Aidez moi gros virus voici mon hijackthis

Résolu
rafoufe42 Messages postés 82 Date d'inscription   Statut Membre Dernière intervention   -  
fix200 Messages postés 3243 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour, mon rapport hijackthis svp



Logfile of random's system information tool 1.06 (written by random/random)
Run by fernandes antoine at 2010-01-06 19:33:50
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 19 GB (12%) free of 156 GB
Total RAM: 959 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:34:14, on 06/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
C:\WINDOWS\system32\smss32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\OSD.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\fernandes antoine.MAISON-30EE0A86\Bureau\RSIT.exe
C:\Documents and Settings\fernandes antoine.MAISON-30EE0A86\Bureau\Raph\fernandes antoine.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Flag Owns Live Grim] C:\Documents and Settings\All Users\Application Data\Software rule flag owns\vga active.exe
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [owns curb] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\BIKE01~1\Bin Four Grid.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; FDM; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"https://www.miniclip.com/games/china-2008/en/"
O4 - S-1-5-18 Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe (User 'Default user')
O4 - .DEFAULT Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Default user')
O4 - Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Activer l'ensemble clavier et souris sans fil Labtec.lnk = C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\helper32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\helper32.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: PEVSystemStart - Unknown owner - cmd /k start /i "/dC:" "C:\ComboFix\HIDEC.exe" "C:\WINDOWS\system32\CF5110.exe" /c RD /S/Q \$RECYCLE.bin \RECYCLER \RECYCLED (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
A voir également:

44 réponses

Réponse 1 / 44
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
bonjour

plusieur infections


Téléchargez Lop S&D.exe sur le Bueau

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Certaines infections bloquent les telechargements d' outils de desinfection utilisez ce lien alternatif:
http://ww38.toofiles.com/fr/oip/documents/exe/yop4.html

Lop S&D est détecté par certains antivirus : il ne s'agit pas d'un virus (faux positif), mais d'un utilitaire destiné à mettre fin à des processus. Dans le cas d'une alerte de la part de votre antivirus, veuillez désactiver votre antivirus pendant la procédure

* Double-cliquez dessus pour lancer l'installation
* Puis double-cliquez sur le raccourci Lop S&D présent sur le Bureau
* Séléctionnez la langue souhaitée, puis choisir l'option 1 (Recherche)
* Patientez jusqu'à la fin du scan
* Postez le rapport généré sur un forum(C:\lopR.txt)

0
Réponse 2 / 44
rafoufe42 Messages postés 82 Date d'inscription   Statut Membre Dernière intervention   2
 
voila


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : fernandes antoine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 9.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:18 Go)
D:\ (USB)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 06/01/2010|19:50 )

--------------------\\ Listing des dossiers dans APPLIC~1

[14/01/2009|16:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[25/06/2009|11:27] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Adobe
[25/06/2009|11:13] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Macromedia
[24/06/2009|21:20] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Malwarebytes
[06/01/2010|16:52] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Microsoft

[14/10/2009|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AA3DeployClient
[20/09/2008|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[30/07/2008|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[30/07/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/01/2010|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg9
[14/06/2009|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[01/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[15/10/2009|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Chat Republic Games
[02/11/2008|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[03/05/2009|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Estsoft
[10/12/2008|09:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
[14/01/2009|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/09/2009|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[26/09/2009|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[17/08/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[12/06/2009|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[10/06/2009|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[17/08/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/11/2009|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee Security Scan
[16/08/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/12/2009|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/12/2009|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[30/07/2008|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[12/02/2009|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[16/12/2009|15:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
[16/01/2009|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SolidWorks
[26/06/2009|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
[01/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
[13/01/2009|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[02/08/2009|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[16/12/2009|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Toolbar4
[20/08/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[30/07/2008|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[30/07/2008|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[10/12/2008|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[30/07/2008|12:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[30/07/2008|12:28] C:\DOCUME~1\FERNAN~1\APPLIC~1\Microsoft

[20/09/2008|21:31] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Adobe
[30/07/2008|13:30] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Apple Computer
[26/02/2009|21:35] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\ArcSoft
[06/01/2010|18:16] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike 01 active
[31/10/2009|19:59] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Canon
[06/01/2010|18:10] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Desktopicon
[16/01/2009|23:23] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\DWGeditor
[03/05/2009|14:03] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\ESTsoft
[06/01/2010|19:49] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Free Download Manager
[15/09/2008|17:26] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Google
[12/10/2009|15:25] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\gtk-2.0
[18/12/2008|18:21] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Identities
[18/03/2009|16:16] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Inkscape
[10/06/2009|20:12] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Leadertech
[25/11/2009|17:43] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\LimeWire
[30/07/2008|17:00] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Macromedia
[17/08/2008|12:31] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Malwarebytes
[02/11/2008|15:32] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Media Player Classic
[18/12/2008|18:21] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Meridian93
[21/10/2009|13:10] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Microsoft
[14/11/2008|20:50] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Mozilla
[30/07/2008|12:53] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\MSNInstaller
[06/01/2010|19:46] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\OpenOffice.org2
[18/02/2009|13:34] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Real
[27/12/2009|20:39] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Samsung
[01/08/2008|11:28] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\ScanSoft
[02/02/2009|13:11] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SecuROM
[13/03/2009|21:38] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SolidWorks
[16/01/2009|23:34] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SolidWorks 2008
[30/07/2008|16:50] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Sun
[06/01/2010|16:18] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SystemProc
[02/11/2009|18:12] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\teamspeak2
[02/08/2009|16:24] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\TomTom
[30/07/2008|13:26] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\vlc
[26/05/2009|19:16] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Windows Live Writer
[14/01/2009|17:24] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\WinRAR
[18/12/2008|18:21] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Zylom


[15/12/2009|21:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[05/10/2008|17:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
[06/01/2010|16:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[06/01/2010|16:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/01/2010 19:00][--ah-----] C:\WINDOWS\tasks\AAC3207D9188D079.job
[06/01/2010 19:45][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( AAC3207D9188D079.job )=( c:\docume~1\fernan~1.mai\applic~1\bike01~1\insideexitclock.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[20/09/2008|21:24] C:\Program Files\Adobe
[30/11/2009|22:06] C:\Program Files\Ad-remover
[15/08/2008|13:45] C:\Program Files\ADSL Drivers
[16/01/2009|23:26] C:\Program Files\AGEIA Technologies
[30/07/2008|12:34] C:\Program Files\Alwil Software
[21/01/2009|18:03] C:\Program Files\America's Army
[30/07/2008|13:29] C:\Program Files\Apple Software Update
[01/08/2008|11:26] C:\Program Files\ArcSoft
[06/01/2010|16:54] C:\Program Files\AVG
[25/11/2009|19:11] C:\Program Files\Axon Data
[16/12/2009|15:29] C:\Program Files\bike 01 active
[30/07/2008|13:30] C:\Program Files\Bonjour
[02/02/2009|13:10] C:\Program Files\Boonty
[08/02/2009|16:31] C:\Program Files\BoontyGames
[16/08/2008|16:30] C:\Program Files\Browser Mouse
[01/08/2008|11:26] C:\Program Files\Canon
[06/01/2010|18:28] C:\Program Files\Circle Developement
[30/07/2008|12:16] C:\Program Files\ComPlus Applications
[09/12/2008|19:05] C:\Program Files\Conduit
[13/12/2008|20:09] C:\Program Files\Cool MP3 Converter
[01/09/2009|12:38] C:\Program Files\CursorXP
[19/08/2008|17:15] C:\Program Files\Cyanide
[26/12/2009|15:42] C:\Program Files\DIFX
[16/12/2009|20:45] C:\Program Files\DWGeditor
[16/12/2009|20:44] C:\Program Files\eMule
[18/09/2009|15:10] C:\Program Files\Encarta
[13/01/2009|21:00] C:\Program Files\Enigma Software Group
[15/08/2008|12:44] C:\Program Files\Ensemble clavier et souris sans fil Labtec
[03/05/2009|13:56] C:\Program Files\ESTsoft
[18/09/2009|15:05] C:\Program Files\Fichiers communs
[22/05/2009|21:03] C:\Program Files\Free Download Manager
[26/12/2009|18:49] C:\Program Files\Gameforge4D
[15/01/2009|20:53] C:\Program Files\Google
[16/12/2009|20:48] C:\Program Files\Iminent
[12/10/2009|15:12] C:\Program Files\Inkscape
[26/12/2009|15:41] C:\Program Files\InstallShield Installation Information
[14/10/2009|13:43] C:\Program Files\Internet Explorer
[06/01/2010|19:49] C:\Program Files\InternetSecurity2010
[30/07/2008|16:51] C:\Program Files\Java
[30/07/2008|13:22] C:\Program Files\K-Lite Codec Pack
[30/07/2008|12:38] C:\Program Files\LimeWire
[10/06/2009|20:09] C:\Program Files\Logitech
[30/11/2009|22:06] C:\Program Files\Lphant
[06/01/2010|16:09] C:\Program Files\Malwarebytes' Anti-Malware
[17/11/2008|19:55] C:\Program Files\MediaCoder
[22/08/2008|11:05] C:\Program Files\Messenger
[06/12/2009|16:17] C:\Program Files\Messenger Plus! Live
[28/11/2009|13:41] C:\Program Files\Metin2_France
[29/09/2009|19:04] C:\Program Files\Microsoft
[18/09/2009|15:18] C:\Program Files\Microsoft AutoRoute
[11/06/2009|19:12] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/07/2008|12:19] C:\Program Files\microsoft frontpage
[26/12/2009|17:58] C:\Program Files\Microsoft Hardware
[18/09/2009|15:05] C:\Program Files\microsoft money 2005
[18/09/2009|15:00] C:\Program Files\Microsoft Office
[29/09/2009|19:04] C:\Program Files\Microsoft Silverlight
[18/12/2008|19:21] C:\Program Files\Microsoft SQL Server Compact Edition
[18/12/2008|19:23] C:\Program Files\Microsoft Sync Framework
[18/09/2009|15:02] C:\Program Files\Microsoft Works
[18/09/2009|14:55] C:\Program Files\Microsoft Works Suite 2005
[16/01/2009|23:14] C:\Program Files\Microsoft.NET
[22/08/2008|11:02] C:\Program Files\Movie Maker
[06/01/2010|17:53] C:\Program Files\Mozilla Firefox
[16/01/2009|23:19] C:\Program Files\MSBuild
[16/01/2009|23:14] C:\Program Files\MSECache
[30/07/2008|12:58] C:\Program Files\MSN
[30/07/2008|12:15] C:\Program Files\MSN Gaming Zone
[23/02/2009|18:16] C:\Program Files\MSXML 4.0
[16/08/2008|14:25] C:\Program Files\NETGEAR
[22/08/2008|11:00] C:\Program Files\NetMeeting
[30/07/2008|12:15] C:\Program Files\Online Services
[30/07/2008|16:51] C:\Program Files\OpenOffice.org 2.4
[22/08/2008|11:00] C:\Program Files\Outlook Express
[12/02/2009|15:14] C:\Program Files\Paint.NET
[25/06/2009|11:27] C:\Program Files\Paprikari
[20/09/2008|21:14] C:\Program Files\PDFCreator
[20/09/2008|21:13] C:\Program Files\PDFCreator Toolbar
[18/09/2009|15:08] C:\Program Files\Picture It! Premium 10
[30/07/2008|13:30] C:\Program Files\QuickTime
[14/11/2008|20:37] C:\Program Files\Real
[30/07/2008|16:27] C:\Program Files\Realtek AC97
[16/01/2009|23:16] C:\Program Files\Reference Assemblies
[22/11/2009|13:13] C:\Program Files\Return to Castle Wolfenstein
[19/02/2009|09:49] C:\Program Files\Rockstar Games
[30/07/2008|16:19] C:\Program Files\S3Inc
[26/12/2009|15:41] C:\Program Files\Samsung
[01/08/2008|11:27] C:\Program Files\ScanSoft
[30/07/2008|12:17] C:\Program Files\Services en ligne
[17/10/2009|10:50] C:\Program Files\SFR
[16/01/2009|23:30] C:\Program Files\SolidWorks
[08/02/2009|16:31] C:\Program Files\SopCast
[02/08/2009|16:24] C:\Program Files\TomTom HOME 2
[02/08/2009|16:24] C:\Program Files\TomTom International B.V
[06/10/2009|18:31] C:\Program Files\trend micro
[31/01/2009|11:24] C:\Program Files\Ubi Soft
[30/07/2008|12:25] C:\Program Files\Uninstall Information
[25/06/2009|21:38] C:\Program Files\VDOWNLOADER
[30/07/2008|16:19] C:\Program Files\VIA
[30/07/2008|13:25] C:\Program Files\VideoLAN
[29/09/2009|19:03] C:\Program Files\Windows Live
[18/12/2008|19:19] C:\Program Files\Windows Live SkyDrive
[11/08/2008|14:33] C:\Program Files\Windows Media Connect 2
[05/07/2009|15:23] C:\Program Files\Windows Media Player
[22/08/2008|11:00] C:\Program Files\Windows NT
[30/07/2008|12:17] C:\Program Files\WindowsUpdate
[30/07/2008|12:19] C:\Program Files\xerox
[22/12/2008|13:46] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[26/12/2009|15:40] C:\Program Files\Fichiers communs\Adobe
[30/07/2008|13:29] C:\Program Files\Fichiers communs\Apple
[14/06/2009|14:59] C:\Program Files\Fichiers communs\Blizzard Entertainment
[18/09/2009|15:01] C:\Program Files\Fichiers communs\Designer
[16/01/2009|23:26] C:\Program Files\Fichiers communs\eDrawings2008
[01/08/2008|11:26] C:\Program Files\Fichiers communs\InstallShield
[30/07/2008|16:51] C:\Program Files\Fichiers communs\Java
[10/06/2009|20:12] C:\Program Files\Fichiers communs\LogiShrd
[29/08/2009|19:07] C:\Program Files\Fichiers communs\Logitech
[18/09/2009|15:10] C:\Program Files\Fichiers communs\Microsoft Shared
[30/07/2008|12:17] C:\Program Files\Fichiers communs\MSSoap
[30/07/2008|14:03] C:\Program Files\Fichiers communs\ODBC
[18/02/2009|13:35] C:\Program Files\Fichiers communs\Real
[01/08/2008|11:28] C:\Program Files\Fichiers communs\ScanSoft Shared
[30/07/2008|12:17] C:\Program Files\Fichiers communs\Services
[30/11/2009|22:07] C:\Program Files\Fichiers communs\SolidWorks Shared
[30/07/2008|14:03] C:\Program Files\Fichiers communs\SpeechEngines
[22/08/2008|11:00] C:\Program Files\Fichiers communs\System
[18/12/2008|18:50] C:\Program Files\Fichiers communs\Windows Live
[30/07/2008|13:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 57 Processes )

iexplore.exe ~ [PID:896]
IEXPLORE.EXE ~ [PID:1532]
IEXPLORE.EXE ~ [PID:2360]
IEXPLORE.EXE ~ [PID:2372]
iexplore.exe ~ [PID:2420]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\vga active.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\vga active.exe
C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1
C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1\Bin Four Grid.exe
C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1\insideexitclock.exe
C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1\tztsqzhv.exe
C:\Program Files\bike01~1
C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\Temp\sta35.exe
C:\Program Files\Circle Developement
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertstream[2].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertstream[3].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@d2.advertserve[1].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@adultfriendfinder[1].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@ads.adultadvertising[1].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertising[1].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertising[2].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@booking.db.advertising[2].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@ero-advertising[1].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@www.adultadvertising[2].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@adin.bigpoint[1].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@bigpoint[2].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@fr.deepolis.bigpoint[2].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@fr.thepimps.bigpoint[1].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@cotedazurpalace[1].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@serve.cotedazurpalace[2].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@www.cotedazurpalace[2].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@fr.partypoker[1].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@partypoker[2].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@2xmoinscher[1].txt
C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\AAC3207D9188D079.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"owns curb"="C:\\DOCUME~1\\FERNAN~1.MAI\\APPLIC~1\\BIKE01~1\\Bin Four Grid.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Flag Owns Live Grim"="C:\\Documents and Settings\\All Users\\Application Data\\Software rule flag owns\\vga active.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-06 19:51:32
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\jeux ds setup incl keygen.zip
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE.zip
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE\keygen
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE\keygen\file_id.diz
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE\keygen\REVENGE.nfo
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\crack
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\Data1.dll
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\Data2.dll
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\SolidWorks 2007 Crack.nfo
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2008 Office Premium SP3.0 w COSMOS\crack
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\[ PC Games ] - Age of Empires II(FULL)(2)\crack.zip


[F:1194][D:51]-> C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\Temp
[F:1676][D:0]-> C:\DOCUME~1\FERNAN~1.MAI\Cookies
[F:2297][D:16]-> C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/01/2010|19:52 - Option : [1]

--------------------\\ Fin du rapport a 19:52:43
0
Réponse 3 / 44
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
donc

plusieurs infections lop + rogue+un rookit

il convient de te séparer de tes cracks...

1)
relancer lop option 2 suppression + hosts+poster le rapport

...................

2)

afin de mieux organiser la suite de la désinfection fais ceci stp

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherches ces fichiers :

C:\WINDOWS\system32\41.exe
C:\WINDOWS\system32\18467.exe

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

Si tu ne trouves pas le fichier alors

Affiche tous les fichiers et dossiers :

Pour cela :
Clique sur démarrer/panneau de configuration/option des dossiers/affichage

Cocher afficher les dossiers cachés

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

Décocher masquer les extensions dont le type est connu

Puis fais «appliquer» pour valider les changements.

Et OK


0
Réponse 4 / 44
rafoufe42 Messages postés 82 Date d'inscription   Statut Membre Dernière intervention   2
 
Voila le raport mais je ne peux pas aller sur le site cela me met probleme de connexion bizare nn?



--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : fernandes antoine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 9.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:18 Go)
D:\ (USB)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 06/01/2010|20:02 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\vga active.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\vga active.exe
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1\Bin Four Grid.exe
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1\insideexitclock.exe
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1\tztsqzhv.exe
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\Temp\sta35.exe
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertstream[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertstream[3].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@ads.adultadvertising[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertising[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@booking.db.advertising[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@ero-advertising[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@www.adultadvertising[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@bigpoint[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@fr.deepolis.bigpoint[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@fr.thepimps.bigpoint[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@serve.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@www.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@fr.partypoker[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@partypoker[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@www.2xmoinscher[1].txt
Supprime! - C:\WINDOWS\Tasks\AAC3207D9188D079.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1
Supprime! - C:\Program Files\bike01~1
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[14/01/2009|16:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[25/06/2009|11:27] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Adobe
[25/06/2009|11:13] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Macromedia
[24/06/2009|21:20] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Malwarebytes
[06/01/2010|16:52] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Microsoft

[14/10/2009|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AA3DeployClient
[20/09/2008|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[30/07/2008|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[30/07/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/01/2010|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg9
[14/06/2009|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[01/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[15/10/2009|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Chat Republic Games
[02/11/2008|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[03/05/2009|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Estsoft
[10/12/2008|09:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
[14/01/2009|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/09/2009|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[26/09/2009|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[17/08/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[12/06/2009|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[10/06/2009|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[17/08/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/11/2009|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee Security Scan
[16/08/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/12/2009|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/12/2009|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[30/07/2008|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[12/02/2009|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[16/01/2009|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SolidWorks
[26/06/2009|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
[01/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
[13/01/2009|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[02/08/2009|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[16/12/2009|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Toolbar4
[20/08/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[30/07/2008|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[30/07/2008|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[10/12/2008|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[30/07/2008|12:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[30/07/2008|12:28] C:\DOCUME~1\FERNAN~1\APPLIC~1\Microsoft

[20/09/2008|21:31] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Adobe
[30/07/2008|13:30] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Apple Computer
[26/02/2009|21:35] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\ArcSoft
[31/10/2009|19:59] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Canon
[06/01/2010|18:10] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Desktopicon
[16/01/2009|23:23] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\DWGeditor
[03/05/2009|14:03] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\ESTsoft
[06/01/2010|20:01] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Free Download Manager
[15/09/2008|17:26] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Google
[12/10/2009|15:25] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\gtk-2.0
[18/12/2008|18:21] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Identities
[18/03/2009|16:16] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Inkscape
[10/06/2009|20:12] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Leadertech
[25/11/2009|17:43] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\LimeWire
[30/07/2008|17:00] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Macromedia
[17/08/2008|12:31] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Malwarebytes
[02/11/2008|15:32] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Media Player Classic
[18/12/2008|18:21] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Meridian93
[21/10/2009|13:10] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Microsoft
[14/11/2008|20:50] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Mozilla
[30/07/2008|12:53] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\MSNInstaller
[06/01/2010|19:46] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\OpenOffice.org2
[18/02/2009|13:34] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Real
[27/12/2009|20:39] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Samsung
[01/08/2008|11:28] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\ScanSoft
[02/02/2009|13:11] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SecuROM
[13/03/2009|21:38] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SolidWorks
[16/01/2009|23:34] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SolidWorks 2008
[30/07/2008|16:50] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Sun
[06/01/2010|16:18] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SystemProc
[02/11/2009|18:12] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\teamspeak2
[02/08/2009|16:24] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\TomTom
[30/07/2008|13:26] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\vlc
[26/05/2009|19:16] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Windows Live Writer
[14/01/2009|17:24] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\WinRAR
[18/12/2008|18:21] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Zylom


[15/12/2009|21:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[05/10/2008|17:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
[06/01/2010|16:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[06/01/2010|16:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/01/2010 19:45][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[20/09/2008|21:24] C:\Program Files\Adobe
[30/11/2009|22:06] C:\Program Files\Ad-remover
[15/08/2008|13:45] C:\Program Files\ADSL Drivers
[16/01/2009|23:26] C:\Program Files\AGEIA Technologies
[30/07/2008|12:34] C:\Program Files\Alwil Software
[21/01/2009|18:03] C:\Program Files\America's Army
[30/07/2008|13:29] C:\Program Files\Apple Software Update
[01/08/2008|11:26] C:\Program Files\ArcSoft
[06/01/2010|16:54] C:\Program Files\AVG
[25/11/2009|19:11] C:\Program Files\Axon Data
[30/07/2008|13:30] C:\Program Files\Bonjour
[02/02/2009|13:10] C:\Program Files\Boonty
[08/02/2009|16:31] C:\Program Files\BoontyGames
[16/08/2008|16:30] C:\Program Files\Browser Mouse
[01/08/2008|11:26] C:\Program Files\Canon
[30/07/2008|12:16] C:\Program Files\ComPlus Applications
[09/12/2008|19:05] C:\Program Files\Conduit
[13/12/2008|20:09] C:\Program Files\Cool MP3 Converter
[01/09/2009|12:38] C:\Program Files\CursorXP
[19/08/2008|17:15] C:\Program Files\Cyanide
[26/12/2009|15:42] C:\Program Files\DIFX
[16/12/2009|20:45] C:\Program Files\DWGeditor
[16/12/2009|20:44] C:\Program Files\eMule
[18/09/2009|15:10] C:\Program Files\Encarta
[13/01/2009|21:00] C:\Program Files\Enigma Software Group
[15/08/2008|12:44] C:\Program Files\Ensemble clavier et souris sans fil Labtec
[03/05/2009|13:56] C:\Program Files\ESTsoft
[18/09/2009|15:05] C:\Program Files\Fichiers communs
[22/05/2009|21:03] C:\Program Files\Free Download Manager
[26/12/2009|18:49] C:\Program Files\Gameforge4D
[15/01/2009|20:53] C:\Program Files\Google
[16/12/2009|20:48] C:\Program Files\Iminent
[12/10/2009|15:12] C:\Program Files\Inkscape
[26/12/2009|15:41] C:\Program Files\InstallShield Installation Information
[14/10/2009|13:43] C:\Program Files\Internet Explorer
[06/01/2010|19:49] C:\Program Files\InternetSecurity2010
[30/07/2008|16:51] C:\Program Files\Java
[30/07/2008|13:22] C:\Program Files\K-Lite Codec Pack
[30/07/2008|12:38] C:\Program Files\LimeWire
[10/06/2009|20:09] C:\Program Files\Logitech
[30/11/2009|22:06] C:\Program Files\Lphant
[06/01/2010|16:09] C:\Program Files\Malwarebytes' Anti-Malware
[17/11/2008|19:55] C:\Program Files\MediaCoder
[22/08/2008|11:05] C:\Program Files\Messenger
[06/12/2009|16:17] C:\Program Files\Messenger Plus! Live
[28/11/2009|13:41] C:\Program Files\Metin2_France
[29/09/2009|19:04] C:\Program Files\Microsoft
[18/09/2009|15:18] C:\Program Files\Microsoft AutoRoute
[11/06/2009|19:12] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/07/2008|12:19] C:\Program Files\microsoft frontpage
[26/12/2009|17:58] C:\Program Files\Microsoft Hardware
[18/09/2009|15:05] C:\Program Files\microsoft money 2005
[18/09/2009|15:00] C:\Program Files\Microsoft Office
[29/09/2009|19:04] C:\Program Files\Microsoft Silverlight
[18/12/2008|19:21] C:\Program Files\Microsoft SQL Server Compact Edition
[18/12/2008|19:23] C:\Program Files\Microsoft Sync Framework
[18/09/2009|15:02] C:\Program Files\Microsoft Works
[18/09/2009|14:55] C:\Program Files\Microsoft Works Suite 2005
[16/01/2009|23:14] C:\Program Files\Microsoft.NET
[22/08/2008|11:02] C:\Program Files\Movie Maker
[06/01/2010|17:53] C:\Program Files\Mozilla Firefox
[16/01/2009|23:19] C:\Program Files\MSBuild
[16/01/2009|23:14] C:\Program Files\MSECache
[30/07/2008|12:58] C:\Program Files\MSN
[30/07/2008|12:15] C:\Program Files\MSN Gaming Zone
[23/02/2009|18:16] C:\Program Files\MSXML 4.0
[16/08/2008|14:25] C:\Program Files\NETGEAR
[22/08/2008|11:00] C:\Program Files\NetMeeting
[30/07/2008|12:15] C:\Program Files\Online Services
[30/07/2008|16:51] C:\Program Files\OpenOffice.org 2.4
[22/08/2008|11:00] C:\Program Files\Outlook Express
[12/02/2009|15:14] C:\Program Files\Paint.NET
[25/06/2009|11:27] C:\Program Files\Paprikari
[20/09/2008|21:14] C:\Program Files\PDFCreator
[20/09/2008|21:13] C:\Program Files\PDFCreator Toolbar
[18/09/2009|15:08] C:\Program Files\Picture It! Premium 10
[30/07/2008|13:30] C:\Program Files\QuickTime
[14/11/2008|20:37] C:\Program Files\Real
[30/07/2008|16:27] C:\Program Files\Realtek AC97
[16/01/2009|23:16] C:\Program Files\Reference Assemblies
[22/11/2009|13:13] C:\Program Files\Return to Castle Wolfenstein
[19/02/2009|09:49] C:\Program Files\Rockstar Games
[30/07/2008|16:19] C:\Program Files\S3Inc
[26/12/2009|15:41] C:\Program Files\Samsung
[01/08/2008|11:27] C:\Program Files\ScanSoft
[30/07/2008|12:17] C:\Program Files\Services en ligne
[17/10/2009|10:50] C:\Program Files\SFR
[16/01/2009|23:30] C:\Program Files\SolidWorks
[08/02/2009|16:31] C:\Program Files\SopCast
[02/08/2009|16:24] C:\Program Files\TomTom HOME 2
[02/08/2009|16:24] C:\Program Files\TomTom International B.V
[06/10/2009|18:31] C:\Program Files\trend micro
[31/01/2009|11:24] C:\Program Files\Ubi Soft
[30/07/2008|12:25] C:\Program Files\Uninstall Information
[25/06/2009|21:38] C:\Program Files\VDOWNLOADER
[30/07/2008|16:19] C:\Program Files\VIA
[30/07/2008|13:25] C:\Program Files\VideoLAN
[29/09/2009|19:03] C:\Program Files\Windows Live
[18/12/2008|19:19] C:\Program Files\Windows Live SkyDrive
[11/08/2008|14:33] C:\Program Files\Windows Media Connect 2
[05/07/2009|15:23] C:\Program Files\Windows Media Player
[22/08/2008|11:00] C:\Program Files\Windows NT
[30/07/2008|12:17] C:\Program Files\WindowsUpdate
[30/07/2008|12:19] C:\Program Files\xerox
[22/12/2008|13:46] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[26/12/2009|15:40] C:\Program Files\Fichiers communs\Adobe
[30/07/2008|13:29] C:\Program Files\Fichiers communs\Apple
[14/06/2009|14:59] C:\Program Files\Fichiers communs\Blizzard Entertainment
[18/09/2009|15:01] C:\Program Files\Fichiers communs\Designer
[16/01/2009|23:26] C:\Program Files\Fichiers communs\eDrawings2008
[01/08/2008|11:26] C:\Program Files\Fichiers communs\InstallShield
[30/07/2008|16:51] C:\Program Files\Fichiers communs\Java
[10/06/2009|20:12] C:\Program Files\Fichiers communs\LogiShrd
[29/08/2009|19:07] C:\Program Files\Fichiers communs\Logitech
[18/09/2009|15:10] C:\Program Files\Fichiers communs\Microsoft Shared
[30/07/2008|12:17] C:\Program Files\Fichiers communs\MSSoap
[30/07/2008|14:03] C:\Program Files\Fichiers communs\ODBC
[18/02/2009|13:35] C:\Program Files\Fichiers communs\Real
[01/08/2008|11:28] C:\Program Files\Fichiers communs\ScanSoft Shared
[30/07/2008|12:17] C:\Program Files\Fichiers communs\Services
[30/11/2009|22:07] C:\Program Files\Fichiers communs\SolidWorks Shared
[30/07/2008|14:03] C:\Program Files\Fichiers communs\SpeechEngines
[22/08/2008|11:00] C:\Program Files\Fichiers communs\System
[18/12/2008|18:50] C:\Program Files\Fichiers communs\Windows Live
[30/07/2008|13:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 52 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertising[3].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-06 20:03:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\APPLIC~1\Microsoft\Internet Explorer\Recovery\Last Active\{1DDDA0C8-FAF6-11DE-8FF9-0013D398B25D}.dat 96256 bytes
scan completed successfully
hidden processes: 0
hidden files: 2

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\jeux ds setup incl keygen.zip
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE.zip
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE\keygen
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE\keygen\file_id.diz
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE\keygen\REVENGE.nfo
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\crack
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\Data1.dll
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\Data2.dll
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\SolidWorks 2007 Crack.nfo
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2008 Office Premium SP3.0 w COSMOS\crack
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\[ PC Games ] - Age of Empires II(FULL)(2)\crack.zip


[F:1194][D:51]-> C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\Temp
[F:1657][D:0]-> C:\DOCUME~1\FERNAN~1.MAI\Cookies
[F:2473][D:16]-> C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/01/2010|19:52 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06/01/2010|20:04 - Option : [2]

--------------------\\ Fin du rapport a 20:04:48
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 44
rafoufe42 Messages postés 82 Date d'inscription   Statut Membre Dernière intervention   2
 
Voila le raport mais je ne peux pas aller sur le site cela me met probleme de connexion bizare nn?



--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : fernandes antoine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 9.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:18 Go)
D:\ (USB)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 06/01/2010|20:02 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\vga active.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\vga active.exe
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1\Bin Four Grid.exe
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1\insideexitclock.exe
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1\tztsqzhv.exe
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\Temp\sta35.exe
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertstream[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertstream[3].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@ads.adultadvertising[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertising[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@booking.db.advertising[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@ero-advertising[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@www.adultadvertising[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@bigpoint[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@fr.deepolis.bigpoint[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@fr.thepimps.bigpoint[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@serve.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@www.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@fr.partypoker[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@partypoker[2].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@www.2xmoinscher[1].txt
Supprime! - C:\WINDOWS\Tasks\AAC3207D9188D079.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
Supprime! - C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\bike01~1
Supprime! - C:\Program Files\bike01~1
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[14/01/2009|16:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[25/06/2009|11:27] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Adobe
[25/06/2009|11:13] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Macromedia
[24/06/2009|21:20] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Malwarebytes
[06/01/2010|16:52] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Microsoft

[14/10/2009|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AA3DeployClient
[20/09/2008|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[30/07/2008|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[30/07/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/01/2010|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg9
[14/06/2009|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[01/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[15/10/2009|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Chat Republic Games
[02/11/2008|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[03/05/2009|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Estsoft
[10/12/2008|09:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
[14/01/2009|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/09/2009|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[26/09/2009|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[17/08/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[12/06/2009|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[10/06/2009|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[17/08/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/11/2009|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee Security Scan
[16/08/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/12/2009|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/12/2009|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[30/07/2008|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[12/02/2009|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[16/01/2009|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SolidWorks
[26/06/2009|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
[01/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
[13/01/2009|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[02/08/2009|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[16/12/2009|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Toolbar4
[20/08/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[30/07/2008|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[30/07/2008|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[10/12/2008|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[30/07/2008|12:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[30/07/2008|12:28] C:\DOCUME~1\FERNAN~1\APPLIC~1\Microsoft

[20/09/2008|21:31] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Adobe
[30/07/2008|13:30] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Apple Computer
[26/02/2009|21:35] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\ArcSoft
[31/10/2009|19:59] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Canon
[06/01/2010|18:10] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Desktopicon
[16/01/2009|23:23] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\DWGeditor
[03/05/2009|14:03] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\ESTsoft
[06/01/2010|20:01] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Free Download Manager
[15/09/2008|17:26] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Google
[12/10/2009|15:25] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\gtk-2.0
[18/12/2008|18:21] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Identities
[18/03/2009|16:16] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Inkscape
[10/06/2009|20:12] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Leadertech
[25/11/2009|17:43] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\LimeWire
[30/07/2008|17:00] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Macromedia
[17/08/2008|12:31] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Malwarebytes
[02/11/2008|15:32] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Media Player Classic
[18/12/2008|18:21] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Meridian93
[21/10/2009|13:10] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Microsoft
[14/11/2008|20:50] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Mozilla
[30/07/2008|12:53] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\MSNInstaller
[06/01/2010|19:46] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\OpenOffice.org2
[18/02/2009|13:34] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Real
[27/12/2009|20:39] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Samsung
[01/08/2008|11:28] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\ScanSoft
[02/02/2009|13:11] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SecuROM
[13/03/2009|21:38] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SolidWorks
[16/01/2009|23:34] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SolidWorks 2008
[30/07/2008|16:50] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Sun
[06/01/2010|16:18] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\SystemProc
[02/11/2009|18:12] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\teamspeak2
[02/08/2009|16:24] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\TomTom
[30/07/2008|13:26] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\vlc
[26/05/2009|19:16] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Windows Live Writer
[14/01/2009|17:24] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\WinRAR
[18/12/2008|18:21] C:\DOCUME~1\FERNAN~1.MAI\APPLIC~1\Zylom


[15/12/2009|21:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[05/10/2008|17:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
[06/01/2010|16:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[06/01/2010|16:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/01/2010 19:45][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[20/09/2008|21:24] C:\Program Files\Adobe
[30/11/2009|22:06] C:\Program Files\Ad-remover
[15/08/2008|13:45] C:\Program Files\ADSL Drivers
[16/01/2009|23:26] C:\Program Files\AGEIA Technologies
[30/07/2008|12:34] C:\Program Files\Alwil Software
[21/01/2009|18:03] C:\Program Files\America's Army
[30/07/2008|13:29] C:\Program Files\Apple Software Update
[01/08/2008|11:26] C:\Program Files\ArcSoft
[06/01/2010|16:54] C:\Program Files\AVG
[25/11/2009|19:11] C:\Program Files\Axon Data
[30/07/2008|13:30] C:\Program Files\Bonjour
[02/02/2009|13:10] C:\Program Files\Boonty
[08/02/2009|16:31] C:\Program Files\BoontyGames
[16/08/2008|16:30] C:\Program Files\Browser Mouse
[01/08/2008|11:26] C:\Program Files\Canon
[30/07/2008|12:16] C:\Program Files\ComPlus Applications
[09/12/2008|19:05] C:\Program Files\Conduit
[13/12/2008|20:09] C:\Program Files\Cool MP3 Converter
[01/09/2009|12:38] C:\Program Files\CursorXP
[19/08/2008|17:15] C:\Program Files\Cyanide
[26/12/2009|15:42] C:\Program Files\DIFX
[16/12/2009|20:45] C:\Program Files\DWGeditor
[16/12/2009|20:44] C:\Program Files\eMule
[18/09/2009|15:10] C:\Program Files\Encarta
[13/01/2009|21:00] C:\Program Files\Enigma Software Group
[15/08/2008|12:44] C:\Program Files\Ensemble clavier et souris sans fil Labtec
[03/05/2009|13:56] C:\Program Files\ESTsoft
[18/09/2009|15:05] C:\Program Files\Fichiers communs
[22/05/2009|21:03] C:\Program Files\Free Download Manager
[26/12/2009|18:49] C:\Program Files\Gameforge4D
[15/01/2009|20:53] C:\Program Files\Google
[16/12/2009|20:48] C:\Program Files\Iminent
[12/10/2009|15:12] C:\Program Files\Inkscape
[26/12/2009|15:41] C:\Program Files\InstallShield Installation Information
[14/10/2009|13:43] C:\Program Files\Internet Explorer
[06/01/2010|19:49] C:\Program Files\InternetSecurity2010
[30/07/2008|16:51] C:\Program Files\Java
[30/07/2008|13:22] C:\Program Files\K-Lite Codec Pack
[30/07/2008|12:38] C:\Program Files\LimeWire
[10/06/2009|20:09] C:\Program Files\Logitech
[30/11/2009|22:06] C:\Program Files\Lphant
[06/01/2010|16:09] C:\Program Files\Malwarebytes' Anti-Malware
[17/11/2008|19:55] C:\Program Files\MediaCoder
[22/08/2008|11:05] C:\Program Files\Messenger
[06/12/2009|16:17] C:\Program Files\Messenger Plus! Live
[28/11/2009|13:41] C:\Program Files\Metin2_France
[29/09/2009|19:04] C:\Program Files\Microsoft
[18/09/2009|15:18] C:\Program Files\Microsoft AutoRoute
[11/06/2009|19:12] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/07/2008|12:19] C:\Program Files\microsoft frontpage
[26/12/2009|17:58] C:\Program Files\Microsoft Hardware
[18/09/2009|15:05] C:\Program Files\microsoft money 2005
[18/09/2009|15:00] C:\Program Files\Microsoft Office
[29/09/2009|19:04] C:\Program Files\Microsoft Silverlight
[18/12/2008|19:21] C:\Program Files\Microsoft SQL Server Compact Edition
[18/12/2008|19:23] C:\Program Files\Microsoft Sync Framework
[18/09/2009|15:02] C:\Program Files\Microsoft Works
[18/09/2009|14:55] C:\Program Files\Microsoft Works Suite 2005
[16/01/2009|23:14] C:\Program Files\Microsoft.NET
[22/08/2008|11:02] C:\Program Files\Movie Maker
[06/01/2010|17:53] C:\Program Files\Mozilla Firefox
[16/01/2009|23:19] C:\Program Files\MSBuild
[16/01/2009|23:14] C:\Program Files\MSECache
[30/07/2008|12:58] C:\Program Files\MSN
[30/07/2008|12:15] C:\Program Files\MSN Gaming Zone
[23/02/2009|18:16] C:\Program Files\MSXML 4.0
[16/08/2008|14:25] C:\Program Files\NETGEAR
[22/08/2008|11:00] C:\Program Files\NetMeeting
[30/07/2008|12:15] C:\Program Files\Online Services
[30/07/2008|16:51] C:\Program Files\OpenOffice.org 2.4
[22/08/2008|11:00] C:\Program Files\Outlook Express
[12/02/2009|15:14] C:\Program Files\Paint.NET
[25/06/2009|11:27] C:\Program Files\Paprikari
[20/09/2008|21:14] C:\Program Files\PDFCreator
[20/09/2008|21:13] C:\Program Files\PDFCreator Toolbar
[18/09/2009|15:08] C:\Program Files\Picture It! Premium 10
[30/07/2008|13:30] C:\Program Files\QuickTime
[14/11/2008|20:37] C:\Program Files\Real
[30/07/2008|16:27] C:\Program Files\Realtek AC97
[16/01/2009|23:16] C:\Program Files\Reference Assemblies
[22/11/2009|13:13] C:\Program Files\Return to Castle Wolfenstein
[19/02/2009|09:49] C:\Program Files\Rockstar Games
[30/07/2008|16:19] C:\Program Files\S3Inc
[26/12/2009|15:41] C:\Program Files\Samsung
[01/08/2008|11:27] C:\Program Files\ScanSoft
[30/07/2008|12:17] C:\Program Files\Services en ligne
[17/10/2009|10:50] C:\Program Files\SFR
[16/01/2009|23:30] C:\Program Files\SolidWorks
[08/02/2009|16:31] C:\Program Files\SopCast
[02/08/2009|16:24] C:\Program Files\TomTom HOME 2
[02/08/2009|16:24] C:\Program Files\TomTom International B.V
[06/10/2009|18:31] C:\Program Files\trend micro
[31/01/2009|11:24] C:\Program Files\Ubi Soft
[30/07/2008|12:25] C:\Program Files\Uninstall Information
[25/06/2009|21:38] C:\Program Files\VDOWNLOADER
[30/07/2008|16:19] C:\Program Files\VIA
[30/07/2008|13:25] C:\Program Files\VideoLAN
[29/09/2009|19:03] C:\Program Files\Windows Live
[18/12/2008|19:19] C:\Program Files\Windows Live SkyDrive
[11/08/2008|14:33] C:\Program Files\Windows Media Connect 2
[05/07/2009|15:23] C:\Program Files\Windows Media Player
[22/08/2008|11:00] C:\Program Files\Windows NT
[30/07/2008|12:17] C:\Program Files\WindowsUpdate
[30/07/2008|12:19] C:\Program Files\xerox
[22/12/2008|13:46] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[26/12/2009|15:40] C:\Program Files\Fichiers communs\Adobe
[30/07/2008|13:29] C:\Program Files\Fichiers communs\Apple
[14/06/2009|14:59] C:\Program Files\Fichiers communs\Blizzard Entertainment
[18/09/2009|15:01] C:\Program Files\Fichiers communs\Designer
[16/01/2009|23:26] C:\Program Files\Fichiers communs\eDrawings2008
[01/08/2008|11:26] C:\Program Files\Fichiers communs\InstallShield
[30/07/2008|16:51] C:\Program Files\Fichiers communs\Java
[10/06/2009|20:12] C:\Program Files\Fichiers communs\LogiShrd
[29/08/2009|19:07] C:\Program Files\Fichiers communs\Logitech
[18/09/2009|15:10] C:\Program Files\Fichiers communs\Microsoft Shared
[30/07/2008|12:17] C:\Program Files\Fichiers communs\MSSoap
[30/07/2008|14:03] C:\Program Files\Fichiers communs\ODBC
[18/02/2009|13:35] C:\Program Files\Fichiers communs\Real
[01/08/2008|11:28] C:\Program Files\Fichiers communs\ScanSoft Shared
[30/07/2008|12:17] C:\Program Files\Fichiers communs\Services
[30/11/2009|22:07] C:\Program Files\Fichiers communs\SolidWorks Shared
[30/07/2008|14:03] C:\Program Files\Fichiers communs\SpeechEngines
[22/08/2008|11:00] C:\Program Files\Fichiers communs\System
[18/12/2008|18:50] C:\Program Files\Fichiers communs\Windows Live
[30/07/2008|13:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 52 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\FERNAN~1.MAI\Cookies\fernandes_antoine@advertising[3].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-06 20:03:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\APPLIC~1\Microsoft\Internet Explorer\Recovery\Last Active\{1DDDA0C8-FAF6-11DE-8FF9-0013D398B25D}.dat 96256 bytes
scan completed successfully
hidden processes: 0
hidden files: 2

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\jeux ds setup incl keygen.zip
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE.zip
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE\keygen
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE\keygen\file_id.diz
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\nds fifa 2009 incl keygen by REVENGE\keygen\REVENGE.nfo
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\crack
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\Data1.dll
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\Data2.dll
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2007 Crack\SolidWorks 2007 Crack.nfo
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\SolidWorks 2008 Office Premium SP3.0 w COSMOS\crack
C:\DOCUME~1\FERNAN~1.MAI\Mes documents\LimeWire\Saved\[ PC Games ] - Age of Empires II(FULL)(2)\crack.zip


[F:1194][D:51]-> C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\Temp
[F:1657][D:0]-> C:\DOCUME~1\FERNAN~1.MAI\Cookies
[F:2473][D:16]-> C:\DOCUME~1\FERNAN~1.MAI\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/01/2010|19:52 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06/01/2010|20:04 - Option : [2]

--------------------\\ Fin du rapport a 20:04:48
0
Réponse 6 / 44
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
oui

je vois qu'un rookit agit sur internet explorer

on va donc procéder autrement

Télécharge rkill
https://download.bleepingcomputer.com/grinler/rkill.exe
Enregistre-le sur ton Bureau
Double-clique sur l'icone rkill ( pour Vista/Seven clic-droit Exécuter en tant qu'Administrateur)
Un bref écran noir t'indiquera que le tool s'est correctement exécuter, s'il ne lance pas
change de lien de téléchargement en utilisant le suivant à partir d'ici:
http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com

une fois qu'il aura terminé lance

Téléchargez MalwareByte's Anti-Malware

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

ATTENTION : renomme le FERNAN.exe avant de l'enregistrer sur le bureau

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam




0
Réponse 7 / 44
rafoufe42 Messages postés 82 Date d'inscription   Statut Membre Dernière intervention   2
 
Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3458
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

06/01/2010 21:23:38
mbam-log-2010-01-06 (21-23-38).txt

Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|K:\|)
Eléments examinés: 204709
Temps écoulé: 57 minute(s), 37 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 6
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\IS2010 (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet security 2010 (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\InternetSecurity2010 (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\InternetSecurity2010\IS2010.exe (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\fernandes antoine.MAISON-30EE0A86\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\fernandes antoine.MAISON-30EE0A86\Menu Démarrer\Internet Security 2010.lnk (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\41.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
0
Réponse 8 / 44
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
ok

tu peux vider la quarantaine de MBAM mais celui n'a pas été mis à jour

il faut donc refaire le scan complet en le mettant à jour avant...et poster le nouveau rapport
0
Réponse 9 / 44
rafoufe42 Messages postés 82 Date d'inscription   Statut Membre Dernière intervention   2
 
bonjour, en fait je ne peux pas le mettre a jour cela me met erreur 732
0
Réponse 10 / 44
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
ok

le rookit toujours

fais ceci et si ca bloque dis le moi



/!\ Il faut impérativement désactiver tous tes logiciels de protection pour utiliser ce programme/!\


▶ Télécharge : Gmer (by Przemyslaw Gmerek)

http://www.gmer.net/



▶ Dezippe gmer ,cliques sur l'onglet rootkit,lances le scan,des lignes rouges vont apparaitre.

▶ Les lignes rouges indiquent la presence d'un rootkit.Postes moi le rapport gmer (cliques sur copy,puis vas dans demarrer ,puis ouvres le bloc note,vas dans edition et cliques sur coller,le rapport gmer va apparaitre,postes moi le)

Ensuite

▶ sur les lignes rouge:

▶ Services:cliques droit delete service
▶ Process:cliques droit kill process
▶ Adl ,file:cliques droit delete files
0
Réponse 11 / 44
rafoufe42 Messages postés 82 Date d'inscription   Statut Membre Dernière intervention   2
 
impossible daller sur ce site
0
Réponse 12 / 44
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
le rookit encore

Attention, avant de commencer, lit attentivement la procédure, et imprime la

Télécharge ComboFix de sUBs en le renommant RAPH.exe avant de l’enregistrer sur ton Bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et DESACTIVES TOUTES LES DEFENSES, antivirus et antispyware y compris /!\

---> Double-clique sur ComboFix.exe
Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter

SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
(si il te le propose remets provisoirement internet)

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt


0
Réponse 13 / 44
rafoufe42 Messages postés 82 Date d'inscription   Statut Membre Dernière intervention   2
 
ComboFix 10-01-04.01 - fernandes antoine 07/01/2010 18:49:50.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.959.438 [GMT 1:00]
Lancé depuis: c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Bureau\raph.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Desktopicon
c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk
c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\SystemProc
c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Bureau\Internet Security 2010.lnk
c:\program files\InternetSecurity2010
c:\program files\InternetSecurity2010\IS2010.exe
c:\program files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}
c:\program files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul
c:\program files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\install.rdf
c:\windows\system32\18467.exe
c:\windows\system32\41.exe
c:\windows\system32\6334.exe
c:\windows\TEMP\logishrd\LVPrcInj04.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-07 au 2010-01-07 ))))))))))))))))))))))))))))))))))))
.

2010-01-06 18:49 . 2010-01-06 19:04 -------- d-----w- C:\Lop SD
2010-01-06 15:54 . 2010-01-06 15:55 -------- d-----w- C:\$AVG
2010-01-06 15:54 . 2010-01-06 15:54 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-01-06 15:54 . 2010-01-06 15:54 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-01-06 15:54 . 2010-01-06 15:54 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-01-06 15:54 . 2010-01-06 15:54 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-01-06 15:54 . 2010-01-06 15:54 -------- d-----w- c:\program files\AVG
2010-01-06 15:54 . 2010-01-06 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-01-06 15:53 . 2010-01-06 16:34 -------- d-----w- c:\windows\SxsCaPendDel
2010-01-06 15:09 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-06 15:09 . 2010-01-06 19:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-06 15:09 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 14:40 . 2008-06-21 03:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-01-06 14:40 . 2008-10-31 06:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2010-01-06 14:12 . 2010-01-06 14:12 25600 ----a-w- c:\windows\system32\winlogon32.exe
2010-01-06 14:12 . 2010-01-06 14:12 25600 ----a-w- c:\windows\system32\smss32.exe
2009-12-27 19:39 . 2009-12-27 19:39 -------- d-----w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Samsung
2009-12-26 17:49 . 2009-12-26 17:49 -------- d-----w- c:\program files\Gameforge4D
2009-12-26 17:11 . 2008-03-05 15:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2009-12-26 17:11 . 2008-03-05 15:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2009-12-26 17:11 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2009-12-26 17:11 . 2008-02-05 22:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2009-12-26 17:11 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2009-12-26 17:11 . 2007-10-22 02:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2009-12-26 17:11 . 2007-10-12 14:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2009-12-26 17:11 . 2007-10-02 08:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2009-12-26 17:11 . 2007-10-12 14:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2009-12-26 17:10 . 2009-12-26 17:10 -------- d-----w- c:\windows\Logs
2009-12-26 16:58 . 2009-12-26 16:58 -------- d-----w- c:\program files\Microsoft Hardware
2009-12-26 14:42 . 2006-05-03 21:53 174592 ----a-w- c:\windows\system32\framedyn.dll
2009-12-26 14:42 . 2009-12-26 14:42 -------- d-----w- c:\program files\DIFX
2009-12-26 14:42 . 2008-02-22 14:33 14976 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2009-12-26 14:42 . 2008-02-22 14:33 12160 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2009-12-26 14:42 . 2008-02-22 14:33 12160 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2009-12-26 14:42 . 2008-02-22 14:33 114304 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2009-12-26 14:42 . 2008-02-22 14:33 87936 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2009-12-26 14:42 . 2008-02-22 14:33 12160 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2009-12-26 14:42 . 2008-02-22 14:33 12160 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2009-12-26 14:42 . 2009-12-26 14:42 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2009-12-26 14:41 . 2009-12-26 14:50 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-12-26 14:41 . 2009-12-26 14:41 -------- d-----w- c:\program files\Samsung
2009-12-25 16:32 . 2008-04-14 03:05 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-12-25 16:32 . 2008-04-14 03:05 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-12-25 16:31 . 2001-08-17 21:02 2688 -c--a-w- c:\windows\system32\dllcache\hidswvd.sys
2009-12-25 16:31 . 2001-08-17 21:02 2688 ----a-w- c:\windows\system32\drivers\HIDSwvd.sys
2009-12-25 16:31 . 2008-04-13 19:45 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys
2009-12-25 16:31 . 2008-04-13 19:45 59136 ----a-w- c:\windows\system32\drivers\GcKernel.sys
2009-12-15 20:20 . 2009-12-15 20:20 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-12-15 20:20 . 2009-12-15 20:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-07 18:04 . 2009-02-10 10:15 -------- d-----w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Free Download Manager
2010-01-07 18:02 . 2010-01-07 18:02 0 ----a-w- c:\windows\system32\41.exe
2010-01-07 18:02 . 2010-01-07 18:02 1116672 ----a-w- c:\windows\system32\IS15.exe
2010-01-07 18:02 . 2010-01-07 18:02 16896 ----a-w- c:\windows\system32\helper32.dll
2010-01-07 18:01 . 2008-07-30 15:52 -------- d-----w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\OpenOffice.org2
2010-01-06 17:03 . 2009-09-18 14:30 3476 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\wklnhst.dat
2010-01-06 15:54 . 2010-01-06 16:48 3776280 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\setup.exe
2010-01-06 15:54 . 2010-01-06 16:48 3967256 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll
2010-01-06 15:54 . 2010-01-06 16:48 2352920 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgresf.dll
2010-01-06 15:54 . 2010-01-06 16:48 4043032 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgui.exe
2010-01-06 15:54 . 2010-01-06 16:48 2033432 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtray.exe
2010-01-06 15:54 . 2010-01-06 16:48 916248 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcfgx.dll
2010-01-02 20:08 . 2008-07-30 15:53 1 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2009-12-27 20:37 . 2008-07-30 11:41 82104 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-26 14:41 . 2008-07-30 15:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 14:40 . 2008-09-20 20:24 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-12-16 19:48 . 2009-09-26 19:54 -------- d-----w- c:\program files\Iminent
2009-12-16 19:45 . 2009-09-26 19:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Toolbar4
2009-12-16 19:45 . 2009-01-16 22:22 -------- d-----w- c:\program files\DWGeditor
2009-12-16 19:44 . 2009-02-10 10:49 -------- d-----w- c:\program files\eMule
2009-12-06 15:17 . 2008-07-30 12:20 -------- d-----w- c:\program files\Messenger Plus! Live
2009-12-01 16:56 . 2009-11-30 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-30 21:07 . 2009-01-16 22:27 -------- d-----w- c:\program files\Fichiers communs\SolidWorks Shared
2009-11-30 21:06 . 2009-06-23 21:42 -------- d-----w- c:\program files\Lphant
2009-11-30 21:06 . 2009-07-01 10:48 -------- d-----w- c:\program files\Ad-remover
2009-11-30 20:52 . 2009-11-30 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-11-30 20:52 . 2009-11-30 20:52 1925024 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2009-11-28 12:41 . 2009-07-15 12:50 -------- d-----w- c:\program files\Metin2_France
2009-11-25 18:11 . 2009-11-25 18:11 -------- d-----w- c:\program files\Axon Data
2009-11-25 16:43 . 2008-08-06 11:26 -------- d-----w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\LimeWire
2009-11-23 14:26 . 2009-12-05 17:48 52224 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\extensions\{346de098-61f9-4b42-89da-6dfba7091bb6}\components\FFExternalAlert.dll
2009-11-23 14:26 . 2009-12-05 17:48 114688 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\extensions\{346de098-61f9-4b42-89da-6dfba7091bb6}\components\npmozax.dll
2009-11-22 12:13 . 2009-11-22 12:10 -------- d-----w- c:\program files\Return to Castle Wolfenstein
2009-10-25 12:07 . 2004-08-05 12:00 81096 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-25 12:07 . 2004-08-05 12:00 501232 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-20 12:33 . 2009-11-30 19:34 103424 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\extensions\piclens@cooliris.com\libs\pixomatic.dll
2009-10-20 12:33 . 2009-11-30 19:34 545280 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe
2009-10-20 12:33 . 2009-11-30 19:34 4716544 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\extensions\piclens@cooliris.com\components\cooliris.dll
2009-10-20 12:33 . 2009-11-30 19:34 344064 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe
2009-10-20 12:33 . 2009-11-30 19:34 153600 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
2009-10-14 16:05 . 2009-10-14 16:05 702520 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-10-14 14:47 . 2009-10-13 21:32 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-14 14:47 . 2009-10-13 21:32 139152 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\PnkBstrK.sys
2009-10-14 14:47 . 2009-10-13 21:32 139152 ----a-w- c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\PnkBstrK.sys
2009-10-14 14:47 . 2009-10-13 21:32 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-14 14:47 . 2009-10-13 21:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-10-14 14:47 . 2009-10-13 21:32 794408 ----a-w- c:\windows\system32\pbsvc.exe
2008-09-20 20:13 . 2008-09-20 20:13 15397 ----a-w- c:\program files\settings.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2008-11-12 2474031]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 251240]
"CursorXP"="c:\program files\CursorXP\CursorXP.exe" [2005-01-19 128000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"SideWinderTrayV4"="c:\progra~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe" [2000-06-02 24650]
"smss32.exe"="c:\windows\system32\smss32.exe" [2010-01-06 25600]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-01-06 2033432]

c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Menu D‚marrer\Programmes\D‚marrage\
Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-4-17 488728]
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Menu D‚marrer\Programmes\D‚marrage\
Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-4-17 488728]
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Menu D‚marrer\Programmes\D‚marrage\
Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-4-17 488728]
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Activer l'ensemble clavier et souris sans fil Labtec.lnk - c:\program files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe [2008-8-15 258048]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2007-9-12 1527808]

c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Menu D‚marrer\Programmes\D‚marrage\
Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-4-17 488728]
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\winlogon32.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-01-06 15:54 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Metin2_France\\metin2.bin"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Return to Castle Wolfenstein\\WolfMP.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1334:UDP"= 1334:UDP:Windows Media Format SDK (iexplore.exe)
"1335:UDP"= 1335:UDP:Windows Media Format SDK (iexplore.exe)
"1340:UDP"= 1340:UDP:Windows Media Format SDK (iexplore.exe)
"11093:TCP"= 11093:TCP:emule

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [06/01/2010 16:54 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [06/01/2010 16:54 360584]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [15/08/2008 12:44 11776]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [06/01/2010 15:40 270888]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [06/01/2010 16:54 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [06/01/2010 16:54 285392]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [18/12/2008 19:27 54752]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [08/04/2009 11:38 92008]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [06/01/2010 15:40 65576]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 21:48 704864]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [23/04/2007 13:11 224896]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uStart Page = hxxp://www.google.fr/
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
LSP: c:\windows\system32\helper32.dll
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2032792&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - IMBooster4web-en Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2032792&SearchSource=2&q=
FF - component: c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\extensions\{346de098-61f9-4b42-89da-6dfba7091bb6}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\extensions\piclens@cooliris.com\components\cooliris.dll
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Application Data\Mozilla\Firefox\Profiles\ik9x3a3p.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
FF - user.js: keyword.enabled - true
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Internet Security 2010 - c:\program files\InternetSecurity2010\IS2010.exe
AddRemove-TeamSpeak 3 - c:\documents and settings\fernandes antoine.MAISON-30EE0A86\Bureau\david\TeamSpeak 3\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-07 19:01
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


c:\windows\system32\IS15.exe 1116672 bytes executable
c:\windows\system32\helper32.dll 16896 bytes executable

Scan terminé avec succès
Fichiers cachés: 2

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1343024091-2139871995-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F54BDA24-BE59-3784-0EE1-8209A9C9A2A7}*]
"oalmpedcbhghekmpmcmgdmjeegdfkm"=hex:6b,61,6d,6c,6a,6e,6c,6d,64,69,6f,69,70,6c,
68,66,65,6f,6c,6b,68,68,00,00
"nabmnjonndmolahekcfhnhpebhec"=hex:6b,61,6d,6c,6a,6e,6c,6d,64,69,6f,69,70,6c,
68,66,65,6f,6c,6b,68,68,00,01
"oapmllmkokomibknfokimmfncbeoko"=hex:64,61,6d,6c,6e,6d,6f,6c,00,70
"eadmllpkck"=hex:65,61,70,6f,61,6b,6f,6a,6a,6e,00,00
"caonnn"=hex:67,61,6d,6c,64,6e,67,69,69,63,65,63,66,69,00,00

[HKEY_USERS\S-1-5-21-1343024091-2139871995-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:97,05,50,28,e9,12,72,51,ba,a0,c0,49,9c,3b,28,bd,25,88,22,de,07,
9d,63,ce,5e,55,ca,f7,23,c1,31,6b,b3,b8,ca,a2,48,17,f6,f9,76,9d,e6,9e,76,b0,\
"rkeysecu"=hex:d9,c1,c1,44,25,75,1a,1e,23,12,bf,fa,6f,d3,d1,05
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(7640)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\progra~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
c:\windows\system32\msls31.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\OpenOffice.org 2.4\program\soffice.exe
c:\program files\OpenOffice.org 2.4\program\soffice.BIN
c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Heure de fin: 2010-01-07 19:07:05 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-07 18:07

Avant-CF: 21 254 266 880 octets libres
Après-CF: 21 821 042 688 octets libres

- - End Of File - - 7D9B62534CC3B5A3FBD6F659F8D68E12
0
Réponse 14 / 44
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
ca devrait aller mieux

relances MBAM
mets le à jour
examen complet
supprimer ce qu'il trouve
poster le rapport

ensuite

relancer RSIT et poster juste le rapport log
0
Réponse 15 / 44
fix200 Messages postés 3243 Date d'inscription   Statut Contributeur sécurité Dernière intervention   158
 
Salut Rafoufe, tu te souviens de moi ? ^^

Salut Mdg :)
look dans le rapport Combo, celui de Gmer:


Recherche de fichiers cachés ...

c:\windows\system32\IS15.exe 1116672 bytes executable
c:\windows\system32\helper32.dll 16896 bytes executable


C'est un rootkit ça, donc pas facile à virer ... ;)

Rafoufe,
fais ceci :

/!\ ATTENTION /!\ : Cette procédure a été crée spécialement pour CET UTILISATEUR, toute copie sur sur un autre système peut entrainer des dysfonctionnements graves.

▶ Copie le texte ci-dessous :

KillAll::

File::
c:\windows\system32\winlogon32.exe
c:\windows\system32\smss32.exe
c:\windows\system32\41.exe
c:\windows\system32\IS15.exe
c:\windows\system32\helper32.dll

Rootkit::
c:\windows\system32\IS15.exe
c:\windows\system32\helper32.dll

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"smss32.exe"=-
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"=""

▶ Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)

▶ Sauvegarde ce fichier sous le nom de CFScript.txt

/!\ Déconnecte ton PC d'Internet et referme les fenêtres de tous les programmes en cours. /!\
(!) Désactive provisoirement (et seulement le temps de l'utilisation de ComboFix), la protection en temps réel de ton Antivirus et de tes Antispywares et de TOUT tes logiciels de protection (!).


▶ Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ceci

-> Cela va relancer Combofix,

▶ Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

▶ Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

/!\ Ne touche à rien tant que le scan n'est pas terminé /!\

▶ Après redémarrage, poste le contenu du rapport Combofix.txt

=========

Fais ce que demande Mdg ici:
https://forums.commentcamarche.net/forum/affich-16029814-aidez-moi-gros-virus-voici-mon-hijackthis#14

Bonne chasse :)
0
Réponse 16 / 44
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
bonjour fix et merci

j'avais vu et espéré apres combo pouvoir les attraper avec mbam

mais tu m'as fait gagné du temps en faisant ce script sans que je l'ai à le demander....

Rafoufe,

faire post 15
0
Réponse 17 / 44
rafoufe42 Messages postés 82 Date d'inscription   Statut Membre Dernière intervention   2
 
bonjour fix mais du coup jarete lanalys mbam en cours?
0
Réponse 18 / 44
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
oui arrêtes le

et fais dans l'ordre indiqué par fix
0
Réponse 19 / 44
fix200 Messages postés 3243 Date d'inscription   Statut Contributeur sécurité Dernière intervention   158
 
Re,

Oui stp.
0
Réponse 20 / 44
rafoufe42 Messages postés 82 Date d'inscription   Statut Membre Dernière intervention   2
 
daccord je vais faire tout ce qui est indiqué.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
message de postmaster incessant !
wasap -
wasap -

9 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses