Besion d'aide trojan/SPY.DELF.iay

Résolu
max71 -  
 max71 -
bonjour ,je n'arrive pas a supprimé un virus du non de TR/SPY.Delf.iay mon antivirus est antivir premium et il ne le supprime pas . quelqu'un pourrait m'aidé a le supprimé ??? merci

40 réponses

  • 1
  • 2
  1. Utilisateur anonyme
     
    Bonsoir

    Pour de plus amples informations, fait ceci stp

    Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :

    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

    Ou

    https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

    Serveur N°2

    Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.

    Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »

    Clique sur la loupe pour lancer l'analyse.

    Laisse l'outil travailler, il peut être assez long.

    Ferme ZHPDiag en fin d'analyse.

    Pour transmettre le rapport clique sur ce lien :

    http://www.cijoint.fr/index.php
    Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).

    Sélectionne le fichier ZHPDiag.txt.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.

    Merci

    @+
    0
  2. max71
     
    slt guillaume5188. j'ai fait comme tu m'a indiqué .j'ai bien le rapport dans programes files mais je ne peut pas l'envoyé . le liens que tu m'a indiqué m'amene biensur sur page ,je fait comme indiqué mais on me dit que ca n'accepte pas les fichiers extensions exe ???
    0
  3. Utilisateur anonyme
     
    Re

    Postes tu bien le ZHP Diag.txt et non le ZHP Diag.exe

    Vérifie;merci
    @+
    0
  4. max71
     
    ok guillaume, je m'etais trompé !! voici le lien :

    http://www.cijoint.fr/cjlink.php?file=cj201004/cij82fF9Lw.txt
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Re

    1) # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


    Télécharge et install UsbFix de El Desaparecido , C_XX & Chimay8
    Ici : http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe

    Tutorial de Malekal_Morte si besoin, merci à lui : https://www.malekal.com/usbfix-supprimer-virus-usb/

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

    # Double clic sur le raccourci UsbFix présent sur ton bureau.

    # Choisi l option 2 (Suppression)

    # Laisse travailler l outil.

    # Ensuite post le rapport UsbFix.txt qui apparaîtra.

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. (C:\UsbFix.txt)

    (CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    2)* Télécharge Ad-remover ( de C_XX ) sur ton bureau :

    http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

    ! Déconnecte toi et ferme toutes applications en cours !

    * Double clique ou clic droit (exécuter en tant que admin...sur Vista et Windows7) sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut.

    * Double-clique ou clic droit (exécuter en tant que admin...sur Vista) sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

    * Au menu principal choisis l'option "Nettoyer"
    et sur [entrée] .

    * Laisse travailler l'outil et ne touche à rien ...

    --> Poste le rapport qui apparaît à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    Aides en images (Installation) : http://pagesperso-orange.fr/NosTools/ad_remover.html images (Recherche): http://pagesperso-orange.fr/NosTools/tuto_adr_2.html

    3)* Désactive ton antivirus. (Lop S&D détecté par certains antivirus )
    * Télécharge Lop S&D (créé par eric 71) sur ton Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
    * Double-clique dessus pour lancer l'installation
    * Double-clique sur le raccourci Lop S&D présent sur ton Bureau
    Note : Avec VISTA => clic droit et => Exécuter en tant qu'administrateur.
    * Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche)
    * Patiente jusqu'à la fin du scan
    * Poste le rapport généré
    * Réactive ton antivirus

    Tutorial pour t'aider : http://www.malekal.com//tutorial_Lop_SD.php

    Poste les rapports au fur et à mesure ;merci

    @+
    0
  7. max71
     
    voici le rapport USBfix

    ############################## | UsbFix V6.108 |

    User : bernard (Administrateurs) # BERNARD-8P1PK15
    Update on 23/04/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 20:09:01 | 24/04/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    AMD Athlon(tm) 64 Processor 3500+
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
    AV : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 [ Enabled | (!) Outdated ]

    A:\ -> Lecteur de disquettes 3 ½ pouces
    C:\ -> Disque fixe local # 76,68 Go (16,49 Go free) # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM

    ################## | Elements infectieux |

    Supprimé ! C:\Recycler\S-1-5-21-602162358-515967899-725345543-1003
    Supprimé ! C:\Recycler\S-1-5-21-602162358-515967899-725345543-501

    ################## | Registre |

    ################## | Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{473c2ddc-37c4-11de-83a0-0015f252dbe2}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{473c2ddd-37c4-11de-83a0-0015f252dbe2}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{b3fb275e-5446-11de-83e7-0015f252dbe2}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{ddb7cb98-9019-11dd-81de-0015f252dbe2}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [04/02/2010 19:50|--a------|8099] C:\Ad-Report-CLEAN[1].log
    [03/02/2010 20:52|--a------|8042] C:\Ad-Report-SCAN[1].log
    [04/02/2010 19:17|--a------|8086] C:\Ad-Report-SCAN[2].log
    [09/08/2007 02:00|--a------|0] C:\AUTOEXEC.BAT
    [16/08/2008 11:24|-rahs----|212] C:\boot.ini
    [28/09/2001 14:00|-rahs----|4952] C:\Bootfont.bin
    [06/02/2010 19:27|--a------|322042] C:\cc_20100206_182655.reg
    [09/08/2007 02:00|--a------|0] C:\CONFIG.SYS
    [09/08/2007 02:00|-rahs----|0] C:\IO.SYS
    [17/08/2009 14:01|--ah-----|1623] C:\IPH.PH
    [03/04/2010 09:57|--a------|127] C:\mbam-error.txt
    [03/02/2010 22:33|--a------|1188] C:\mbam-log-2010-02-03 (21-32-57).txt
    [09/08/2007 02:00|-rahs----|0] C:\MSDOS.SYS
    [09/08/2007 02:08|-rahs----|47564] C:\NTDETECT.COM
    [20/07/2008 12:05|-rahs----|252240] C:\ntldr
    [?|?|?] C:\pagefile.sys
    [22/12/2008 20:24|--a------|93849798] C:\Sauv.reg
    [24/04/2010 20:11|--a------|2455] C:\UsbFix.txt

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

    ################## | Upload |

    Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_BERNARD-8P1PK15.zip : https://www.ionos.fr/?affiliate_id=77097
    Merci pour votre contribution .

    ################## | ! Fin du rapport # UsbFix V6.108 ! |
    0
  8. max71
     
    voici le rapport AD.remover:

    .
    ======= RAPPORT D'AD-REMOVER 2.0.0.0,C | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 22/04/10 à 19:00
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 20:31:30 le 24/04/2010 | Mode normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\ADR.exe
    SE: Microsoft® Windows XP(TM) Service Pack 3 - X86
    Nom du PC: BERNARD-8P1PK15
    Utilisateur actuel: bernard (Administrateur)
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    .
    C:\Casino\Casino.com
    C:\Documents and Settings\All Users\Bureau\Casino.com.lnk
    C:\Documents and Settings\All Users\Bureau\Titan Poker.lnk
    C:\Documents and Settings\All Users\Menu Démarrer\Titan Poker.lnk
    C:\Documents and Settings\bernard\Application Data\Microsoft\Internet Explorer\Quick Launch\Titan Poker.lnk
    C:\Documents and Settings\bernard\Local Settings\Application Data\IMBooster4web-en
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\IMBooster4web-en
    C:\Poker\Titan Poker
    C:\Program Files\IMBooster4web-en
    C:\Program Files\Iminent
    C:\Program Files\Mozilla FireFox\searchplugins\SearchTheWeb.xml

    (!) -- Fichiers temporaires supprimés.
    .
    HKCU\Software\Casino.com
    HKCU\Software\Freeze.com
    HKCU\Software\IMBooster4web-en
    HKCU\Software\Iminent
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{346DE098-61F9-4B42-89DA-6DFBA7091BB6}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{346DE098-61F9-4B42-89DA-6DFBA7091BB6}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    HKCU\Software\Titan Poker
    HKLM\Software\Casino.com
    HKLM\Software\Classes\CLSID\{05DA3268-5D12-44AE-8BF3-96C932C61308}
    HKLM\Software\Classes\CLSID\{346DE098-61F9-4B42-89DA-6DFBA7091BB6}
    HKLM\Software\Classes\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    HKLM\Software\Classes\IminentBHONavigationError.CHelperBHO
    HKLM\Software\Classes\IminentBHONavigationError.CHelperBHO.1
    HKLM\Software\Classes\IminentLinkToContent.LinkToContent
    HKLM\Software\Classes\IminentLinkToContent.LinkToContent.1
    HKLM\Software\Classes\Interface\{0CA97EEE-C8C4-4B10-A332-10AF1FBEB534}
    HKLM\Software\Classes\TypeLib\{2C6674DB-EFB5-464A-A715-3E770B9C8A94}
    HKLM\Software\Classes\TypeLib\{587D1093-12E0-4B0E-9426-AF9DC5ABB77D}
    HKLM\Software\Classes\TypeLib\{77860007-19AE-4C29-B26D-AEA48F3A05C5}
    HKLM\Software\Freeze.com
    HKLM\Software\IMBooster4web-en
    HKLM\Software\Iminent
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\8eb04710-b677-40aa-80d5-e444172a53fc
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{346DE098-61F9-4B42-89DA-6DFBA7091BB6}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6E9BAAF-53CD-4575-967B-2AF710A7D21F}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{05DA3268-5D12-44AE-8BF3-96C932C61308}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBooster4web-en Toolbar
    HKLM\Software\Titan Poker
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{346DE098-61F9-4B42-89DA-6DFBA7091BB6}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D0523BB4-21E7-11DD-9AB7-415B56D89593}
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{346de098-61f9-4b42-89da-6dfba7091bb6}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar|{346DE098-61F9-4B42-89DA-6DFBA7091BB6}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run|IMBooster
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Iminent.Notifier
    .
    (Orpheline) BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} (CLSID manquant)
    (Orpheline) HKLM,Uninstall - SaveMoney.SaveMoneyToolbar - regsvr32 /u /s C:\Program Files\Iminent\SaveMoney\tbcore3.dll (Fichier manquant)
    (Orpheline) HKLM,Uninstall - TBSB06153.TBSB06153Toolbar - regsvr32 /u /s C:\Program Files\IEToolbar\Share Accelerator\ShareAcceleratorToolbar12_11_08.dll (Fichier manquant)
    .
    ============== SCAN ADDITIONNEL ==============
    .
    * Mozilla FireFox Version 3.0.14 (fr) *
    .
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.download.dir: C:\\Documents and Settings\\bernard\\Mes documents
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\bernard\\Mes documents
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.defaultenginename: Google
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.defaulturl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Search
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://google.atcomet.com/m/
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.0.4
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://www.plusnetwork.com
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Search
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://www.plusnetwork.com
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Search
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://www.plusnetwork.com
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Search
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://www.plusnetwork.com
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Search
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage:
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage:
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://fr.msn.com/
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Searchbrowser.startup.homepage: hxxp://www.msn.fr/
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Searchbrowser.startup.homepage: hxxp://www.msn.fr/
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Search
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://fr.msn.com/
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Search
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://www.msn.fr/
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Search
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://fr.msn.com/
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Live Search
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.bing.com/search?mkt=fr-FR&form=MIMWA2&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Bing
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://www.wibeez.com/meteo
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.wibeez.com/meteo?search&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Wibeez
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage: hxxp://fr.msn.com/
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.bing.com/search?mkt=fr-FR&form=MIMWA2&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.search.selectedEngine: Bing
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - browser.startup.homepage:
    C:\Documents and Settings\bernard\..\s7vv4542.default\prefs.js - keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    C:\Documents and Settings\bernard\..\s7vv4542.default\user.js - keyword.URL: hxxp://redirecterror.sfr.fr/?q=
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm
    .
    ============== SUSPECT(S) ==============
    .
    C:\Documents and Settings\bernard\Local Settings\Application Data\piratrax\data_patch.tmp.doc.zip
    .
    ========================================
    .
    C:\DOCUME~1\bernard\LOCALS~1\Temp: 2 Fichier(s), 3 Dossier(s)
    C:\WINDOWS\temp: 2 Fichier(s), 0 Dossier(s)
    Temporary Internet Files: 2 Fichier(s), 5 Dossier(s)
    .
    C:\Ad-Remover\Quarantine: 5 Fichier(s)
    C:\Ad-Remover\Backup: 14 Fichier(s)
    .
    C:\Ad-Report-CLEAN[1].txt - 13130 Octet(s)
    .
    Fin à: 20:38:08, 24/04/2010
    .
    ============== E.O.F - CLEAN[1] ==============
    0
  9. max71
     
    slt guillame5188, j'ai du quitté hier soir . Donc j'ai posté les deux rapport que tu m'a demandé , que doit-je faire maintenant ??
    0
  10. Utilisateur anonyme
     
    Bonjour

    Relis mon précédent post il te reste quelque chose à faire:LopSD

    @+
    0
  11. max71
     
    je suis embété ,je ne sais desactivé mon antivirus ,comment fait -on ??
    0
  12. max71
     
    Ok j'ai desactivé mon antivirus ,voici le rapport lopSD

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
    BIOS : BIOS Date: 11/17/05 21:52:19 Ver: 08.00.12
    USER : bernard ( Administrator )
    BOOT : Normal boot
    Antivirus : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:17 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 25/04/2010| 8:46 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [20/07/2009|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    [18/09/2009|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{E9D4EC0D-4841-4A28-B657-3DF7CF6A443C}
    [13/06/2009|15:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [17/08/2009|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [13/07/2009|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
    [13/07/2009|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
    [21/03/2008|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [09/01/2009|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [12/02/2009|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ashampoo
    [10/04/2010|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [17/02/2009|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [10/08/2007|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [13/09/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
    [23/04/2010|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\boost_interprocess
    [09/11/2009|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Boss Media
    [26/01/2010|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\clp
    [04/02/2010|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Common Toolkit Suite
    [28/02/2010|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [05/02/2010|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [11/01/2008|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [14/01/2009|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [31/12/2007|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
    [24/08/2009|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [17/08/2008|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [20/03/2010|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [14/02/2010|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [09/08/2007|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
    [26/08/2007|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [13/11/2009|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton
    [13/11/2009|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
    [05/03/2009|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
    [06/04/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Philips Intelligent Agent
    [18/09/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [29/12/2009|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartControl II
    [24/04/2010|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [30/03/2010|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun
    [28/12/2007|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
    [13/11/2009|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [22/04/2010|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [02/10/2008|02:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [18/09/2009|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Toolbar4
    [18/04/2009|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TVU Networks
    [09/08/2007|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [09/08/2007|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [02/09/2007|13:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [14/12/2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
    [18/05/2009|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [28/04/2009|11:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [08/12/2007|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    [24/01/2010|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [13/11/2009|20:15] C:\DOCUME~1\bernard\APPLIC~1\Adobe
    [09/08/2007|02:49] C:\DOCUME~1\bernard\APPLIC~1\Ahead
    [08/10/2008|23:21] C:\DOCUME~1\bernard\APPLIC~1\Apple Computer
    [25/01/2009|14:54] C:\DOCUME~1\bernard\APPLIC~1\ATI
    [05/01/2008|12:01] C:\DOCUME~1\bernard\APPLIC~1\Audacity
    [26/06/2009|18:47] C:\DOCUME~1\bernard\APPLIC~1\Auslogics
    [11/04/2010|08:22] C:\DOCUME~1\bernard\APPLIC~1\Avira
    [17/02/2009|18:02] C:\DOCUME~1\bernard\APPLIC~1\AVS4YOU
    [02/02/2010|16:08] C:\DOCUME~1\bernard\APPLIC~1\Azureus
    [02/05/2009|15:40] C:\DOCUME~1\bernard\APPLIC~1\CamfrogWEB
    [18/12/2008|18:57] C:\DOCUME~1\bernard\APPLIC~1\Canneverbe_Limited
    [20/06/2009|11:04] C:\DOCUME~1\bernard\APPLIC~1\CometNetwork
    [04/02/2010|18:44] C:\DOCUME~1\bernard\APPLIC~1\Common Toolkit Suite
    [24/08/2009|09:33] C:\DOCUME~1\bernard\APPLIC~1\DisplayTune
    [10/08/2007|11:50] C:\DOCUME~1\bernard\APPLIC~1\DivX
    [02/09/2009|20:43] C:\DOCUME~1\bernard\APPLIC~1\EPSON
    [29/12/2007|16:34] C:\DOCUME~1\bernard\APPLIC~1\ESTsoft
    [24/01/2010|11:41] C:\DOCUME~1\bernard\APPLIC~1\Fighters
    [05/03/2009|17:07] C:\DOCUME~1\bernard\APPLIC~1\GetRightToGo
    [10/08/2007|08:05] C:\DOCUME~1\bernard\APPLIC~1\Google
    [05/01/2008|12:24] C:\DOCUME~1\bernard\APPLIC~1\Help
    [12/01/2010|19:43] C:\DOCUME~1\bernard\APPLIC~1\Icones
    [24/01/2010|16:15] C:\DOCUME~1\bernard\APPLIC~1\Identities
    [19/04/2008|16:42] C:\DOCUME~1\bernard\APPLIC~1\InstallShield
    [16/12/2007|19:52] C:\DOCUME~1\bernard\APPLIC~1\JLC's Software
    [02/02/2010|16:22] C:\DOCUME~1\bernard\APPLIC~1\LimeWire
    [09/08/2007|05:40] C:\DOCUME~1\bernard\APPLIC~1\Macromedia
    [17/08/2008|20:44] C:\DOCUME~1\bernard\APPLIC~1\Malwarebytes
    [14/02/2010|09:40] C:\DOCUME~1\bernard\APPLIC~1\Megaupload
    [08/11/2007|16:02] C:\DOCUME~1\bernard\APPLIC~1\Microgaming
    [07/06/2009|08:25] C:\DOCUME~1\bernard\APPLIC~1\Microsoft
    [09/08/2007|02:56] C:\DOCUME~1\bernard\APPLIC~1\Microsoft Web Folders
    [13/07/2009|11:49] C:\DOCUME~1\bernard\APPLIC~1\Mozilla
    [18/09/2007|14:38] C:\DOCUME~1\bernard\APPLIC~1\MSN6
    [08/01/2008|21:25] C:\DOCUME~1\bernard\APPLIC~1\NetMedia Providers
    [08/01/2008|21:25] C:\DOCUME~1\bernard\APPLIC~1\Publish Providers
    [27/01/2009|09:48] C:\DOCUME~1\bernard\APPLIC~1\Real
    [11/03/2009|12:42] C:\DOCUME~1\bernard\APPLIC~1\Samsung
    [08/01/2008|21:25] C:\DOCUME~1\bernard\APPLIC~1\Sony
    [25/12/2007|09:50] C:\DOCUME~1\bernard\APPLIC~1\Sony Ericsson
    [05/01/2008|20:03] C:\DOCUME~1\bernard\APPLIC~1\Sony Setup
    [01/12/2009|19:55] C:\DOCUME~1\bernard\APPLIC~1\SPAMfighter
    [20/01/2008|19:40] C:\DOCUME~1\bernard\APPLIC~1\Sun
    [09/08/2007|17:13] C:\DOCUME~1\bernard\APPLIC~1\Talkback
    [25/12/2007|09:50] C:\DOCUME~1\bernard\APPLIC~1\Teleca
    [09/01/2009|16:37] C:\DOCUME~1\bernard\APPLIC~1\TigerPlayer
    [02/10/2008|02:36] C:\DOCUME~1\bernard\APPLIC~1\TomTom
    [02/05/2009|18:50] C:\DOCUME~1\bernard\APPLIC~1\Uniblue
    [01/02/2008|20:45] C:\DOCUME~1\bernard\APPLIC~1\vlc
    [09/02/2008|13:59] C:\DOCUME~1\bernard\APPLIC~1\Weflirt
    [12/08/2007|13:01] C:\DOCUME~1\bernard\APPLIC~1\WinRAR
    [08/12/2007|14:23] C:\DOCUME~1\bernard\APPLIC~1\Yahoo!
    [24/01/2010|16:15] C:\DOCUME~1\bernard\APPLIC~1\Zylom

    [09/08/2007|02:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [12/01/2010|19:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SPAMfighter

    [24/07/2008|10:14] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
    [25/01/2009|14:42] C:\DOCUME~1\INVIT~1\APPLIC~1\ATI
    [18/08/2008|12:55] C:\DOCUME~1\INVIT~1\APPLIC~1\DivX
    [24/07/2008|10:43] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
    [24/09/2007|07:17] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [24/09/2007|07:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
    [24/07/2008|10:14] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [18/08/2008|14:36] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
    [18/08/2008|14:36] C:\DOCUME~1\INVIT~1\APPLIC~1\Talkback
    [24/07/2008|10:14] C:\DOCUME~1\INVIT~1\APPLIC~1\Yahoo!

    [25/10/2009|11:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [12/01/2010|19:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\ATI
    [12/01/2010|19:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\DisplayTune
    [12/01/2010|19:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Identities
    [09/08/2007|02:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [14/12/2008|17:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
    [13/01/2010|19:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\SPAMfighter

    [09/08/2007|02:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [24/04/2010 20:48][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-515967899-725345543-1003UA.job
    [12/04/2010 06:48][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-515967899-725345543-1003Core.job
    [24/04/2010 19:47][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{49F7B3B3-8A21-4A97-93C3-0FAF7E239C27}.job
    [12/04/2010 21:30][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [25/04/2010 08:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [07/09/2008|14:15] C:\Program Files\7-Zip
    [09/08/2007|15:22] C:\Program Files\ABBYY FineReader 6.0 Sprint
    [22/08/2008|20:53] C:\Program Files\Adobe
    [11/01/2009|10:18] C:\Program Files\ahead
    [19/04/2008|16:43] C:\Program Files\AMD
    [05/01/2008|18:11] C:\Program Files\Analog Devices
    [08/10/2008|23:11] C:\Program Files\Apple Software Update
    [25/01/2009|14:50] C:\Program Files\ATI Technologies
    [09/10/2008|21:44] C:\Program Files\AtomixMP3
    [12/01/2010|20:09] C:\Program Files\Auslogics
    [10/04/2010|21:13] C:\Program Files\Avira
    [20/07/2009|21:40] C:\Program Files\Bonjour
    [17/03/2009|09:09] C:\Program Files\CCleaner
    [17/03/2009|09:09] C:\Program Files\CDBurnerXP
    [10/08/2009|12:42] C:\Program Files\CFWebAdvancedU_BOBTV.FR
    [28/04/2009|11:24] C:\Program Files\Circle Developement
    [08/12/2007|17:21] C:\Program Files\Common Files
    [09/08/2007|01:57] C:\Program Files\ComPlus Applications
    [13/04/2009|18:28] C:\Program Files\Conduit
    [20/06/2009|11:00] C:\Program Files\DivX
    [21/01/2009|12:54] C:\Program Files\EA GAMES
    [14/02/2010|12:45] C:\Program Files\Electronic Arts
    [14/06/2009|12:30] C:\Program Files\eMule
    [09/08/2007|15:23] C:\Program Files\epson
    [30/03/2010|18:16] C:\Program Files\Fichiers communs
    [24/01/2010|11:47] C:\Program Files\Fighters
    [05/03/2009|17:13] C:\Program Files\Fx Splitter
    [05/02/2010|18:01] C:\Program Files\Google
    [10/08/2009|10:36] C:\Program Files\Hercules
    [14/02/2010|09:40] C:\Program Files\InstallShield Installation Information
    [31/03/2010|20:52] C:\Program Files\Internet Explorer
    [30/03/2010|18:16] C:\Program Files\Java
    [28/11/2009|17:42] C:\Program Files\JkDefrag
    [02/01/2008|16:32] C:\Program Files\JLC's Software
    [07/12/2008|18:43] C:\Program Files\K!TV
    [31/12/2007|10:23] C:\Program Files\Kodak
    [19/12/2008|17:50] C:\Program Files\Lavalys
    [12/01/2008|18:39] C:\Program Files\Lavasoft
    [28/12/2008|11:24] C:\Program Files\Logitech
    [24/08/2009|18:16] C:\Program Files\ma-config.com
    [03/04/2010|09:57] C:\Program Files\Malwarebytes' Anti-Malware
    [14/02/2010|09:40] C:\Program Files\Megaupload
    [28/04/2009|10:45] C:\Program Files\Messenger
    [19/01/2010|19:21] C:\Program Files\Messenger Plus! Live
    [07/12/2008|19:57] C:\Program Files\MeuhMeuhTV
    [20/02/2009|17:17] C:\Program Files\Microsoft
    [03/09/2007|20:36] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [09/08/2007|02:56] C:\Program Files\microsoft frontpage
    [09/08/2007|02:56] C:\Program Files\Microsoft Office
    [21/01/2010|18:49] C:\Program Files\Microsoft Silverlight
    [27/03/2008|18:54] C:\Program Files\Microsoft SQL Server Compact Edition
    [20/02/2009|17:20] C:\Program Files\Microsoft Sync Framework
    [01/09/2007|16:46] C:\Program Files\Microsoft Visual Studio
    [11/03/2010|20:43] C:\Program Files\Movie Maker
    [06/04/2010|16:23] C:\Program Files\Mozilla Firefox
    [23/04/2010|21:41] C:\Program Files\MpcStar
    [15/02/2009|18:20] C:\Program Files\MSBuild
    [28/04/2009|11:02] C:\Program Files\MSECACHE
    [22/12/2008|18:03] C:\Program Files\msn
    [09/08/2007|01:57] C:\Program Files\MSN Gaming Zone
    [18/09/2007|19:29] C:\Program Files\MSXML 4.0
    [06/03/2010|09:27] C:\Program Files\N1busCalculatrice
    [20/07/2008|12:07] C:\Program Files\NetMeeting
    [28/04/2009|19:01] C:\Program Files\Neuf
    [05/03/2009|09:26] C:\Program Files\NOS
    [13/06/2009|18:52] C:\Program Files\Ontrack
    [12/08/2009|13:03] C:\Program Files\Outlook Express
    [22/08/2008|21:44] C:\Program Files\Panda Security
    [24/08/2009|09:29] C:\Program Files\Philips Display
    [09/08/2007|02:51] C:\Program Files\Philips Intelligent Agent
    [05/02/2010|19:29] C:\Program Files\Piratrax
    [24/08/2009|09:30] C:\Program Files\Portrait Displays
    [20/06/2009|10:59] C:\Program Files\QuickTime
    [15/02/2009|18:19] C:\Program Files\Reference Assemblies
    [22/08/2008|22:37] C:\Program Files\Samsung
    [09/08/2007|01:57] C:\Program Files\Services en ligne
    [27/04/2009|19:07] C:\Program Files\SFR
    [19/07/2009|12:06] C:\Program Files\SFR PC Assistant
    [24/03/2008|12:15] C:\Program Files\Sony
    [08/01/2008|20:48] C:\Program Files\Sony Setup
    [03/04/2009|17:18] C:\Program Files\SopCast
    [17/04/2010|18:51] C:\Program Files\Spybot - Search & Destroy
    [19/04/2010|18:13] C:\Program Files\SpywareBlaster
    [23/07/2008|18:49] C:\Program Files\Sun
    [14/12/2007|20:05] C:\Program Files\Take2
    [21/01/2009|12:32] C:\Program Files\TLKGAMES
    [02/10/2008|02:34] C:\Program Files\TomTom DesktopSuite
    [22/04/2010|17:32] C:\Program Files\TomTom HOME 2
    [23/03/2009|10:23] C:\Program Files\TomTom International B.V
    [21/12/2007|17:03] C:\Program Files\TrackMania Nations ESWC
    [06/02/2010|16:53] C:\Program Files\Trend Micro
    [30/03/2009|19:25] C:\Program Files\TVAnts
    [24/01/2010|12:23] C:\Program Files\UltraMixer
    [09/08/2007|02:03] C:\Program Files\Uninstall Information
    [28/04/2009|11:02] C:\Program Files\Windows Installer Clean Up
    [11/10/2009|09:11] C:\Program Files\Windows Live
    [09/05/2009|12:53] C:\Program Files\Windows Live SkyDrive
    [09/05/2009|12:56] C:\Program Files\Windows Live Toolbar
    [18/06/2008|18:39] C:\Program Files\Windows Media Connect 2
    [30/04/2009|15:29] C:\Program Files\Windows Media Player
    [20/07/2008|12:07] C:\Program Files\Windows NT
    [09/08/2007|15:29] C:\Program Files\WindowsUpdate
    [12/06/2009|17:18] C:\Program Files\WinRAR
    [07/12/2008|18:14] C:\Program Files\WinTV
    [18/05/2009|18:32] C:\Program Files\WinZip
    [09/08/2007|02:00] C:\Program Files\xerox
    [05/01/2008|12:21] C:\Program Files\Xing
    [21/06/2009|19:21] C:\Program Files\Zapu
    [24/04/2010|19:09] C:\Program Files\ZHPDiag
    [24/01/2010|16:19] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [14/03/2009|09:18] C:\Program Files\Fichiers communs\Adobe
    [09/08/2007|16:34] C:\Program Files\Fichiers communs\Ahead
    [26/07/2009|18:55] C:\Program Files\Fichiers communs\Apple
    [17/02/2009|18:04] C:\Program Files\Fichiers communs\AVSMedia
    [04/02/2010|18:44] C:\Program Files\Fichiers communs\Common Toolkit Suite
    [09/08/2007|02:57] C:\Program Files\Fichiers communs\Designer
    [21/01/2009|12:56] C:\Program Files\Fichiers communs\DirectX
    [20/06/2009|11:00] C:\Program Files\Fichiers communs\DivX Shared
    [09/08/2007|15:25] C:\Program Files\Fichiers communs\InstallShield
    [30/03/2010|18:16] C:\Program Files\Fichiers communs\Java
    [14/01/2009|15:52] C:\Program Files\Fichiers communs\Logitech
    [29/04/2009|00:46] C:\Program Files\Fichiers communs\Microsoft Shared
    [09/08/2007|01:58] C:\Program Files\Fichiers communs\MSSoap
    [09/08/2007|02:50] C:\Program Files\Fichiers communs\ODBC
    [24/08/2009|09:29] C:\Program Files\Fichiers communs\Portrait Displays
    [09/08/2007|01:58] C:\Program Files\Fichiers communs\Services
    [09/08/2007|02:50] C:\Program Files\Fichiers communs\SpeechEngines
    [13/11/2009|20:57] C:\Program Files\Fichiers communs\Symantec Shared
    [20/07/2008|12:07] C:\Program Files\Fichiers communs\System
    [20/02/2009|17:12] C:\Program Files\Fichiers communs\Windows Live
    [12/11/2007|15:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [02/01/2008|15:51] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [05/01/2008|12:21] C:\Program Files\Fichiers communs\Xing Shared

    --------------------\\ Process

    ( 54 Processes )

    iexplore.exe ~ [PID:2800]
    iexplore.exe ~ [PID:3424]
    iexplore.exe ~ [PID:1592]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\Program Files\Circle Developement

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-04-25 08:47:19
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 13

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:11][D:3]-> C:\DOCUME~1\bernard\LOCALS~1\Temp
    [F:68][D:0]-> C:\DOCUME~1\bernard\Cookies
    [F:604][D:5]-> C:\DOCUME~1\bernard\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 25/04/2010| 8:40 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 25/04/2010| 8:48 - Option : [1]

    --------------------\\ Fin du rapport a 8:48:13
    0
  13. Utilisateur anonyme
     
    Re

    1)Relance Lop S&D

    Choisis cette fois-ci l'option 2 (Suppression)

    Ne ferme pas la fenêtre lors de la suppression !

    Poste le rapport généré (C:\lopR.txt)

    * (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

    2)Envoie ce fichier comme demandé ,ensuite supprime le.
    Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_BERNARD-8P1PK15.zip : https://www.ionos.fr/?affiliate_id=77097
    Merci pour votre contribution .


    3)Télécharges OTMoveIt3 (de Old_Timer) sur ton Bureau.

    http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/

    ! Déconnectes toi et fermes toute tes applications en cours !

    Double cliques sur "OTMoveIt" pour ouvrir le programme.
    Puis copies ce qui se trouve en gras
    ci-dessous:


    :Processes

    :Services

    :Reg

    :Files
    C:\Documents and Settings\bernard\Local Settings\Application Data\piratrax\data_patch.tmp.doc.zip

    :Commands
    [purity]
    [emptytemp]


    et colles le dans le cadre de gauche de OTMoveIt3 :
    Paste Instructions for Items to be Moved.
    (ne touche à rien d'autre !)

    -> cliques sur MoveIt! pour lancer la suppression.
    -> laisses travailler l'outil ...

    (Note : ton bureau va disparaître puis réapparaître, c'est normal.)

    -> Une fois finis, un petite fenêtre s'ouvre : cliques sur " Yes " .

    Ton PC va redémarrer de lui même ...
    -->Postes le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"

    4)Tu disposes de Malwaresbytes;met le à jour et lance un scan rapide;supprime bien tout se qu'il trouve ;poste moi son rapport à l'issue.

    Poste moi les rapports au fur et à mesure;merci
    @+
    0
  14. max71
     
    rapport lopSD

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
    BIOS : BIOS Date: 11/17/05 21:52:19 Ver: 08.00.12
    USER : bernard ( Administrator )
    BOOT : Normal boot
    Antivirus : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:17 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 25/04/2010| 9:37 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\Program Files\Circle Developement
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [20/07/2009|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    [18/09/2009|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{E9D4EC0D-4841-4A28-B657-3DF7CF6A443C}
    [13/06/2009|15:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [17/08/2009|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [13/07/2009|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
    [13/07/2009|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
    [21/03/2008|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [09/01/2009|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [12/02/2009|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ashampoo
    [10/04/2010|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [17/02/2009|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [10/08/2007|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [13/09/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
    [23/04/2010|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\boost_interprocess
    [09/11/2009|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Boss Media
    [26/01/2010|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\clp
    [04/02/2010|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Common Toolkit Suite
    [28/02/2010|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [05/02/2010|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [11/01/2008|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [14/01/2009|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [31/12/2007|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
    [24/08/2009|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [17/08/2008|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [20/03/2010|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [14/02/2010|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [09/08/2007|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
    [26/08/2007|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [13/11/2009|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton
    [13/11/2009|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
    [05/03/2009|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
    [06/04/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Philips Intelligent Agent
    [18/09/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [29/12/2009|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartControl II
    [24/04/2010|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [30/03/2010|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun
    [28/12/2007|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
    [13/11/2009|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [22/04/2010|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [02/10/2008|02:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [18/09/2009|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Toolbar4
    [18/04/2009|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TVU Networks
    [09/08/2007|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [09/08/2007|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [02/09/2007|13:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [14/12/2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
    [18/05/2009|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [28/04/2009|11:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [08/12/2007|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    [24/01/2010|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [13/11/2009|20:15] C:\DOCUME~1\bernard\APPLIC~1\Adobe
    [09/08/2007|02:49] C:\DOCUME~1\bernard\APPLIC~1\Ahead
    [08/10/2008|23:21] C:\DOCUME~1\bernard\APPLIC~1\Apple Computer
    [25/01/2009|14:54] C:\DOCUME~1\bernard\APPLIC~1\ATI
    [05/01/2008|12:01] C:\DOCUME~1\bernard\APPLIC~1\Audacity
    [26/06/2009|18:47] C:\DOCUME~1\bernard\APPLIC~1\Auslogics
    [11/04/2010|08:22] C:\DOCUME~1\bernard\APPLIC~1\Avira
    [17/02/2009|18:02] C:\DOCUME~1\bernard\APPLIC~1\AVS4YOU
    [02/02/2010|16:08] C:\DOCUME~1\bernard\APPLIC~1\Azureus
    [02/05/2009|15:40] C:\DOCUME~1\bernard\APPLIC~1\CamfrogWEB
    [18/12/2008|18:57] C:\DOCUME~1\bernard\APPLIC~1\Canneverbe_Limited
    [20/06/2009|11:04] C:\DOCUME~1\bernard\APPLIC~1\CometNetwork
    [04/02/2010|18:44] C:\DOCUME~1\bernard\APPLIC~1\Common Toolkit Suite
    [24/08/2009|09:33] C:\DOCUME~1\bernard\APPLIC~1\DisplayTune
    [10/08/2007|11:50] C:\DOCUME~1\bernard\APPLIC~1\DivX
    [02/09/2009|20:43] C:\DOCUME~1\bernard\APPLIC~1\EPSON
    [29/12/2007|16:34] C:\DOCUME~1\bernard\APPLIC~1\ESTsoft
    [24/01/2010|11:41] C:\DOCUME~1\bernard\APPLIC~1\Fighters
    [05/03/2009|17:07] C:\DOCUME~1\bernard\APPLIC~1\GetRightToGo
    [10/08/2007|08:05] C:\DOCUME~1\bernard\APPLIC~1\Google
    [05/01/2008|12:24] C:\DOCUME~1\bernard\APPLIC~1\Help
    [12/01/2010|19:43] C:\DOCUME~1\bernard\APPLIC~1\Icones
    [24/01/2010|16:15] C:\DOCUME~1\bernard\APPLIC~1\Identities
    [19/04/2008|16:42] C:\DOCUME~1\bernard\APPLIC~1\InstallShield
    [16/12/2007|19:52] C:\DOCUME~1\bernard\APPLIC~1\JLC's Software
    [02/02/2010|16:22] C:\DOCUME~1\bernard\APPLIC~1\LimeWire
    [09/08/2007|05:40] C:\DOCUME~1\bernard\APPLIC~1\Macromedia
    [17/08/2008|20:44] C:\DOCUME~1\bernard\APPLIC~1\Malwarebytes
    [14/02/2010|09:40] C:\DOCUME~1\bernard\APPLIC~1\Megaupload
    [08/11/2007|16:02] C:\DOCUME~1\bernard\APPLIC~1\Microgaming
    [07/06/2009|08:25] C:\DOCUME~1\bernard\APPLIC~1\Microsoft
    [09/08/2007|02:56] C:\DOCUME~1\bernard\APPLIC~1\Microsoft Web Folders
    [13/07/2009|11:49] C:\DOCUME~1\bernard\APPLIC~1\Mozilla
    [18/09/2007|14:38] C:\DOCUME~1\bernard\APPLIC~1\MSN6
    [08/01/2008|21:25] C:\DOCUME~1\bernard\APPLIC~1\NetMedia Providers
    [08/01/2008|21:25] C:\DOCUME~1\bernard\APPLIC~1\Publish Providers
    [27/01/2009|09:48] C:\DOCUME~1\bernard\APPLIC~1\Real
    [11/03/2009|12:42] C:\DOCUME~1\bernard\APPLIC~1\Samsung
    [08/01/2008|21:25] C:\DOCUME~1\bernard\APPLIC~1\Sony
    [25/12/2007|09:50] C:\DOCUME~1\bernard\APPLIC~1\Sony Ericsson
    [05/01/2008|20:03] C:\DOCUME~1\bernard\APPLIC~1\Sony Setup
    [01/12/2009|19:55] C:\DOCUME~1\bernard\APPLIC~1\SPAMfighter
    [20/01/2008|19:40] C:\DOCUME~1\bernard\APPLIC~1\Sun
    [09/08/2007|17:13] C:\DOCUME~1\bernard\APPLIC~1\Talkback
    [25/12/2007|09:50] C:\DOCUME~1\bernard\APPLIC~1\Teleca
    [09/01/2009|16:37] C:\DOCUME~1\bernard\APPLIC~1\TigerPlayer
    [02/10/2008|02:36] C:\DOCUME~1\bernard\APPLIC~1\TomTom
    [02/05/2009|18:50] C:\DOCUME~1\bernard\APPLIC~1\Uniblue
    [01/02/2008|20:45] C:\DOCUME~1\bernard\APPLIC~1\vlc
    [09/02/2008|13:59] C:\DOCUME~1\bernard\APPLIC~1\Weflirt
    [12/08/2007|13:01] C:\DOCUME~1\bernard\APPLIC~1\WinRAR
    [08/12/2007|14:23] C:\DOCUME~1\bernard\APPLIC~1\Yahoo!
    [24/01/2010|16:15] C:\DOCUME~1\bernard\APPLIC~1\Zylom

    [09/08/2007|02:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [12/01/2010|19:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SPAMfighter

    [24/07/2008|10:14] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
    [25/01/2009|14:42] C:\DOCUME~1\INVIT~1\APPLIC~1\ATI
    [18/08/2008|12:55] C:\DOCUME~1\INVIT~1\APPLIC~1\DivX
    [24/07/2008|10:43] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
    [24/09/2007|07:17] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [24/09/2007|07:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
    [24/07/2008|10:14] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [18/08/2008|14:36] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
    [18/08/2008|14:36] C:\DOCUME~1\INVIT~1\APPLIC~1\Talkback
    [24/07/2008|10:14] C:\DOCUME~1\INVIT~1\APPLIC~1\Yahoo!

    [25/10/2009|11:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [12/01/2010|19:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\ATI
    [12/01/2010|19:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\DisplayTune
    [12/01/2010|19:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Identities
    [09/08/2007|02:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [14/12/2008|17:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
    [13/01/2010|19:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\SPAMfighter

    [09/08/2007|02:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [25/04/2010 08:48][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-515967899-725345543-1003UA.job
    [12/04/2010 06:48][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-515967899-725345543-1003Core.job
    [24/04/2010 19:47][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{49F7B3B3-8A21-4A97-93C3-0FAF7E239C27}.job
    [12/04/2010 21:30][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [25/04/2010 08:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [07/09/2008|14:15] C:\Program Files\7-Zip
    [09/08/2007|15:22] C:\Program Files\ABBYY FineReader 6.0 Sprint
    [22/08/2008|20:53] C:\Program Files\Adobe
    [11/01/2009|10:18] C:\Program Files\ahead
    [19/04/2008|16:43] C:\Program Files\AMD
    [05/01/2008|18:11] C:\Program Files\Analog Devices
    [08/10/2008|23:11] C:\Program Files\Apple Software Update
    [25/01/2009|14:50] C:\Program Files\ATI Technologies
    [09/10/2008|21:44] C:\Program Files\AtomixMP3
    [12/01/2010|20:09] C:\Program Files\Auslogics
    [10/04/2010|21:13] C:\Program Files\Avira
    [20/07/2009|21:40] C:\Program Files\Bonjour
    [17/03/2009|09:09] C:\Program Files\CCleaner
    [17/03/2009|09:09] C:\Program Files\CDBurnerXP
    [10/08/2009|12:42] C:\Program Files\CFWebAdvancedU_BOBTV.FR
    [08/12/2007|17:21] C:\Program Files\Common Files
    [09/08/2007|01:57] C:\Program Files\ComPlus Applications
    [13/04/2009|18:28] C:\Program Files\Conduit
    [20/06/2009|11:00] C:\Program Files\DivX
    [21/01/2009|12:54] C:\Program Files\EA GAMES
    [14/02/2010|12:45] C:\Program Files\Electronic Arts
    [14/06/2009|12:30] C:\Program Files\eMule
    [09/08/2007|15:23] C:\Program Files\epson
    [30/03/2010|18:16] C:\Program Files\Fichiers communs
    [24/01/2010|11:47] C:\Program Files\Fighters
    [05/03/2009|17:13] C:\Program Files\Fx Splitter
    [05/02/2010|18:01] C:\Program Files\Google
    [10/08/2009|10:36] C:\Program Files\Hercules
    [14/02/2010|09:40] C:\Program Files\InstallShield Installation Information
    [31/03/2010|20:52] C:\Program Files\Internet Explorer
    [30/03/2010|18:16] C:\Program Files\Java
    [28/11/2009|17:42] C:\Program Files\JkDefrag
    [02/01/2008|16:32] C:\Program Files\JLC's Software
    [07/12/2008|18:43] C:\Program Files\K!TV
    [31/12/2007|10:23] C:\Program Files\Kodak
    [19/12/2008|17:50] C:\Program Files\Lavalys
    [12/01/2008|18:39] C:\Program Files\Lavasoft
    [28/12/2008|11:24] C:\Program Files\Logitech
    [24/08/2009|18:16] C:\Program Files\ma-config.com
    [03/04/2010|09:57] C:\Program Files\Malwarebytes' Anti-Malware
    [14/02/2010|09:40] C:\Program Files\Megaupload
    [28/04/2009|10:45] C:\Program Files\Messenger
    [19/01/2010|19:21] C:\Program Files\Messenger Plus! Live
    [07/12/2008|19:57] C:\Program Files\MeuhMeuhTV
    [20/02/2009|17:17] C:\Program Files\Microsoft
    [03/09/2007|20:36] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [09/08/2007|02:56] C:\Program Files\microsoft frontpage
    [09/08/2007|02:56] C:\Program Files\Microsoft Office
    [21/01/2010|18:49] C:\Program Files\Microsoft Silverlight
    [27/03/2008|18:54] C:\Program Files\Microsoft SQL Server Compact Edition
    [20/02/2009|17:20] C:\Program Files\Microsoft Sync Framework
    [01/09/2007|16:46] C:\Program Files\Microsoft Visual Studio
    [11/03/2010|20:43] C:\Program Files\Movie Maker
    [06/04/2010|16:23] C:\Program Files\Mozilla Firefox
    [23/04/2010|21:41] C:\Program Files\MpcStar
    [15/02/2009|18:20] C:\Program Files\MSBuild
    [28/04/2009|11:02] C:\Program Files\MSECACHE
    [22/12/2008|18:03] C:\Program Files\msn
    [09/08/2007|01:57] C:\Program Files\MSN Gaming Zone
    [18/09/2007|19:29] C:\Program Files\MSXML 4.0
    [06/03/2010|09:27] C:\Program Files\N1busCalculatrice
    [20/07/2008|12:07] C:\Program Files\NetMeeting
    [28/04/2009|19:01] C:\Program Files\Neuf
    [05/03/2009|09:26] C:\Program Files\NOS
    [13/06/2009|18:52] C:\Program Files\Ontrack
    [12/08/2009|13:03] C:\Program Files\Outlook Express
    [22/08/2008|21:44] C:\Program Files\Panda Security
    [24/08/2009|09:29] C:\Program Files\Philips Display
    [09/08/2007|02:51] C:\Program Files\Philips Intelligent Agent
    [05/02/2010|19:29] C:\Program Files\Piratrax
    [24/08/2009|09:30] C:\Program Files\Portrait Displays
    [20/06/2009|10:59] C:\Program Files\QuickTime
    [15/02/2009|18:19] C:\Program Files\Reference Assemblies
    [22/08/2008|22:37] C:\Program Files\Samsung
    [09/08/2007|01:57] C:\Program Files\Services en ligne
    [27/04/2009|19:07] C:\Program Files\SFR
    [19/07/2009|12:06] C:\Program Files\SFR PC Assistant
    [24/03/2008|12:15] C:\Program Files\Sony
    [08/01/2008|20:48] C:\Program Files\Sony Setup
    [03/04/2009|17:18] C:\Program Files\SopCast
    [17/04/2010|18:51] C:\Program Files\Spybot - Search & Destroy
    [19/04/2010|18:13] C:\Program Files\SpywareBlaster
    [23/07/2008|18:49] C:\Program Files\Sun
    [14/12/2007|20:05] C:\Program Files\Take2
    [21/01/2009|12:32] C:\Program Files\TLKGAMES
    [02/10/2008|02:34] C:\Program Files\TomTom DesktopSuite
    [22/04/2010|17:32] C:\Program Files\TomTom HOME 2
    [23/03/2009|10:23] C:\Program Files\TomTom International B.V
    [21/12/2007|17:03] C:\Program Files\TrackMania Nations ESWC
    [06/02/2010|16:53] C:\Program Files\Trend Micro
    [30/03/2009|19:25] C:\Program Files\TVAnts
    [24/01/2010|12:23] C:\Program Files\UltraMixer
    [09/08/2007|02:03] C:\Program Files\Uninstall Information
    [28/04/2009|11:02] C:\Program Files\Windows Installer Clean Up
    [11/10/2009|09:11] C:\Program Files\Windows Live
    [09/05/2009|12:53] C:\Program Files\Windows Live SkyDrive
    [09/05/2009|12:56] C:\Program Files\Windows Live Toolbar
    [18/06/2008|18:39] C:\Program Files\Windows Media Connect 2
    [30/04/2009|15:29] C:\Program Files\Windows Media Player
    [20/07/2008|12:07] C:\Program Files\Windows NT
    [09/08/2007|15:29] C:\Program Files\WindowsUpdate
    [12/06/2009|17:18] C:\Program Files\WinRAR
    [07/12/2008|18:14] C:\Program Files\WinTV
    [18/05/2009|18:32] C:\Program Files\WinZip
    [09/08/2007|02:00] C:\Program Files\xerox
    [05/01/2008|12:21] C:\Program Files\Xing
    [21/06/2009|19:21] C:\Program Files\Zapu
    [24/04/2010|19:09] C:\Program Files\ZHPDiag
    [24/01/2010|16:19] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [14/03/2009|09:18] C:\Program Files\Fichiers communs\Adobe
    [09/08/2007|16:34] C:\Program Files\Fichiers communs\Ahead
    [26/07/2009|18:55] C:\Program Files\Fichiers communs\Apple
    [17/02/2009|18:04] C:\Program Files\Fichiers communs\AVSMedia
    [04/02/2010|18:44] C:\Program Files\Fichiers communs\Common Toolkit Suite
    [09/08/2007|02:57] C:\Program Files\Fichiers communs\Designer
    [21/01/2009|12:56] C:\Program Files\Fichiers communs\DirectX
    [20/06/2009|11:00] C:\Program Files\Fichiers communs\DivX Shared
    [09/08/2007|15:25] C:\Program Files\Fichiers communs\InstallShield
    [30/03/2010|18:16] C:\Program Files\Fichiers communs\Java
    [14/01/2009|15:52] C:\Program Files\Fichiers communs\Logitech
    [29/04/2009|00:46] C:\Program Files\Fichiers communs\Microsoft Shared
    [09/08/2007|01:58] C:\Program Files\Fichiers communs\MSSoap
    [09/08/2007|02:50] C:\Program Files\Fichiers communs\ODBC
    [24/08/2009|09:29] C:\Program Files\Fichiers communs\Portrait Displays
    [09/08/2007|01:58] C:\Program Files\Fichiers communs\Services
    [09/08/2007|02:50] C:\Program Files\Fichiers communs\SpeechEngines
    [13/11/2009|20:57] C:\Program Files\Fichiers communs\Symantec Shared
    [20/07/2008|12:07] C:\Program Files\Fichiers communs\System
    [20/02/2009|17:12] C:\Program Files\Fichiers communs\Windows Live
    [12/11/2007|15:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [02/01/2008|15:51] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [05/01/2008|12:21] C:\Program Files\Fichiers communs\Xing Shared

    --------------------\\ Process

    ( 50 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-04-25 09:38:44
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 13

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:4][D:3]-> C:\DOCUME~1\bernard\LOCALS~1\Temp
    [F:68][D:0]-> C:\DOCUME~1\bernard\Cookies
    [F:670][D:5]-> C:\DOCUME~1\bernard\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 25/04/2010| 8:40 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 25/04/2010| 8:48 - Option : [1]
    3 - "C:\Lop SD\LopR_3.txt" - 25/04/2010| 9:39 - Option : [2]

    --------------------\\ Fin du rapport a 9:39:40
    0
  15. max71
     
    impossible de telecharger otMovelt3 la page ne s'ouvre pas ??
    0
  16. Utilisateur anonyme
     
    Re

    Essaie ici:c'est un fichier compressé.

    http://www.cijoint.fr/cjlink.php?file=cj201004/cijIsiWsD2.zip

    @+
    0
  17. max71
     
    rapport ot movelt3

    All processes killed
    Error: Unable to interpret <Processes > in the current context!
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    C:\Documents and Settings\bernard\Local Settings\Application Data\piratrax\data_patch.tmp.doc.zip moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: %SystemDrive%

    User: All Users

    User: bernard
    ->Temp folder emptied: 612361 bytes
    ->Temporary Internet Files folder emptied: 12440060 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 49715734 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Apple Safari cache emptied: 16225796 bytes
    ->Flash cache emptied: 4479 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Invité
    ->Temp folder emptied: 1081295 bytes
    ->Temporary Internet Files folder emptied: 167435302 bytes
    ->FireFox cache emptied: 3820593 bytes
    ->Flash cache emptied: 1574 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 5392469 bytes
    ->FireFox cache emptied: 1901290 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 423508 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 1259007 bytes
    %systemroot%\System32 .tmp files removed: 5349376 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 483 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 36187 bytes

    Total Files Cleaned = 254,00 mb

    OTM by OldTimer - Version 3.1.10.2 log created on 04252010_114814

    Files moved on Reboot...
    C:\Documents and Settings\bernard\Local Settings\Temp\Rar$EX01.110\OTM.exe moved successfully.
    File C:\Documents and Settings\bernard\Local Settings\Temp\~DF707.tmp not found!
    File C:\Documents and Settings\bernard\Local Settings\Temp\~DF71F.tmp not found!
    File C:\Documents and Settings\bernard\Local Settings\Temp\~DF984.tmp not found!
    File C:\Documents and Settings\bernard\Local Settings\Temp\~DF9BC.tmp not found!
    File C:\Documents and Settings\bernard\Local Settings\Temp\~DFC4CB.tmp not found!
    File C:\Documents and Settings\bernard\Local Settings\Temp\~DFC4E3.tmp not found!
    C:\Documents and Settings\bernard\Local Settings\Temporary Internet Files\Content.IE5\5PMOU5V4\affich-17500234-besion-d-aide-trojan-spy-delf-iay[2].htm moved successfully.
    C:\Documents and Settings\bernard\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

    Registry entries deleted on Reboot...
    0
  18. max71
     
    rapport malwarebytes:

    Malwarebytes' Anti-Malware 1.45
    www.malwarebytes.org

    Version de la base de données: 4033

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    25/04/2010 12:07:12
    mbam-log-2010-04-25 (12-07-12).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 117828
    Temps écoulé: 5 minute(s), 49 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    0
  19. tory
     
    bonjour j'ai aussi un pb ac des chevaux de troie!! j'ai plus de 200 erreurs sur mon pc! en gros, je suis bourré de virus!! est-ce qqn pourrait m'aider en me donnant de bons logiciels gratuits pour enlever tt ça!! ou sinn si qqn connait un code d'activation pour CleanUp Antivirus...merci d'avance
    0
  20. Utilisateur anonyme
     
    Bonjour tory

    Crée ton propre sujet ;merci
    @+
    0
  21. Utilisateur anonyme
     
    Re

    Comment se comporte ton PC?
    Encore des alertes de ton antivirus?
    tiens moi au courant ;ce n'est pas fini;merci

    @+
    0
  • 1
  • 2