program Files\HP
    [13/07/2008|17:46] C:\Program Files\InstallShield Installation Information
    [09/12/2009|23:01] C:\Program Files\Internet Explorer
    [26/01/2008|13:17] C:\Program Files\InterVideo
    [05/10/2009|20:31] C:\Program Files\Java
    [25/01/2009|17:47] C:\Program Files\JRE
    [28/03/2006|20:13] C:\Program Files\Kit ADSL
    [05/02/2006|18:18] C:\Program Files\Learn2.com
    [29/12/2009|15:39] C:\Program Files\Malwarebytes' Anti-Malware
    [26/09/2008|15:59] C:\Program Files\Messenger
    [27/12/2009|19:06] C:\Program Files\Messenger Plus! Live
    [15/05/2009|18:00] C:\Program Files\Microsoft
    [09/05/2007|15:56] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [25/11/2004|04:27] C:\Program Files\microsoft frontpage
    [17/05/2008|10:23] C:\Program Files\Microsoft Office
    [18/10/2007|16:31] C:\Program Files\Microsoft SQL Server Compact Edition
    [15/05/2009|18:06] C:\Program Files\Microsoft Sync Framework
    [23/11/2007|12:59] C:\Program Files\Mindscape
    [26/09/2008|15:48] C:\Program Files\Movie Maker
    [31/12/2009|23:31] C:\Program Files\Mozilla Firefox
    [25/07/2009|22:09] C:\Program Files\MSBuild
    [20/11/2007|20:53] C:\Program Files\MSN
    [25/11/2004|04:27] C:\Program Files\MSN Gaming Zone
    [26/10/2006|11:05] C:\Program Files\MSXML 4.0
    [01/01/2005|17:00] C:\Program Files\muvee Technologies
    [26/09/2008|15:39] C:\Program Files\NetMeeting
    [01/01/2005|17:14] C:\Program Files\Norton Internet Security
    [28/03/2007|12:56] C:\Program Files\NudgeMania
    [19/11/2007|19:13] C:\Program Files\OpenOffice.org 2.1
    [17/05/2008|19:48] C:\Program Files\OpenOffice.org 2.3
    [18/09/2008|15:49] C:\Program Files\OpenOffice.org 2.4
    [25/01/2009|17:47] C:\Program Files\OpenOffice.org 3
    [12/08/2009|22:23] C:\Program Files\Outlook Express
    [01/01/2005|17:11] C:\Program Files\PC-Doctor 5 for Windows
    [27/09/2007|13:24] C:\Program Files\Psykos 7
    [29/11/2009|14:13] C:\Program Files\QuickTime
    [01/02/2008|16:20] C:\Program Files\Real Alternative
    [23/06/2009|13:06] C:\Program Files\Red Kawa
    [25/07/2009|22:08] C:\Program Files\Reference Assemblies
    [01/01/2005|17:09] C:\Program Files\Services en ligne
    [05/10/2008|18:28] C:\Program Files\SlySoft
    [23/11/2007|12:47] C:\Program Files\Sonic
    [28/12/2009|13:26] C:\Program Files\Sports Interactive
    [31/12/2009|23:17] C:\Program Files\Steam
    [01/01/2005|17:14] C:\Program Files\Symantec
    [13/07/2008|17:45] C:\Program Files\TRENDnet
    [22/12/2006|19:51] C:\Program Files\Uninstall Information
    [05/02/2006|17:51] C:\Program Files\USB Driver-Express
    [18/06/2008|11:16] C:\Program Files\VideoLAN
    [15/07/2006|17:56] C:\Program Files\Virtools Web Player 3.5
    [28/12/2009|14:02] C:\Program Files\VS Revo Group
    [19/05/2007|10:08] C:\Program Files\Web Media Player
    [18/10/2007|16:31] C:\Program Files\Windows Desktop Search
    [04/04/2007|12:55] C:\Program Files\Windows Journal Viewer
    [25/11/2009|17:40] C:\Program Files\Windows Live
    [01/10/2008|18:33] C:\Program Files\Windows Live Favorites
    [15/05/2009|18:00] C:\Program Files\Windows Live SkyDrive
    [15/05/2009|18:06] C:\Program Files\Windows Live Toolbar
    [11/05/2007|18:34] C:\Program Files\Windows Media Connect 2
    [26/09/2008|15:39] C:\Program Files\Windows Media Player
    [26/09/2008|15:39] C:\Program Files\Windows NT
    [05/04/2006|19:12] C:\Program Files\WindowsUpdate
    [23/12/2009|17:02] C:\Program Files\WinRAR
    [25/11/2004|04:28] C:\Program Files\xerox
    [24/06/2008|10:59] C:\Program Files\Yahoo!
    [15/10/2007|17:52] C:\Program Files\Zero G Registry
    [29/01/2007|17:10] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [06/04/2008|11:31] C:\Program Files\Fichiers communs\Adobe
    [29/11/2009|14:11] C:\Program Files\Fichiers communs\Apple
    [03/05/2008|21:11] C:\Program Files\Fichiers communs\BOONTY Shared
    [01/01/2005|16:47] C:\Program Files\Fichiers communs\Hewlett-Packard
    [18/06/2007|20:38] C:\Program Files\Fichiers communs\HP
    [28/08/2007|06:32] C:\Program Files\Fichiers communs\InstallShield
    [01/01/2005|16:54] C:\Program Files\Fichiers communs\InterVideo
    [01/01/2005|16:29] C:\Program Files\Fichiers communs\Java
    [19/12/2009|23:42] C:\Program Files\Fichiers communs\Microsoft Shared
    [25/11/2004|04:26] C:\Program Files\Fichiers communs\MSSoap
    [05/02/2006|18:18] C:\Program Files\Fichiers communs\Nullsoft
    [26/01/2008|13:14] C:\Program Files\Fichiers communs\Real
    [01/02/2005|08:50] C:\Program Files\Fichiers communs\Services
    [18/06/2007|20:40] C:\Program Files\Fichiers communs\Sonic Shared
    [25/11/2004|04:26] C:\Program Files\Fichiers communs\SpeechEngines
    [01/01/2005|16:51] C:\Program Files\Fichiers communs\SureThing Shared
    [05/02/2008|19:37] C:\Program Files\Fichiers communs\SWF Studio
    [31/12/2009|14:51] C:\Program Files\Fichiers communs\Symantec Shared
    [04/02/2008|12:30] C:\Program Files\Fichiers communs\Synacast
    [27/11/2009|23:32] C:\Program Files\Fichiers communs\System
    [21/04/2007|10:44] C:\Program Files\Fichiers communs\Ulead Systems
    [15/05/2009|17:22] C:\Program Files\Fichiers communs\Windows Live
    [01/10/2008|18:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 59 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-31 23:44:10
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 122

    --------------------\\ Recherche d'autres infections

    C:\WINDOWS\Pack.epk

    C:\WINDOWS\System32\agyey.dat
    C:\WINDOWS\System32\agyey_navup.dat
    [b]==> EGDACCESS <==/b

    [F:16][D:7]-> C:\DOCUME~1\Yassine\LOCALS~1\Temp
    [F:107][D:0]-> C:\DOCUME~1\Yassine\Cookies
    [F:30][D:4]-> C:\DOCUME~1\Yassine\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 31/12/2009|22:54 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 31/12/2009|23:48 - Option : [2]

    --------------------\\ Fin du rapport a 23:48:26
    0
    1. Utilisateur anonyme
       
      traitons maintenant cette infection
      C:\WINDOWS\Pack.epk
      C:\WINDOWS\System32\agyey.dat
      C:\WINDOWS\System32\agyey_navup.dat


      Ton PC a une infection Navipromo/Magic Control/EDG ACCESS qui affiche des publicités intempestives.
      Il s'installe via certains programmes, dont ceux-ci qu'il faut éviter à tout prix:
      * Funky Emoticons
      * go-astro
      * Games Attack
      * GoRecord
      * HotTVPlayer / HotTVPlayer & Paris Hilton
      * Live-Player
      * MailSkinner
      * Messenger Skinner
      * Instant Access
      * InternetGameBox
      * Officiale Emule (Version d'Emule modifiée)
      * Original Solitaire
      * SuperSexPlayer
      * Speed Downloading
      * Sudoplanet
      * Webmediaplayer

      Télécharge Navilog (de Il Mafioso) sur ton bureau
      http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
      Surtout, désactive l'anti-virus et l'anti-spyware, car ils risquent de gêner l'outil
      Double-clique sur Navilog présent sur le Bureau pour le lancer
      Choisit la langue en tapant sur F, et appuie sur la touche entrée
      Appuie sur un touche pour continuer lorsqu'on te le demande
      Tape sur 1 (recherche/suppression automatique), et appuie sur la touche entrée
      L'outil t'informe qu'il va redémarrer le PC lors de la suppression
      Une fois que l'outil a terminé, le bureau réapparait, et le bloc-notes s'ouvre
      Copie et colle le rapport C:\fixnavi.txt dans ta réponse


      Note: Si le bureau réapparait pas, Ctrl+Alt+Suppr. Sélectionner gestionnaire de
      tâches. Se rendre dans l'onglet "Processus". En haut, cliquer sur "Fichier"
      Sélectionner "Nouvelle tâche". Taper "explorer", puis valider, et le bureau
      réappraitra
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. yasom
     
    merciii et bonne année!!par contre j'ai toujours des pubs "trafficsolar.com" et aussi un logiciel qui s'installe tout seul:ptools.je croyais l'avoir supprimé mais il revient!!!je ne sait pas quoi faire!!!
    0
    1. Utilisateur anonyme
       
      bonne année 2010
      fait navilog, et poste le rapport, puis on verra après
      0
  7. yasom
     
    le rapport navi:
    Fix Navipromo version 4.0.5 commencé le 31/12/2009 23:59:09,57

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : Phoenix - Award BIOS v6.00PG
    USER : Yassine ( Administrator )
    BOOT : Normal boot

    Antivirus : Norton Internet Security 2005 (Activated)
    Firewall : Norton Internet Security 2005 (Activated)

    C:\ (Local Disk) - NTFS - Total:142 Go (Free:89 Go)
    D:\ (Local Disk) - FAT32 - Total:6 Go (Free:2 Go)
    E:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur

    C:\WINDOWS\pack.epk supprimé !
    C:\WINDOWS\system32\agyey.dat supprimé !
    C:\WINDOWS\system32\agyey_navup.dat supprimé !

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Yassine\locals~1\Temp effectué !

    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok

    *** Scan terminé 01/01/2010 0:05:04,31 ***
    0
    1. Utilisateur anonyme
       
      Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

      - http://images.malwareremoval.com/random/RSIT.exe

      ! Déconnecte toi et ferme toutes tes applications en cours !

      * Double-clique sur RSIT.exe pour le lancer .
      * Une première fenêtre s'ouvre avec en titre : Disclaimer of warranty .
      * Devant l'option List files/folders created ... , tu choisis 2 months
      * Clique ensuite sur Continue pour lancer l'analyse ...
      * Laisse faire le scan et ne touche pas au PC ...
      * Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
      * Héberge le contenu de log.txt (c'est celui qui apparait à l'écran), ainsi que de info.txt ici.
      Clique sur parcourir
      Une fois que tu as trouvé les rapports à héberger, clique sur ouvrir
      Clique sur Cliquez ici pour déposer le fichier, puis donne le lien
      qui apparait comme ceci http:/www.cijoint.fr/cjlink.php?file=cj200911/cijgAdC3Ch.txt

      Note : les rapports seront en outre sauvegardés dans ce dossier C:\rsit
      0
  8. yasom
     
    http://www.cijoint.fr/cjlink.php?file=cj201001/cijxM9vzy3.txt
    voila le lien
    0
    1. Utilisateur anonyme
       
      Je regarderai demain
      0
  9. yasom
     
    bonjour,j'ai vraiment besoin d'aide.Mon ordi ralenti,j'ai des encore des pubs adserving.ezanga.com.le logiciel pctools et controlcenter.Svpppp merciii
    0
    1. Utilisateur anonyme
       
      bonjour
      pourrai tu me refaire un RSIT, il me faudrai le rapport log.txt
      0
  10. yasom
     
    http://www.cijoint.fr/cjlink.php?file=cj201001/cijUqLFWYc.txt
    0
  11. Utilisateur anonyme
     
    Attention, avant de commencer, lit attentivement la procédure, et imprime la

    Télécharge ComboFix de sUBs sur ton Bureau :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    /!\ Déconnecte-toi du net et DESACTIVES TOUTES LES DEFENSES, antivirus et antispyware y compris /!\
    ---> Double-clique sur ComboFix.exe
    Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter
    SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
    ---> Mets-le en langue française F
    Tape sur la touche 1 (Yes) pour démarrer le scan.

    Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

    En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

    Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    Note : Le rapport se trouve également là : C:\ComboFix.txt
    0
  12. yasom
     
    le rapport combofix
    ComboFix 10-01-02.05 - Yassine 03/01/2010 17:09:35.1.1 - x86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.510.254 [GMT 1:00]
    Lancé depuis: c:\documents and settings\Yassine\Bureau\ComboFix.exe
    AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Arte - Being W
    C:\Arte - Being W
    c:\documents and settings\myriam\Application Data\CCenter
    c:\documents and settings\myriam\Application Data\CCenter\ccagent.exe
    c:\documents and settings\myriam\Application Data\CCenter\ccmain.exe
    c:\documents and settings\myriam\Application Data\CCenter\faq\guide.html
    c:\documents and settings\myriam\Application Data\CCenter\faq\images\05.png
    c:\documents and settings\myriam\Application Data\CCenter\faq\images\06.png
    c:\documents and settings\myriam\Application Data\CCenter\faq\images\07.png
    c:\documents and settings\myriam\Application Data\CCenter\faq\images\08.png
    c:\documents and settings\myriam\Application Data\CCenter\faq\images\09.png
    c:\documents and settings\myriam\Application Data\CCenter\faq\images\10.png
    c:\documents and settings\myriam\Application Data\CCenter\settings.ini
    c:\documents and settings\myriam\Application Data\CCenter\uninstall.exe
    c:\documents and settings\Yassine\Application Data\CCenter
    c:\documents and settings\Yassine\Application Data\CCenter\ccagent.exe
    c:\documents and settings\Yassine\Application Data\CCenter\ccmain.exe
    c:\documents and settings\Yassine\Application Data\CCenter\faq\guide.html
    c:\documents and settings\Yassine\Application Data\CCenter\faq\images\05.png
    c:\documents and settings\Yassine\Application Data\CCenter\faq\images\06.png
    c:\documents and settings\Yassine\Application Data\CCenter\faq\images\07.png
    c:\documents and settings\Yassine\Application Data\CCenter\faq\images\08.png
    c:\documents and settings\Yassine\Application Data\CCenter\faq\images\09.png
    c:\documents and settings\Yassine\Application Data\CCenter\faq\images\10.png
    c:\documents and settings\Yassine\Application Data\CCenter\settings.ini
    c:\documents and settings\Yassine\Application Data\CCenter\uninstall.exe
    c:\documents and settings\Yassine\Application Data\PC
    c:\documents and settings\Yassine\Application Data\PC\agent.exe
    c:\documents and settings\Yassine\Application Data\PC\faq\guide.html
    c:\documents and settings\Yassine\Application Data\PC\faq\images\gimg1.jpg
    c:\documents and settings\Yassine\Application Data\PC\faq\images\gimg10.jpg
    c:\documents and settings\Yassine\Application Data\PC\faq\images\gimg2.jpg
    c:\documents and settings\Yassine\Application Data\PC\faq\images\gimg3.jpg
    c:\documents and settings\Yassine\Application Data\PC\faq\images\gimg4.jpg
    c:\documents and settings\Yassine\Application Data\PC\faq\images\gimg5.jpg
    c:\documents and settings\Yassine\Application Data\PC\faq\images\gimg6.jpg
    c:\documents and settings\Yassine\Application Data\PC\faq\images\gimg7.jpg
    c:\documents and settings\Yassine\Application Data\PC\faq\images\gimg8.jpg
    c:\documents and settings\Yassine\Application Data\PC\faq\images\gimg9.jpg
    c:\documents and settings\Yassine\Application Data\PC\pc.exe
    c:\documents and settings\Yassine\Application Data\PC\settings.ini
    c:\documents and settings\Yassine\Application Data\PC\uninstall.exe
    C:\Thumbs.db
    c:\windows\system32\__c0018BE.exe
    c:\windows\system32\__c0029.exe
    c:\windows\system32\__c002CD6.exe
    c:\windows\system32\__c003D6C.exe
    c:\windows\system32\__c004823.exe
    c:\windows\system32\__c004AE1.exe
    c:\windows\system32\__c005F90.exe
    c:\windows\system32\__c006784.exe
    c:\windows\system32\__c006952.exe
    c:\windows\system32\__c0072AE.exe
    c:\windows\system32\aafhk.dat
    c:\windows\system32\aafhk.exe
    c:\windows\system32\aafhk_navps.dat
    D:\Autorun.inf

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_BOONTY_GAMES
    -------\Service_Boonty Games

    ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-03 au 2010-01-03 ))))))))))))))))))))))))))))))))))))
    .

    2009-12-31 23:47 . 2010-01-03 15:51 -------- d-----w- C:\rsit
    2009-12-31 22:57 . 2009-12-31 23:05 -------- d-----w- c:\program files\Navilog1
    2009-12-31 22:08 . 2009-12-31 22:08 -------- d-----w- C:\_OTM
    2009-12-31 21:45 . 2009-12-31 22:48 -------- d-----w- C:\Lop SD
    2009-12-29 21:36 . 2009-12-29 21:36 -------- d-----w- c:\program files\CASIO
    2009-12-29 14:39 . 2009-12-29 14:39 -------- d-----w- c:\documents and settings\Yassine\Application Data\Malwarebytes
    2009-12-29 14:39 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-12-29 14:39 . 2009-12-29 14:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-12-29 14:39 . 2009-12-29 14:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-12-29 14:39 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-12-27 17:06 . 2009-12-28 13:02 -------- d-----w- c:\program files\VS Revo Group
    2009-12-19 19:25 . 2009-12-19 19:25 225792 ----a-w- c:\windows\system32\cfgshl.dll
    2009-12-19 19:24 . 2009-12-19 19:24 225792 ----a-w- c:\windows\system32\cfgpage10.dll
    2009-12-13 15:51 . 2007-12-24 16:37 138384 ----a-w- c:\windows\system32\drivers\tmcomm.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-01-03 16:23 . 2007-02-28 16:42 -------- d-----w- c:\documents and settings\Yassine\Application Data\OpenOffice.org2
    2010-01-03 16:21 . 2008-12-25 10:25 -------- d-----w- c:\program files\Steam
    2010-01-02 17:22 . 2005-01-01 16:11 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
    2010-01-02 14:12 . 2006-06-05 08:19 86360 ----a-w- c:\documents and settings\myriam\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-12-30 22:17 . 2007-03-02 11:30 86360 ----a-w- c:\documents and settings\Yassine\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-12-28 12:40 . 2005-01-01 16:09 -------- d-----w- c:\program files\Google
    2009-12-28 12:26 . 2008-11-04 11:15 -------- d-----w- c:\program files\Sports Interactive
    2009-12-27 19:23 . 2008-12-06 18:40 -------- d-----w- c:\program files\GSC Game World
    2009-12-27 18:06 . 2008-10-02 15:16 -------- d-----w- c:\program files\Messenger Plus! Live
    2009-12-19 22:36 . 2007-05-16 09:38 -------- d-----w- c:\program files\eMule
    2009-12-09 20:51 . 2009-02-28 19:25 1 ----a-w- c:\documents and settings\Yassine\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
    2009-12-08 19:46 . 2004-11-23 21:26 94518 ----a-w- c:\windows\system32\perfc00C.dat
    2009-12-08 19:46 . 2004-11-23 21:26 534808 ----a-w- c:\windows\system32\perfh00C.dat
    2009-12-06 12:14 . 2008-01-06 17:23 1 ----a-w- c:\documents and settings\Yassine\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys
    2009-11-29 13:13 . 2005-01-01 15:57 -------- d-----w- c:\program files\QuickTime
    2009-11-29 13:11 . 2005-01-01 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
    2009-11-29 13:11 . 2009-11-29 13:11 -------- d-----w- c:\program files\Fichiers communs\Apple
    2009-11-29 13:10 . 2009-11-29 13:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
    2009-11-27 22:32 . 2008-04-16 13:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
    2009-11-25 16:40 . 2007-06-10 18:07 -------- d-----w- c:\program files\Windows Live
    2009-11-12 21:04 . 2007-06-26 12:35 -------- d-----w- c:\program files\adslTV
    2009-11-05 19:27 . 2009-11-05 19:27 -------- d-----w- c:\documents and settings\Yassine\Application Data\Mostick
    2009-10-29 07:44 . 2004-08-05 18:00 832512 ----a-w- c:\windows\system32\wininet.dll
    2009-10-29 07:44 . 2004-08-05 18:00 78336 ----a-w- c:\windows\system32\ieencode.dll
    2009-10-29 07:44 . 2004-08-05 18:00 17408 ----a-w- c:\windows\system32\corpol.dll
    2009-10-21 05:39 . 2004-08-05 18:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
    2009-10-21 05:39 . 2004-08-05 18:00 25088 ----a-w- c:\windows\system32\httpapi.dll
    2009-10-20 16:20 . 2004-08-05 18:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
    2009-10-13 10:33 . 2004-08-05 18:00 271360 ----a-w- c:\windows\system32\oakley.dll
    2009-10-12 13:39 . 2004-08-05 18:00 79872 ----a-w- c:\windows\system32\raschap.dll
    2009-10-12 13:39 . 2004-08-05 18:00 150528 ----a-w- c:\windows\system32\rastls.dll
    2009-10-05 19:23 . 2009-10-05 19:23 152576 ----a-w- c:\documents and settings\Yassine\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
    2006-04-24 16:28 . 2006-04-20 16:06 417 -c--a-w- c:\program files\Etudiant.EGP
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Steam"="c:\program files\Steam\Steam.exe" [2009-10-25 1217808]
    "Shareaza"="c:\documents and settings\myriam\Bureau\Shareaza\Shareaza.exe" [2008-10-01 5723136]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-24 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656]
    "ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-09-07 58488]
    "BigDogPath"="c:\windows\VM_STI.EXE" [2005-02-28 53248]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
    "ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
    "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]

    c:\documents and settings\myriam\Menu D‚marrer\Programmes\D‚marrage\
    OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]

    c:\documents and settings\Yassine\Menu D‚marrer\Programmes\D‚marrage\
    OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]
    OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
    EZ-DUB Finder.lnk - c:\program files\EZ-DUB\EZ-DUB.exe [2006-3-1 266240]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
    Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
    Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]
    Wireless Configuration Utility.lnk - c:\program files\TRENDnet\TEW-424UB\WlanCU.exe [2007-7-10 634880]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
    "c:\\Documents and Settings\\myriam\\Bureau\\Shareaza\\Shareaza.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Steam\\SteamApps\\common\\football manager 2009\\fm.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
    "AllowInboundEchoRequest"= 1 (0x1)

    R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [01/01/2005 16:37 2786176]
    S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;c:\windows\system32\drivers\usbiad.sys [05/02/2006 17:51 31547]
    S3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle;c:\windows\system32\drivers\RTL8187B.sys [13/07/2008 17:46 264576]
    .
    Contenu du dossier 'Tâches planifiées'

    2010-01-03 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-04 12:12]

    2009-12-18 c:\windows\Tasks\Norton AntiVirus - Analyser mon ordinateur - Yassine.job
    - c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2004-08-31 15:48]

    2007-02-28 c:\windows\Tasks\Symantec NetDetect.job
    - c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-01-01 17:22]

    2010-01-03 c:\windows\Tasks\User_Feed_Synchronization-{79C8FF5A-454E-488A-86B6-25FCB3570166}.job
    - c:\windows\system32\msfeedssync.exe [2007-08-13 16:36]
    .
    .
    ------- Examen supplémentaire -------
    .
    uInternet Connection Wizard,ShellNext = hxxp://g.msn.fr/8SEFRFR030000TBR/FRWCompleteTBSiteFinalDEFAULT
    uInternet Settings,ProxyOverride = local
    uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
    IE: &Traduire à partir de l'anglais - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
    IE: Pages liées - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
    IE: Pages similaires - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
    IE: Recherche &Google - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
    IE: Version de la page actuelle disponible dans le cache Google - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
    DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} - hxxp://d.69.25.47.96.downloads.estara.com./as/OneCCDM.php?template=41001&sessionid=1373278661_77.195.55.16_1473&=&req=1177162493375OneCC.cab
    FF - ProfilePath - c:\documents and settings\Yassine\Application Data\Mozilla\Firefox\Profiles\7lst7jw6.default\
    FF - prefs.js: browser.startup.homepage - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
    FF - plugin: c:\program files\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-agent.exe - c:\documents and settings\Yassine\Application Data\PC\agent.exe
    HKCU-Run-ccagent.exe - c:\documents and settings\Yassine\Application Data\CCenter\ccagent.exe
    AddRemove-PCTools - c:\documents and settings\Yassine\Application Data\PC\uninstall.exe

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-01-03 17:21
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-1018\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:fe,64,f3,b9,52,5b,af,30,27,20,b8,0d,11,dc,79,2d,e9,53,f2,a5,17,33,e3,
    25,dd,13,a1,39,7c,1a,dc,61,4f,fe,f3,1f,d4,95,bf,3b,b7,14,4c,04,79,70,4c,fc,\
    "??"=hex:91,1e,f5,2a,d1,ba,50,cb,11,cb,ec,c8,e8,1a,c0,4c
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'explorer.exe'(424)
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\eappprxy.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\program files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\program files\Norton Internet Security\ISSVC.exe
    c:\program files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\program files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\windows\system32\nvsvc32.exe
    c:\windows\system32\IoCtlSvc.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    c:\program files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    c:\windows\system32\SearchIndexer.exe
    c:\windows\system32\wbem\wmiapsrv.exe
    c:\program files\OpenOffice.org 2.4\program\soffice.exe
    c:\program files\OpenOffice.org 3\program\soffice.exe
    c:\program files\OpenOffice.org 2.4\program\soffice.BIN
    c:\program files\OpenOffice.org 3\program\soffice.bin
    c:\windows\system32\SearchProtocolHost.exe
    c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
    c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
    c:\program files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    c:\program files\Java\jre6\bin\jucheck.exe
    c:\windows\system32\SearchFilterHost.exe
    .
    **************************************************************************
    .
    Heure de fin: 2010-01-03 17:35:38 - La machine a redémarré
    ComboFix-quarantined-files.txt 2010-01-03 16:35

    Avant-CF: 95 504 396 288 octets libres
    Après-CF: 95 394 525 184 octets libres

    - - End Of File - - 416F90488579B7DB5C6168EF9FCE2540
    0
    1. Utilisateur anonyme
       
      plus de pubs ?
      0
    2. yasom > Utilisateur anonyme
       
      plus rien!!!!merci pour tout!bonne soirée!
      0
    3. Utilisateur anonyme > yasom
       
      attends, c'est pas finit, refait moi un dernier RSIT
      et après, on va nettoyer le PC
      0
    4. yasom > Utilisateur anonyme
       
      voila le nouveau rsit log
      http://www.cijoint.fr/cjlink.php?file=cj201001/cijcWUqDsu.txt
      0
    5. Utilisateur anonyme > yasom
       
      je vois des lignes bizarres concernant le compte invité, ce compte sert-il ?
      0
  13. Utilisateur anonyme
     
    patiente, je reviens, car il y a des lignes suspectes
    0
    1. Utilisateur anonyme
       
      il faudrai aller sur le compte invité, et faire Malwarebytes dessus en suivant les instructions
      0
      1. yasom > Utilisateur anonyme
         
        une analyse rapide ou complete?
        0
      2. Utilisateur anonyme > yasom
         
        complète
        je reviendrai tout à l'heure
        0
      3. yasom > Utilisateur anonyme
         
        Malwarebytes' Anti-Malware 1.42
        Database version: 3289
        Windows 5.1.2600 Service Pack 3
        Internet Explorer 7.0.5730.13

        03/01/2010 19:20:40
        mbam-log-2010-01-03 (19-20-40).txt

        Scan type: Full Scan (C:\|D:\|)
        Objects scanned: 194783
        Time elapsed: 41 minute(s), 14 second(s)

        Memory Processes Infected: 1
        Memory Modules Infected: 0
        Registry Keys Infected: 1
        Registry Values Infected: 2
        Registry Data Items Infected: 1
        Folders Infected: 2
        Files Infected: 20

        Memory Processes Infected:
        C:\Documents and Settings\Invité\Application Data\PC\agent.exe (Trojan.FakeAlert) -> Failed to unload process.

        Memory Modules Infected:
        (No malicious items detected)

        Registry Keys Infected:
        HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

        Registry Values Infected:
        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\aafhk (Trojan.Agent.H) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\agent.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.

        Registry Data Items Infected:
        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (C:\Documents and Settings\Invité\Application Data\PC\pc.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

        Folders Infected:
        C:\Documents and Settings\Invité\Application Data\PC\faq (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images (Rogue.ControlCenter) -> Quarantined and deleted successfully.

        Files Infected:
        C:\Documents and Settings\Invité\Application Data\PC\uninstall.exe (Rogue.Installer) -> Quarantined and deleted successfully.
        C:\Qoobox\Quarantine\C\Documents and Settings\myriam\Application Data\CCenter\uninstall.exe.vir (Rogue.Installer) -> Quarantined and deleted successfully.
        C:\Qoobox\Quarantine\C\Documents and Settings\Yassine\Application Data\CCenter\uninstall.exe.vir (Rogue.Installer) -> Quarantined and deleted successfully.
        C:\Qoobox\Quarantine\C\Documents and Settings\Yassine\Application Data\PC\uninstall.exe.vir (Rogue.Installer) -> Quarantined and deleted successfully.
        C:\Qoobox\Quarantine\C\WINDOWS\system32\__c0029.exe.vir (Rogue.Installer) -> Quarantined and deleted successfully.
        C:\Qoobox\Quarantine\C\WINDOWS\system32\__c004823.exe.vir (Rogue.Installer) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\guide.html (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images\gimg1.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images\gimg10.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images\gimg2.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images\gimg3.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images\gimg4.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images\gimg5.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images\gimg6.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images\gimg7.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images\gimg8.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\faq\images\gimg9.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\pc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Invité\Application Data\PC\agent.exe (Trojan.FakeAlert) -> Delete on reboot.
        C:\Documents and Settings\Invité\Application Data\PC\settings.ini (Trojan.FakeAlert) -> Quarantined and deleted successfully.
        0
  14. yasom
     
    que doit je faire maintenant?
    0
    1. Utilisateur anonyme
       
      ton Malwarebytes n'est pas du tout à jour, met le à jour, refait un scan rapide

      ensuite, pourrai tu analyser ces fichiers sur le site Virus Total
      c:\windows\system32\rkpvujos.exe
      c:\windows\system32\idlhmn.exe
      c:\windows\system32\ljswixgz.exe
      c:\windows\system32\oaqpkis.exe
      c:\windows\system32\hplraojdkx.exe
      c:\windows\system32\oftspg.exe
      c:\windows\system32\zeadcqdgl.exe
      c:\windows\system32\cuawjyhnb.exe
      c:\windows\system32\szjaeki.exe
      c:\windows\system32\bysfwfcevq.exe
      c:\windows\system32\apgxzz.exe
      c:\windows\system32\bgpgenuas.exe
      c:\windows\system32\ksmwwykmn.exe
      c:\windows\system32\wtbwapp.exe
      c:\windows\system32\pbgqpoxvw.exe
      c:\windows\system32\yetcmcw.exe
      c:\windows\system32\pextri.exe
      c:\windows\system32\ijdptzc.exe
      c:\windows\system32\aafhk.exe

      comme il y a pas mal de fichiers, tu me diras s'il y a des résultats
      0
      1. yasom > Utilisateur anonyme
         
        je ne trouve aucun des fixhier et je peut donc pas les analysé
        Malwarebytes' Anti-Malware 1.43
        Version de la base de données: 3488
        Windows 5.1.2600 Service Pack 3
        Internet Explorer 7.0.5730.13

        03/01/2010 22:24:26
        mbam-log-2010-01-03 (22-24-26).txt

        Type de recherche: Examen rapide
        Eléments examinés: 109330
        Temps écoulé: 9 minute(s), 42 second(s)

        Processus mémoire infecté(s): 0
        Module(s) mémoire infecté(s): 0
        Clé(s) du Registre infectée(s): 0
        Valeur(s) du Registre infectée(s): 0
        Elément(s) de données du Registre infecté(s): 0
        Dossier(s) infecté(s): 0
        Fichier(s) infecté(s): 1

        Processus mémoire infecté(s):
        (Aucun élément nuisible détecté)

        Module(s) mémoire infecté(s):
        (Aucun élément nuisible détecté)

        Clé(s) du Registre infectée(s):
        (Aucun élément nuisible détecté)

        Valeur(s) du Registre infectée(s):
        (Aucun élément nuisible détecté)

        Elément(s) de données du Registre infecté(s):
        (Aucun élément nuisible détecté)

        Dossier(s) infecté(s):
        (Aucun élément nuisible détecté)

        Fichier(s) infecté(s):
        C:\Documents and Settings\Invité\Application Data\PC\agent.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
        0
      2. Utilisateur anonyme > yasom
         
        refait moi un RSIT pour voir
        0
      3. yasom > Utilisateur anonyme
         
        http://www.cijoint.fr/cjlink.php?file=cj201001/cijOBou2XC.txt
        0
  15. Utilisateur anonyme
     
    Tu dois afficher les fichiers et dossiers cachés
    Démarrer, Poste de travail
    Clique sur outils
    Sélectionne options de dossier
    Va dans l'onglet affichage
    Coche afficher les fichiers et dossiers cachés, puis OK

    essaye de trouver les fichiers que je t'ai indiqué plus haut
    0
    1. yasom
       
      j'ai fait tout ce qu'il faut mais je ne trouve toujours pas les fichiers.il y a des fichiers en bleu dans windows.je vais dans le dossier systeme32 mais la aucun des fichiers demandé...
      0
  16. Utilisateur anonyme
     
    on verra cela demain
    0
    1. yasom
       
      toujours rien...je ne trouve pas les fichiers a analysé...
      0
  17. Utilisateur anonyme
     
    bonjour
    je te prépare une procédure de suppression spéciale qui sera prête ce soir
    0
    1. Utilisateur anonyme
       
      bonjour yasom

      Attention,à ne pas reproduire sur un autre PC, ce qui pourrai l'endommager
      ▶ Télécharge OTM (de Old_Timer) sur ton Bureau

      ▶ Double-clique sur OTM.exe pour le lancer.

      ▶ Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.

      ▶ Copie la liste qui se trouve en gras dans la citation ci-dessous et colle-la dans le cadre de gauche de OTM sous "Paste instructions for item to be moved".


      :files
      c:\windows\system32\rkpvujos.exe
      c:\windows\system32\ljswixgz.exe
      c:\windows\system32\oaqpkis.exe
      c:\windows\system32\hplraojdkx.exe
      c:\windows\system32\oftspg.exe
      c:\windows\system32\zeadcqdgl.exe
      c:\windows\system32\cuawjyhnb.exe
      c:\windows\system32\szjaeki.exe
      c:\windows\system32\bysfwfcevq.exe
      c:\windows\system32\apgxzz.exe
      c:\windows\system32\bgpgenuas.exe
      c:\windows\system32\ksmwwykmn.exe
      c:\windows\system32\wtbwapp.exe
      c:\windows\system32\pbgqpoxvw.exe
      c:\windows\system32\yetcmcw.exe
      c:\windows\system32\pextri.exe
      c:\windows\system32\ijdptzc.exe


      :reg
      [HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run]
      "rkpvujos"=-
      "idlhmn"=-
      "ljswixgz"=-
      "oaqpkis"=-
      "hplraojdkx"=-
      "oftspg"=-
      "zeadcqdgl"=-
      "cuawjyhnb"=-
      "szjaeki"=-
      "bysfwfcevq"=-
      "apgxzz"=-
      "bgpgenuas"=-
      "ksmwwykmn"=-
      "wtbwapp"=-
      "pbgqpoxvw"=-
      "yetcmcw"=-
      "pextri"=-
      "ijdptzc"=-

      :commands
      [emptytemp]
      [start explorer]


      ▶ clique sur MoveIt! pour lancer la suppression.

      ▶ Le résultat apparaitra dans le cadre "Results".

      ▶ Clique sur Exit pour fermer.

      ▶ Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

      ▶ Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.
      0
      1. yasom > Utilisateur anonyme
         
        All processes killed
        ========== FILES ==========
        File/Folder c:\windows\system32\rkpvujos.exe not found.
        File/Folder c:\windows\system32\ljswixgz.exe not found.
        File/Folder c:\windows\system32\oaqpkis.exe not found.
        File/Folder c:\windows\system32\hplraojdkx.exe not found.
        File/Folder c:\windows\system32\oftspg.exe not found.
        File/Folder c:\windows\system32\zeadcqdgl.exe not found.
        File/Folder c:\windows\system32\cuawjyhnb.exe not found.
        File/Folder c:\windows\system32\szjaeki.exe not found.
        File/Folder c:\windows\system32\bysfwfcevq.exe not found.
        File/Folder c:\windows\system32\apgxzz.exe not found.
        File/Folder c:\windows\system32\bgpgenuas.exe not found.
        File/Folder c:\windows\system32\ksmwwykmn.exe not found.
        File/Folder c:\windows\system32\wtbwapp.exe not found.
        File/Folder c:\windows\system32\pbgqpoxvw.exe not found.
        File/Folder c:\windows\system32\yetcmcw.exe not found.
        File/Folder c:\windows\system32\pextri.exe not found.
        File/Folder c:\windows\system32\ijdptzc.exe not found.
        ========== REGISTRY ==========
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\rkpvujos deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\idlhmn deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\ljswixgz deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\oaqpkis deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\hplraojdkx deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\oftspg deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\zeadcqdgl deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\cuawjyhnb deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\szjaeki deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\bysfwfcevq deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\apgxzz deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\bgpgenuas deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\ksmwwykmn deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\wtbwapp deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\pbgqpoxvw deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\yetcmcw deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\pextri deleted successfully.
        Registry value HKEY_USERS\S-1-5-21-3116800641-2683139522-2516512823-501\Software\Microsoft\Windows\CurrentVersion\Run\\ijdptzc deleted successfully.
        ========== COMMANDS ==========

        [EMPTYTEMP]

        User: All Users

        User: Default User
        ->Temp folder emptied: 0 bytes
        ->Temporary Internet Files folder emptied: 0 bytes

        User: Invité
        ->Temp folder emptied: 349225 bytes
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        ->Temporary Internet Files folder emptied: 356472 bytes
        ->Java cache emptied: 109240 bytes
        ->FireFox cache emptied: 87946504 bytes

        User: LocalService
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        ->Temp folder emptied: 65748 bytes
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        ->Temporary Internet Files folder emptied: 32902 bytes

        User: myriam

        User: NetworkService
        ->Temp folder emptied: 0 bytes
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        ->Temporary Internet Files folder emptied: 67 bytes

        User: Yamin

        User: Yassine

        %systemdrive% .tmp files removed: 0 bytes
        %systemroot% .tmp files removed: 0 bytes
        %systemroot%\System32 .tmp files removed: 0 bytes
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        Unable to locate HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce key.
        Windows Temp folder emptied: 17156 bytes
        RecycleBin emptied: 0 bytes

        Total Files Cleaned = 85,00 mb


        OTM by OldTimer - Version 3.1.4.0 log created on 01062010_181235

        Files moved on Reboot...

        Registry entries deleted on Reboot...
        0
      2. Utilisateur anonyme > yasom
         
        pourrai tu me refaire un RSIT
        0
  18. yassineom Messages postés 23 Statut Membre
     
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Yassine at 2010-01-07 11:46:00
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 91 GB (62%) free of 145 GB
    Total RAM: 510 MB (29% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:46:03, on 07/01/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16945)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\IoCtlSvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\VM_STI.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Steam\Steam.exe
    C:\Documents and Settings\myriam\Bureau\Shareaza\Shareaza.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\EZ-DUB\EZ-DUB.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\wuauclt.exe
    c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe
    c:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Java\jre6\bin\jucheck.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Documents and Settings\Yassine\Bureau\RSIT.exe
    C:\Documents and Settings\Yassine\Bureau\Yassine.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://g.msn.fr/8SEFRFR030000TBR/FRWCompleteTBSiteFinalDEFAULT
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll (file missing)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (VC0305)
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [Shareaza] "C:\Documents and Settings\myriam\Bureau\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: EZ-DUB Finder.lnk = C:\Program Files\EZ-DUB\EZ-DUB.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.69.25.47.96.downloads.estara.com./...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoCtlSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    0
    1. Utilisateur anonyme
       
      bonjour

      Il faut nettoyer le outils de désinfection:

      * Télécharge ToolsCleaner2 sur ton Bureau
      https://www.commentcamarche.net/telecharger/
      * Double-clique sur ToolsCleaner2.exe pour le lancer.
      * Clique sur Recherche et laisse le scan agir.
      * Clique sur Suppression pour finaliser.
      * Tu peux, si tu le souhaites, te servir des Options Facultatives.
      * Clique sur Quitter pour obtenir le rapport.
      * Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

      supprime toolscleaner2 manuellement


      *Désactive ta restauration pour supprimer les points de restauration infectés:

      Clique droit sur Poste de travail, clique sur Propriétés, puis sur Restauration système Coche la case désactiver la restauration Clique sur appliquer, puis sur OK
      ---> Redémarre ton PC ...

      *Réactive ta restauration :
      Clique droit sur Poste de travail, clique sur Propriétés, puis sur Restauration système Décoche la case désactiver la restauration Clique sur appliquer, puis sur OK
      --->Redémarre ton PC ...

      ( Note : tu peux aussi y accéder via panneau de configuration->" système "->" restauration système " ).

      Créer un point de restauration propre manuellement:
      Démarrer, Programmes
      Va dans accèssoires, et dans outils système
      Sélectionne restauration système
      Clique sur suivant
      Entre la date du point de restauration que tu veux créer
      Clique sur créer, et le point de restauration se crée automatiquement


      Un dernier petit nettoyage pour ton PC:

      Télécharge C Cleaner Slim
      * Enregistre le sur le Bureau
      * Double-clique sur le fichier pour lancer l'installation
      * Sur la fenêtre de l'installation langage bien choisir français et OK
      * Clique sur suivant
      * Lit la licence, et clique sur j'accepte
      * Clique sur suivant, sur installer, puis sur fermer
      * Double-clique sur l'icône de C Cleaner pour l'ouvrir
      * Clique sur option, et puis avancé
      * Tu décoches effacer uniquement les fichiers du dossier temp de windows plus vieux que 48 heures
      * Clique sur nettoyeur
      * Clique sur windows, et dans la colonne avancé
      * Coche la première case vieilles données du perfetch que celle-là, ce qui te donnes la case vieilles données du perfetch et la case avancé qui c'est coché automatiquement mais que celle-là
      * Clique sur analyser
      *Clique sur nettoyer et sur la demande de confirmation OK. Tu recommences jusqu'à ce que C Cleaner ne trouve plus rien
      * Clique maintenant sur registre et puis sur chercher les erreurs
      * Laisse tout coché, et clique sur corriger les erreurs sélectionnées
      *Il te demande de sauvegarder OUI
      *Tu lui donnes un nom pour pouvoir la retrouver et enregistre
      * Clique sur chercher les erreurs sélectionnées et sur la demande de confirmation OK
      * Il supprime, et fermer, tu vérifies en relançant chercher les erreurs
      *Tu retournes dans options, et tu recoches la case effacer uniquement les fichiers, du dossier temps de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du prefetch
      * Tu peux fermer C Cleaner


      * Télécharge Update Checker
      http://www.filehippo.com/updatechecker/FHSetup.exe
      * Installe le avec les paramètres par défaut en cliquant chaques fois sur Suivant.
      * Une fois installé, patiente quelques secondes et tu verras apparaître une icône verte dans ta barre des tâches te signalant qu'il y a des mises à jour disponibles.
      * Double-cliques sur l'icône pour être redirrigé sur le site de téléchargement des mises à jour.
      * Un conseil : n'installe pas les BETA qui sont listées en dessous.
      * Tu installes les mises à jour que tu désires

      Ce petit logiciel indique les mises à jour disponibles à installer sur le PC


      Dernières recommandations:
      Il faut garder Malwarebytes pour scanner une fois de temps en temps ton PC, et pense à le mettre à jour avant chaque scan
      Pense à garder à jour Windows et tous tes logiciels pour éviter les failles de sécurité
      Nettoye ton PC régulièrement, et il faut défragmenter régulièrement le disque dur pour éviter les ralentissements
      Soit prudent quand tu surfes, et fait attention lorsque tu installes un logiciel gratuit et que tu le met à jour, il faut refuser les compléments telles que les barres d'outil, ne télécharge pas de logiciels que tu ne connais pas et sur des sites que tu ne connais pas
      Les logicels P2P( Shaeraza, Bittorent, Emule, limewire), sont à bannir, car on risque de télécharger avec des fichiers infectés
      0
  19. yassineom Messages postés 23 Statut Membre
     
    merciiiiii pour tt !!!
    j'ai mis a jour nvidia et mon ordi bug lors du défilement des pages..y'a t il une solution?il y a aussi la bar yahoo,cela peut il provenir de ca?
    le nom du fichier télécharger est 195.62_desktop_winxp_32bit_english_whql
    0
    1. Utilisateur anonyme
       
      bonjour
      Ce fichier concerne NVIDIA
      Pourquoi l'as tu mis à jour ? Il avait besoin d'une mise à jour ?
      Yahoo, tu as du l'installer avec, il faut la désinstaller
      Quand on télécharge quelque chose, on nous propose toujours des compléments, il faut les refuser

      On va regarder s'il ne reste pas quelque chose dans le PC
      Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

      ▶ Télécharge List&Kill'em et enregistre le sur ton bureau
      http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.zip
      ▶ dezippe-le , (clic droit/ extraire.....)

      Il ne necessite pas d'installation

      ▶ double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

      choisis la langue puis choisis l'option 1 = Mode Recherche

      ▶ laisse travailler l'outil

      un rapport du nom de catchme apparait sur ton bureau , ignore-le , mais ne le supprime pas pour l instant

      ▶ Poste le contenu du rapport qui s'ouvre
      0
      1. yassineom Messages postés 23 Statut Membre > Utilisateur anonyme
         
        une mise a jour etait proposé sur fillehippo:
        Icon NVIDIA Forceware 195.62 WHQL XP
        Installed Version: 77.79
        j'ai fait une restauration du systeme et tout est rentré dans l'ordre
        List'em by g3n-h@ckm@n 1.1.7.1

        Thx to Chiquitine29.....& CCM team

        User : Yassine (Utilisateurs) # YAMINA
        Update on 03/12/2009 by g3n-h@ckm@n ::::: 21:00
        Start at: 14:58:44 | 08/01/2010
        Contact : g3n-h@ckm@n sur CCM

        AMD Athlon(tm) 64 Processor 3200+
        Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
        Internet Explorer 7.0.5730.13
        Windows Firewall Status : Disabled
        AV : Norton Internet Security 2005 [ Enabled | Updated ]
        FW : Norton Internet Security[ Enabled ]2005

        C:\ -> Disque fixe local | 142,07 Go (92,3 Go free) [HP_PAVILION] | NTFS
        D:\ -> Disque fixe local | 6,96 Go (2,91 Go free) [HP_RECOVERY] | FAT32
        E:\ -> Disque CD-ROM
        G:\ -> Disque amovible
        H:\ -> Disque amovible
        I:\ -> Disque amovible
        J:\ -> Disque amovible

        ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\csrss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\svchost.exe
        c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
        c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
        c:\Program Files\Norton Internet Security\ISSVC.exe
        c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
        c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\WINDOWS\Explorer.EXE
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\nvsvc32.exe
        C:\WINDOWS\system32\IoCtlSvc.exe
        C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
        C:\WINDOWS\system32\svchost.exe
        C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
        c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
        C:\WINDOWS\System32\alg.exe
        C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
        C:\WINDOWS\VM_STI.EXE
        C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        C:\HP\KBD\KBD.EXE
        C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
        C:\Program Files\Java\jre6\bin\jusched.exe
        C:\Program Files\QuickTime\QTTask.exe
        C:\Program Files\Steam\Steam.exe
        C:\Documents and Settings\myriam\Bureau\Shareaza\Shareaza.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\EZ-DUB\EZ-DUB.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        C:\Program Files\Windows Desktop Search\WindowsSearch.exe
        C:\WINDOWS\system32\SearchIndexer.exe
        C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
        C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
        C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
        C:\Program Files\OpenOffice.org 3\program\soffice.exe
        C:\Program Files\OpenOffice.org 3\program\soffice.bin
        C:\WINDOWS\system32\wuauclt.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
        c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
        C:\Program Files\Java\jre6\bin\jucheck.exe
        C:\Program Files\FileHippo.com\UpdateChecker.exe
        C:\Program Files\Windows Live\Messenger\msnmsgr.exe
        C:\Program Files\Windows Live\Contacts\wlcomm.exe
        C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
        C:\Program Files\Windows Live\Mail\wlmail.exe
        C:\WINDOWS\system32\SearchProtocolHost.exe
        C:\WINDOWS\system32\SearchFilterHost.exe
        C:\Documents and Settings\Yassine\Bureau\List_Killem\List_Kill'em.exe
        C:\WINDOWS\system32\cmd.exe
        C:\WINDOWS\system32\wbem\wmiprvse.exe
        C:\Documents and Settings\Yassine\Local Settings\Temp\AE.tmp\pv.exe

        ======================
        Keys "Run"
        ======================
        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        Steam REG_SZ "C:\Program Files\Steam\Steam.exe" -silent
        Shareaza REG_SZ "C:\Documents and Settings\myriam\Bureau\Shareaza\Shareaza.exe" -tray
        swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
        ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
        FileHippo.com REG_SZ "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        NvCplDaemon REG_SZ "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
        ccApp REG_SZ "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
        BigDogPath REG_SZ C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (VC0305)
        HP Software Update REG_SZ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        KBD REG_SZ C:\HP\KBD\KBD.EXE
        ISUSPM Startup REG_SZ "C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup
        ISUSScheduler REG_SZ "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
        SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
        QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime

        [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

        [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

        =====================
        Other Keys
        =====================
        [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
        dontdisplaylastusername REG_DWORD 0 (0x0)
        legalnoticecaption REG_SZ
        legalnoticetext REG_SZ
        shutdownwithoutlogon REG_DWORD 1 (0x1)
        undockwithoutlogon REG_DWORD 1 (0x1)
        DisableRegistryTools REG_DWORD 0 (0x0)

        ===============
        [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
        NoDriveTypeAutoRun REG_DWORD 323 (0x143)
        NoDriveAutoRun REG_DWORD 67108863 (0x3ffffff)
        NoDrives REG_DWORD 0 (0x0)

        ===============
        [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
        HonorAutoRunSetting REG_DWORD 1 (0x1)
        NoCDBurning REG_DWORD 0 (0x0)
        NoDriveAutoRun REG_DWORD 67108863 (0x3ffffff)
        NoDriveTypeAutoRun REG_DWORD 323 (0x143)
        NoDrives REG_DWORD 0 (0x0)

        ===============
        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

        ===============
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

        ===============
        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
        {AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
        {56F9679E-7826-4C84-81F3-532071A8BCC5} REG_SZ

        ===============
        [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
        %windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
        C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
        %windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
        C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
        C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
        C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
        C:\Program Files\HP\Digital Imaging\bin\hposid01.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
        C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe
        C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
        C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe REG_SZ C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
        C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe REG_SZ C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe
        C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe
        C:\Documents and Settings\myriam\Bureau\Shareaza\Shareaza.exe REG_SZ C:\Documents and Settings\myriam\Bureau\Shareaza\Shareaza.exe:*:Enabled:Shareaza
        C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
        C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
        C:\Program Files\Steam\SteamApps\common\football manager 2009\fm.exe REG_SZ C:\Program Files\Steam\SteamApps\common\football manager 2009\fm.exe:*:Enabled:Football Manager 2009

        [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
        %windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
        %ProgramFiles%\iTunes\iTunes.exe REG_SZ %ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes
        C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe REG_SZ C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
        C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe REG_SZ C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL
        C:\Program Files\AOL 9.0\waol.exe REG_SZ C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0
        %windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
        C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
        C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

        ===============
        ActivX controls
        ===============
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{00B71CFB-6864-4346-A978-C0A14556272C}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{0742B9EF-8C83-41CA-BFBA-830A59E23533}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{127698E4-E730-4E5C-A2B1-21490A70C8A1}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{14B87622-7E19-4EA8-93B3-97215F77A6BC}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{20A60F0D-9AFA-4515-A0FD-83BD84642501}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{33564D57-0000-0010-8000-00AA00389B71}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{5D6F45B3-9043-443D-A792-115447494D24}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{65FDEDF3-8ED9-4F5B-825E-18C2D44191A7}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{B8BE5E93-A60C-4D26-A2DC-220313175592}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
        HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{F6BF0D00-0B2A-4A75-BF7B-F385591623AF}

        ===============
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{0291E591-EA41-4c82-8106-3DC6CE7F7664}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{166B1BCA-3F9C-11CF-8075-444553540000}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{233C1507-6A77-46A4-9443-F871F945D258}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A202491-F00D-11cf-87CC-0020AFEECF20}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3F7924B9-D148-3141-87B1-68F36043A940}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{411EDCF7-755D-414E-A74B-3DCD6583F589}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8b15971b-5355-4c82-8c07-7e181ea07608}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{94de52c8-2d59-4f1b-883e-79663d2d9a8c}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9A394342-4A68-4EBA-85A6-55B559F4E700}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B508B3F1-A24A-32C0-B310-85786919EF28}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D4ADA769-12A5-E065-923D-6F5842D9175B}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
        HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}

        ==============
        BHO :
        ======
        [<NO NAME> REG_SZ ]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ADECBED6-0366-4377-A739-E69DFBA04663}]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

        ================
        Internet Explorer :
        ================
        [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
        Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp

        [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
        Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp

        ========
        Services
        ========
        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

        Ndisuio : 0x3
        EapHost : 0x3
        SharedAccess : 0x2
        wuauserv : 0x2

        =========

        =======
        Drive :
        =======

        D‚fragmenteur de disque Windows
        Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

        Rapport d'analyse
        142 Go total, 92,30 Go libre (64%), 0% fragment‚ (fragmentation du fichier 0%)

        Il ne vous est pas n‚cessaire de d‚fragmenter ce volume.

        ¤¤¤¤¤¤¤¤¤¤ Files/folders :

        C:\Documents and Settings\All Users\Application Data\.zreglib
        C:\WINDOWS\Fonts\GRGAREF.TTF
        C:\WINDOWS\System32\drivers\etc\hosts.msn
        C:\Documents and Settings\Yassine\application data\RobotProgPrefs
        C:\Documents and Settings\Yassine\Application Data\wklnhst.dat
        C:\Documents and Settings\Yassine\Application Data\ItsLabel

        ¤¤¤¤¤¤¤¤¤¤ Keys :

        "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
        "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"

        ================
        Other infections
        ================

        catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2010-01-08 15:00:36
        Windows 5.1.2600 Service Pack 3 NTFS

        scanning hidden processes ...

        scanning hidden services & system hive ...

        scanning hidden registry entries ...

        scanning hidden files ...

        scan completed successfully
        hidden processes: 0
        hidden services: 0
        hidden files: 0


        Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

        device: opened successfully
        user: MBR read successfully
        kernel: MBR read successfully
        user & kernel MBR OK

        ==========
        Programs
        ==========

        7-Zip
        Adobe
        adslTV
        Alwil Software
        ArcSoft
        AviSynth 2.5
        CASIO
        CCleaner
        Design Science
        DivX
        Easy Internet signup
        eMule
        Etudiant.EGP
        EZ-DUB
        Fichiers communs
        FileHippo.com
        FileZilla FTP Client
        FileZilla FTP Client(2)
        Free
        GeoGebra
        Google
        GSC Game World
        Hewlett-Packard
        HP
        InstallShield Installation Information
        Internet Explorer
        InterVideo
        Java
        JRE
        Kit ADSL
        Learn2.com
        Malwarebytes' Anti-Malware
        Messenger
        Messenger Plus! Live
        Microsoft
        Microsoft CAPICOM 2.1.0.2
        microsoft frontpage
        Microsoft Office
        Microsoft SQL Server Compact Edition
        Microsoft Sync Framework
        Mindscape
        Movie Maker
        Mozilla Firefox
        MSBuild
        MSN
        MSN Gaming Zone
        MSXML 4.0
        muvee Technologies
        NetMeeting
        Norton Internet Security
        Norton Security Scan
        NortonInstaller
        NudgeMania
        NVIDIA Corporation
        OpenOffice.org 2.1
        OpenOffice.org 2.3
        OpenOffice.org 2.4
        OpenOffice.org 3
        Outlook Express
        PC-Doctor 5 for Windows
        Psykos 7
        QuickTime
        Real Alternative
        Red Kawa
        Reference Assemblies
        Services en ligne
        SlySoft
        Sonic
        Sports Interactive
        Steam
        Symantec
        TRENDnet
        Uninstall Information
        USB Driver-Express
        VideoLAN
        Virtools Web Player 3.5
        VS Revo Group
        Web Media Player
        Windows Desktop Search
        Windows Journal Viewer
        Windows Live
        Windows Live Favorites
        Windows Live SkyDrive
        Windows Live Toolbar
        Windows Media Connect 2
        Windows Media Player
        Windows NT
        WindowsUpdate
        WinRAR
        xerox
        Yahoo!
        Zero G Registry
        Zylom Games

        ============
        Lecteur C:
        ============

        0e2f82bd65151be2aa3b065d84d514
        1ee441c2ea65ccb41420769b50c8e9
        25a6900ff6292b5f5ca5b40fbae0
        4f634fcbff525cb8c36474933d68a095
        834b2a662124cd1623b1907a
        AILog.txt
        artmod_jewel_expand.GIF
        assembly
        audio.gif
        AUTOEXEC.BAT
        bin
        BOOT.BAK
        boot.ini
        Bootfont.bin
        cmdcons
        cmldr
        Config.Msi
        CONFIG.SYS
        Documents and Settings
        Games
        hp
        IO.SYS
        IPH.PH
        Kill'em
        List'em.txt
        map.gif
        MSDOS.SYS
        MSOCache
        My Music
        NTDETECT.COM
        ntldr
        NVIDIA
        outlineminus.IMG
        outlineplus.IMG
        pagefile.sys
        Program Files
        Python22
        RECYCLER
        sqmdata00.sqm
        sqmdata01.sqm
        sqmdata02.sqm
        sqmdata03.sqm
        sqmdata04.sqm
        sqmdata05.sqm
        sqmdata06.sqm
        sqmdata07.sqm
        sqmdata08.sqm
        sqmdata09.sqm
        sqmdata10.sqm
        sqmdata11.sqm
        sqmdata12.sqm
        sqmdata13.sqm
        sqmdata14.sqm
        sqmdata15.sqm
        sqmdata16.sqm
        sqmdata17.sqm
        sqmdata18.sqm
        sqmdata19.sqm
        sqmnoopt00.sqm
        sqmnoopt01.sqm
        sqmnoopt02.sqm
        sqmnoopt03.sqm
        sqmnoopt04.sqm
        sqmnoopt05.sqm
        sqmnoopt06.sqm
        sqmnoopt07.sqm
        sqmnoopt08.sqm
        sqmnoopt09.sqm
        sqmnoopt10.sqm
        sqmnoopt11.sqm
        sqmnoopt12.sqm
        sqmnoopt13.sqm
        sqmnoopt14.sqm
        sqmnoopt15.sqm
        sqmnoopt16.sqm
        sqmnoopt17.sqm
        sqmnoopt18.sqm
        sqmnoopt19.sqm
        StubInstaller.exe
        System Volume Information
        system.sav
        SystemRoot
        t010101b.jpg
        t010101b.jtn
        t010103a.gsm
        t012944a.jpg
        t014199a.gsm
        t047159a.jtn
        t051706a.jpg
        t051706a.jtn
        t051716a.jtn
        t065208a.jpg
        t065208a.jtn
        t640878a.gsm
        t640878a.gtn
        t790863a.jpg
        TCleaner.txt
        temp
        trace.ini
        updatedatfix.log
        WINDOWS
        YServer.txt

        ¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

        C:\Program Files\Fichiers communs\Symantec Shared\IDS\Patch25.dll
        C:\Documents and Settings\Yassine\Local Settings\Application Data\ApplicationHistory\Install.exe.86d9ac29.ini
        C:\hp\bin\PE_Patch.exe
        C:\hp\KBD\Install.exe
        D:\I386\SYSTEM32\OwnerPatch.exe
        D:\I386\Apps\APP07036\src\MSWorks\Install.exe
        D:\MiniNT\system32\OwnerPatch.exe




        ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
        0
      2. Utilisateur anonyme > yassineom Messages postés 23 Statut Membre
         
        ▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),

        mais cette fois-ci :

        ▶ choisis l'option 2 = Mode Destruction

        laisse travailler l'outil.

        en fin de scan un rapport s'ouvre

        ▶ colle le contenu dans ta reponse
        0
  20. yassineom Messages postés 23 Statut Membre
     
    Kill'em by g3n-h@ckm@n 1.1.7.1

    User : Yassine (Utilisateurs) # YAMINA
    Update on 03/12/2009 by g3n-h@ckm@n ::::: 21:00
    Start at: 16:29:29 | 08/01/2010
    Contact : g3n-h@ckm@n sur CCM

    AMD Athlon(tm) 64 Processor 3200+
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 7.0.5730.13
    Windows Firewall Status : Disabled
    AV : Norton Internet Security 2005 [ Enabled | Updated ]
    FW : Norton Internet Security[ Enabled ]2005

    C:\ -> Disque fixe local | 142,07 Go (92,28 Go free) [HP_PAVILION] | NTFS
    D:\ -> Disque fixe local | 6,96 Go (2,91 Go free) [HP_RECOVERY] | FAT32
    E:\ -> Disque CD-ROM
    G:\ -> Disque amovible
    H:\ -> Disque amovible
    I:\ -> Disque amovible
    J:\ -> Disque amovible

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\IoCtlSvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\VM_STI.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Steam\Steam.exe
    C:\Documents and Settings\myriam\Bureau\Shareaza\Shareaza.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\EZ-DUB\EZ-DUB.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Java\jre6\bin\jucheck.exe
    C:\Program Files\FileHippo.com\UpdateChecker.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Live\Mail\wlmail.exe
    C:\Documents and Settings\Yassine\Bureau\List_Killem\List_Kill'em.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Documents and Settings\Yassine\Local Settings\Temp\143.tmp\pv.exe

    Detections :
    ==========

    ¤¤¤¤¤¤¤¤¤¤ Files/folders :

    "C:\Documents and Settings\All Users\Application Data\.zreglib"
    "C:\WINDOWS\Fonts\GRGAREF.TTF"
    "C:\WINDOWS\System32\drivers\etc\hosts.msn"
    C:\Documents and Settings\Yassine\application data\RobotProgPrefs
    "C:\Documents and Settings\Yassine\Application Data\ItsLabel"

    ¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :

    Quarantine :

    .zreglib.Kill'em
    GRGAREF.TTF.Kill'em
    hosts.msn.Kill'em
    ItsLabel.Kill'em
    RobotProgPrefs.Kill'em

    ==============
    host file OK !
    ==============

    ========
    Registry
    ========
    Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe
    Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe

    ============
    Disk Cleaned
    ============

    ================
    Prefetch cleaned
    ================

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
    1. Utilisateur anonyme
       
      est-ce que tout va bien maintenant ?
      0
  21. yassineom Messages postés 23 Statut Membre
     
    oui merciiii.as tu un meilleur antivirus a me conseiller?
    0
    1. Utilisateur anonyme
       
      Je te propose un anti-virus assez efficace, Avira Antivir
      http://www.commentcamarche.net/telecharger/telecharger-55-antivir
      Avira Antivir télécharge une pop-up qui propose la version payante lorsque qu'il se met à jour
      quotidiennement. Ne pas s'inquiéter, ferme cette pop-up tout simplement
      Configure le
      https://www.commentcamarche.net/faq/16831-tutoriel-configuration-optimale-d-antivir-personal

      Si tu as un autre anti-virus, il faut d'abord le désinstaller, puis installer celui-ci s'il t'intéresse
      0
  • 1
  • 2