Sujet Précédent Sujet Suivant

Lecture d'un rapport ac ADRemover

Elo -  
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonjour à tous,

J'ai un souci avec eorezo ou en eoengine j'ai lu qu'il fallais télécharger ADRemover voici le rapport obtenu j'aimerais savoir si je peux passer à la suite des pérations avec l'option "nettoyer" et avoir la marche à suivre ...

Merci de la réponse bonne soirée

======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 26/07/10 à 12:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

H:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:34:57 le 27/07/2010, Mode normal

Microsoft Windows XP Édition familiale Service Pack 2 (X86)
élodie@ORDINATE-3941EE ( )

============== RECHERCHE ==============

Service: "BarDiscover Service" Présent

0,Dossier trouvé: H:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
0,Dossier trouvé: H:\Documents and Settings\All Users\Application Data\bardiscover
0,Dossier trouvé: H:\Program Files\bardiscover
0,Dossier trouvé: H:\Documents and Settings\élodie\Application Data\EoRezo
0,Dossier trouvé: H:\Documents and Settings\carole\Application Data\EoRezo
0,Dossier trouvé: H:\Documents and Settings\élodie\Local Settings\Application Data\EoRezo
0,Dossier trouvé: H:\Program Files\EoRezo
0,Dossier trouvé: H:\Documents and Settings\élodie\Application Data\Hotbar
0,Dossier trouvé: H:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar
0,Dossier trouvé: H:\Program Files\Hotbar
0,Dossier trouvé: H:\Documents and Settings\All Users\Application Data\HotbarSA
0,Dossier trouvé: H:\Documents and Settings\élodie\Application Data\ShoppingReport2
0,Dossier trouvé: H:\Program Files\ShoppingReport2
0,Dossier trouvé: H:\Documents and Settings\élodie\Application Data\WeatherDPA

-- Fichier ouvert: H:\Documents and Settings\élodie\Application Data\Mozilla\FireFox\Profiles\e5bpxgo9.default\Prefs.js --
Ligne trouvée: user_pref("network.cookie.prefsMigrated", true);user_pref("browser.startup.homepage", "hxxp://y.lo.s...
-- Fichier Fermé --

1,Clé trouvée: HKLM\Software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{258C9770-1713-4021-8D7E-1F184A2BD754}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258C9770-1713-4021-8D7E-1F184A2BD754}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{258C9770-1713-4021-8D7E-1F184A2BD754}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
1,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{2F9AD413-2E0B-4a85-BB2A-CF961238262A}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{3E2DFD6A-4E20-4D4C-AA8B-E1F9DBEF3C80}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{714E0876-FCEE-49CE-A429-B9AD8AEFCB56}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
1,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{D95C7240-0282-4c01-93F5-673BCA03DA86}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D95C7240-0282-4c01-93F5-673BCA03DA86}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{DD15BCC0-5FE9-4690-A957-99FA60ED9D26}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}
1,Clé trouvée: HKLM\Software\Classes\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8}
1,Clé trouvée: HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
1,Clé trouvée: HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
1,Clé trouvée: HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
1,Clé trouvée: HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
1,Clé trouvée: HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
1,Clé trouvée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
1,Clé trouvée: HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
1,Clé trouvée: HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
1,Clé trouvée: HKLM\Software\Classes\Interface\{4C3B62AF-CA25-4FBA-8405-32E44F83BB6F}
1,Clé trouvée: HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
1,Clé trouvée: HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
1,Clé trouvée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
1,Clé trouvée: HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
1,Clé trouvée: HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
1,Clé trouvée: HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
1,Clé trouvée: HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
1,Clé trouvée: HKLM\Software\Classes\Interface\{819DB72D-1C28-4387-9778-E2FF3DC86F74}
1,Clé trouvée: HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
1,Clé trouvée: HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
1,Clé trouvée: HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
1,Clé trouvée: HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
1,Clé trouvée: HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
1,Clé trouvée: HKLM\Software\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
1,Clé trouvée: HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
1,Clé trouvée: HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
1,Clé trouvée: HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
1,Clé trouvée: HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
1,Clé trouvée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
1,Clé trouvée: HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
1,Clé trouvée: HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
1,Clé trouvée: HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
1,Clé trouvée: HKLM\Software\Classes\Interface\{D1063603-F045-475F-AFBC-8CBA7D5797FB}
1,Clé trouvée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
1,Clé trouvée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
1,Clé trouvée: HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{03D7FF6E-9781-40B5-BB7F-94291A361604}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{0729F461-8054-47DC-8D39-A31B61CC0119}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{76D54105-99EB-4ECB-95B2-A944F50CC566}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{CDC73256-A88D-4642-844E-A8F20B76789C}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{F244A744-534D-4A46-855F-C0C7E9F27DAA}
0,Clé trouvée: HKLM\Software\Classes\CntntCntr.CntntDic
0,Clé trouvée: HKLM\Software\Classes\CntntCntr.CntntDic.1
0,Clé trouvée: HKLM\Software\Classes\CntntCntr.CntntDisp
0,Clé trouvée: HKLM\Software\Classes\CntntCntr.CntntDisp.1
0,Clé trouvée: HKLM\Software\Classes\CoreSrv.CoreServices
0,Clé trouvée: HKLM\Software\Classes\CoreSrv.CoreServices.1
0,Clé trouvée: HKLM\Software\Classes\CoreSrv.LfgAx
0,Clé trouvée: HKLM\Software\Classes\CoreSrv.LfgAx.1
0,Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO
0,Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
0,Clé trouvée: HKLM\Software\Classes\EoRezoBHO.EoBHO
0,Clé trouvée: HKLM\Software\Classes\EoRezoBHO.EoBHO.1
0,Clé trouvée: HKLM\Software\Classes\HbCoreSrv.DynamicProp
0,Clé trouvée: HKLM\Software\Classes\HbCoreSrv.DynamicProp.1
0,Clé trouvée: HKLM\Software\Classes\HBMain.CommBand
0,Clé trouvée: HKLM\Software\Classes\HBMain.CommBand.1
0,Clé trouvée: HKLM\Software\Classes\hbr.HbMain
0,Clé trouvée: HKLM\Software\Classes\hbr.HbMain.1
0,Clé trouvée: HKLM\Software\Classes\HostIE.Bho
0,Clé trouvée: HKLM\Software\Classes\HostIE.Bho.1
0,Clé trouvée: HKLM\Software\Classes\HostOL.MailAnim
0,Clé trouvée: HKLM\Software\Classes\HostOL.MailAnim.1
0,Clé trouvée: HKLM\Software\Classes\HostOL.WebmailSend
0,Clé trouvée: HKLM\Software\Classes\HostOL.WebmailSend.1
0,Clé trouvée: HKLM\Software\Classes\HotbarAx.Info
0,Clé trouvée: HKLM\Software\Classes\HotbarAx.Info.1
0,Clé trouvée: HKLM\Software\Classes\HotbarAX.UserProfiles
0,Clé trouvée: HKLM\Software\Classes\HotbarAX.UserProfiles.1
0,Clé trouvée: HKLM\Software\Classes\HotbarWeather.WeatherController
0,Clé trouvée: HKLM\Software\Classes\HotbarWeather.WeatherController.1
0,Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbAx
0,Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbAx.1
0,Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand
0,Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand.1
0,Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButton
0,Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButton.1
0,Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButtonA
0,Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButtonA.1
0,Clé trouvée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl
0,Clé trouvée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl.1
0,Clé trouvée: HKLM\Software\Classes\Srv.CoreServices
0,Clé trouvée: HKLM\Software\Classes\Srv.CoreServices.1
0,Clé trouvée: HKLM\Software\Classes\Toolbar.HtmlMenuUI
0,Clé trouvée: HKLM\Software\Classes\Toolbar.HtmlMenuUI.1
0,Clé trouvée: HKLM\Software\Classes\Toolbar.ToolbarCtl
0,Clé trouvée: HKLM\Software\Classes\Toolbar.ToolbarCtl.1
0,Clé trouvée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
1,Clé trouvée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
0,Clé trouvée: HKLM\Software\Classes\AppID\EoRezoBHO.DLL
1,Clé trouvée: HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
0,Clé trouvée: HKLM\Software\bardiscover
0,Clé trouvée: HKLM\Software\EoRezo
0,Clé trouvée: HKLM\Software\Hotbar
0,Clé trouvée: HKLM\Software\ShoppingReport2
0,Clé trouvée: HKCU\Software\EoRezo
0,Clé trouvée: HKCU\Software\Hotbar
0,Clé trouvée: HKCU\Software\hotbarsa
0,Clé trouvée: HKCU\Software\ShoppingReport2
3,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
3,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BarDiscover
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
0,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
0,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}
0,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D}
0,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}
0,Clé trouvée: HKLM\Software\Classes\CLSID\{8C788AA2-7530-43BE-97B7-4D491F13BEA3}
0,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
0,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{DB38E21A-0133-419D-92AD-ECDFD5244D6D}
0,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{EB620C54-E229-4942-87CE-E717109FC8C6}
0,Clé trouvée: HKLM\Software\Microsoft\Office\Outlook\Addins\HostOL.MailAnim
0,Clé trouvée: HKLM\Software\Microsoft\Office\Word\Addins\HostOL.MailAnim

0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|Hotbar 11.0.175.0
0,Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|Hotbar@Hotbar.com
0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine
0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|HotbarSA
0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Softwarehelper
0,Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|WeatherDPA
0,Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}

============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [Impossible d'obtenir la version] **

-- H:\Documents and Settings\élodie\Application Data\Mozilla\FireFox\Profiles\e5bpxgo9.default\Prefs.js --
browser.search.selectedEngine, Google
browser.startup.homepage_override.mstone, rv:1.8.0.9
network.cookie.prefsMigrated, trueuser_pref(browser.startup.homepage, hxxp://y.lo.st

-- H:\Documents and Settings\carole\Application Data\Mozilla\FireFox\Profiles\ziyw6c39.default\Prefs.js --
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://www.wanadoo.fr/
browser.startup.homepage_override.mstone, rv:1.8.0.9

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Search_URL: hxxp://www.google.com/ie
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: H:\WINDOWS\system32\blank.htm
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Show_ToolBar: yes
Start Page: hxxp://y.lo.st
Use Custom Search URL: 1
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: H:\WINDOWS\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: hxxp://y.lo.st
Blank: res://mshtml.dll/blank.htm

========================================

H:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
H:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

H:\Ad-Report-SCAN[1].txt - 27/07/2010 (16306 Octet(s))

Fin à: 21:36:43, 27/07/2010

============== E.O.F ==============

A voir également:

22 réponses

  • 1
  • 2
Réponse 1 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Salut,

Suppression avec AD-R :

/!\ Déconnecte-toi et ferme toutes applications en cours, désactive ton antivirus le temps de la manipulation/!\

* Exécute AD-R.
* Au menu principal clique sur le bouton "Nettoyer".
* Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous Ad-Report-CLEAN[1].txt)
0
Réponse 2 / 22
Elo
 
Ok à tout de suite alors ... Merci
0
Réponse 3 / 22
Elo
 
Voila mon rapport ... et miracle nouvelle page d'accueil MERCI ;) et sans abuser j'ai un autre petit souci l'ors de l'allumage de mon ordinateur j'ai un msg d'erreur qui s'affiche me disant que Windows ne trouve pas H:/windows/system32/driver/NirCmd.exe à votre avis cela viens d'où ?? Merci encore :))

======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 26/07/10 à 12:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

H:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:10:58 le 27/07/2010, Mode normal

Microsoft Windows XP Édition familiale Service Pack 2 (X86)
élodie@ORDINATE-3941EE ( )

============== ACTION(S) ==============

Service: "BarDiscover Service" Stoppé et supprimé

0,Dossier supprimé: H:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
0,Dossier supprimé: H:\Documents and Settings\All Users\Application Data\bardiscover
0,Dossier supprimé: H:\Program Files\bardiscover
0,Dossier supprimé: H:\Documents and Settings\élodie\Application Data\EoRezo
0,Dossier supprimé: H:\Documents and Settings\carole\Application Data\EoRezo
0,Dossier supprimé: H:\Documents and Settings\élodie\Local Settings\Application Data\EoRezo
0,Dossier supprimé: H:\Program Files\EoRezo
0,Dossier supprimé: H:\Documents and Settings\élodie\Application Data\Hotbar
0,Dossier supprimé: H:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar
0,Dossier supprimé: H:\Program Files\Hotbar
0,Dossier supprimé: H:\Documents and Settings\All Users\Application Data\HotbarSA
0,Dossier supprimé: H:\Documents and Settings\élodie\Application Data\ShoppingReport2
0,Dossier supprimé: H:\Program Files\ShoppingReport2
0,Dossier supprimé: H:\Documents and Settings\élodie\Application Data\WeatherDPA

(!) -- Fichiers temporaires supprimés.

-- Fichier ouvert: H:\Documents and Settings\élodie\Application Data\Mozilla\FireFox\Profiles\e5bpxgo9.default\Prefs.js --
Ligne supprimée: user_pref("network.cookie.prefsMigrated", true);user_pref("browser.startup.homepage", "hxxp://y.lo.s...
-- Fichier Fermé --

1,Clé supprimée: HKLM\Software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{258C9770-1713-4021-8D7E-1F184A2BD754}
1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258C9770-1713-4021-8D7E-1F184A2BD754}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{258C9770-1713-4021-8D7E-1F184A2BD754}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
1,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{2F9AD413-2E0B-4a85-BB2A-CF961238262A}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{3E2DFD6A-4E20-4D4C-AA8B-E1F9DBEF3C80}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{714E0876-FCEE-49CE-A429-B9AD8AEFCB56}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}
1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
1,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{D95C7240-0282-4c01-93F5-673BCA03DA86}
1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D95C7240-0282-4c01-93F5-673BCA03DA86}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{DD15BCC0-5FE9-4690-A957-99FA60ED9D26}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}
1,Clé supprimée: HKLM\Software\Classes\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8}
1,Clé supprimée: HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
1,Clé supprimée: HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
1,Clé supprimée: HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
1,Clé supprimée: HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
1,Clé supprimée: HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
1,Clé supprimée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
1,Clé supprimée: HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
1,Clé supprimée: HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
1,Clé supprimée: HKLM\Software\Classes\Interface\{4C3B62AF-CA25-4FBA-8405-32E44F83BB6F}
1,Clé supprimée: HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
1,Clé supprimée: HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
1,Clé supprimée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
1,Clé supprimée: HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
1,Clé supprimée: HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
1,Clé supprimée: HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
1,Clé supprimée: HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
1,Clé supprimée: HKLM\Software\Classes\Interface\{819DB72D-1C28-4387-9778-E2FF3DC86F74}
1,Clé supprimée: HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
1,Clé supprimée: HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
1,Clé supprimée: HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
1,Clé supprimée: HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
1,Clé supprimée: HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
1,Clé supprimée: HKLM\Software\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
1,Clé supprimée: HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
1,Clé supprimée: HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
1,Clé supprimée: HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
1,Clé supprimée: HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
1,Clé supprimée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
1,Clé supprimée: HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
1,Clé supprimée: HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
1,Clé supprimée: HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
1,Clé supprimée: HKLM\Software\Classes\Interface\{D1063603-F045-475F-AFBC-8CBA7D5797FB}
1,Clé supprimée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
1,Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
1,Clé supprimée: HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{03D7FF6E-9781-40B5-BB7F-94291A361604}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{0729F461-8054-47DC-8D39-A31B61CC0119}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{76D54105-99EB-4ECB-95B2-A944F50CC566}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{CDC73256-A88D-4642-844E-A8F20B76789C}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{F244A744-534D-4A46-855F-C0C7E9F27DAA}
0,Clé supprimée: HKLM\Software\Classes\CntntCntr.CntntDic
0,Clé supprimée: HKLM\Software\Classes\CntntCntr.CntntDic.1
0,Clé supprimée: HKLM\Software\Classes\CntntCntr.CntntDisp
0,Clé supprimée: HKLM\Software\Classes\CntntCntr.CntntDisp.1
0,Clé supprimée: HKLM\Software\Classes\CoreSrv.CoreServices
0,Clé supprimée: HKLM\Software\Classes\CoreSrv.CoreServices.1
0,Clé supprimée: HKLM\Software\Classes\CoreSrv.LfgAx
0,Clé supprimée: HKLM\Software\Classes\CoreSrv.LfgAx.1
0,Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
0,Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
0,Clé supprimée: HKLM\Software\Classes\EoRezoBHO.EoBHO
0,Clé supprimée: HKLM\Software\Classes\EoRezoBHO.EoBHO.1
0,Clé supprimée: HKLM\Software\Classes\HbCoreSrv.DynamicProp
0,Clé supprimée: HKLM\Software\Classes\HbCoreSrv.DynamicProp.1
0,Clé supprimée: HKLM\Software\Classes\HBMain.CommBand
0,Clé supprimée: HKLM\Software\Classes\HBMain.CommBand.1
0,Clé supprimée: HKLM\Software\Classes\hbr.HbMain
0,Clé supprimée: HKLM\Software\Classes\hbr.HbMain.1
0,Clé supprimée: HKLM\Software\Classes\HostIE.Bho
0,Clé supprimée: HKLM\Software\Classes\HostIE.Bho.1
0,Clé supprimée: HKLM\Software\Classes\HostOL.MailAnim
0,Clé supprimée: HKLM\Software\Classes\HostOL.MailAnim.1
0,Clé supprimée: HKLM\Software\Classes\HostOL.WebmailSend
0,Clé supprimée: HKLM\Software\Classes\HostOL.WebmailSend.1
0,Clé supprimée: HKLM\Software\Classes\HotbarAx.Info
0,Clé supprimée: HKLM\Software\Classes\HotbarAx.Info.1
0,Clé supprimée: HKLM\Software\Classes\HotbarAX.UserProfiles
0,Clé supprimée: HKLM\Software\Classes\HotbarAX.UserProfiles.1
0,Clé supprimée: HKLM\Software\Classes\HotbarWeather.WeatherController
0,Clé supprimée: HKLM\Software\Classes\HotbarWeather.WeatherController.1
0,Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbAx
0,Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbAx.1
0,Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand
0,Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand.1
0,Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButton
0,Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButton.1
0,Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButtonA
0,Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButtonA.1
0,Clé supprimée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl
0,Clé supprimée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl.1
0,Clé supprimée: HKLM\Software\Classes\Srv.CoreServices
0,Clé supprimée: HKLM\Software\Classes\Srv.CoreServices.1
0,Clé supprimée: HKLM\Software\Classes\Toolbar.HtmlMenuUI
0,Clé supprimée: HKLM\Software\Classes\Toolbar.HtmlMenuUI.1
0,Clé supprimée: HKLM\Software\Classes\Toolbar.ToolbarCtl
0,Clé supprimée: HKLM\Software\Classes\Toolbar.ToolbarCtl.1
0,Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
1,Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
0,Clé supprimée: HKLM\Software\Classes\AppID\EoRezoBHO.DLL
1,Clé supprimée: HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
0,Clé supprimée: HKLM\Software\bardiscover
0,Clé supprimée: HKLM\Software\EoRezo
0,Clé supprimée: HKLM\Software\Hotbar
0,Clé supprimée: HKLM\Software\ShoppingReport2
0,Clé supprimée: HKCU\Software\EoRezo
0,Clé supprimée: HKCU\Software\Hotbar
0,Clé supprimée: HKCU\Software\hotbarsa
0,Clé supprimée: HKCU\Software\ShoppingReport2
3,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
3,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BarDiscover
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
0,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D}
0,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}
0,Clé supprimée: HKLM\Software\Classes\CLSID\{8C788AA2-7530-43BE-97B7-4D491F13BEA3}
0,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
0,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{DB38E21A-0133-419D-92AD-ECDFD5244D6D}
0,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{EB620C54-E229-4942-87CE-E717109FC8C6}
0,Clé supprimée: HKLM\Software\Microsoft\Office\Outlook\Addins\HostOL.MailAnim
0,Clé supprimée: HKLM\Software\Microsoft\Office\Word\Addins\HostOL.MailAnim

0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|Hotbar 11.0.175.0
0,Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|Hotbar@Hotbar.com
0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine
0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|HotbarSA
0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Softwarehelper
0,Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|WeatherDPA
0,Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}

============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [Impossible d'obtenir la version] **

-- H:\Documents and Settings\élodie\Application Data\Mozilla\FireFox\Profiles\e5bpxgo9.default\Prefs.js --
browser.search.selectedEngine, Google
browser.startup.homepage_override.mstone, rv:1.8.0.9

-- H:\Documents and Settings\carole\Application Data\Mozilla\FireFox\Profiles\ziyw6c39.default\Prefs.js --
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://www.wanadoo.fr/
browser.startup.homepage_override.mstone, rv:1.8.0.9

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: H:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: H:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

H:\Program Files\Ad-Remover\Quarantine: 463 Fichier(s)
H:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

H:\Ad-Report-CLEAN[1].txt - 27/07/2010 (1890 Octet(s))
H:\Ad-Report-SCAN[1].txt - 27/07/2010 (18217 Octet(s))

Fin à: 22:12:59, 27/07/2010

============== E.O.F ==============
0
Réponse 4 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Tu as encore des infections.
Il faut que l'on poursuive !

********

Pour établir un diagnostic plus en profondeur de ton PC :
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur le Bureau.
= = = = >>> En cliquant ici <<< = = = =

* Double clique sur RSIT.exe pour le lancer.
* Une première fenêtre s'ouvre, clique alors sur Continue (Disclaimer).
* Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.
* Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-notes).
* Poste le contenu de log.txt.
0
Elo
 
Voici le rapport y a t'il d'autre manip ??

info.txt logfile of random's system information tool 1.08 2010-07-27 22:30:32

======Uninstall list======

-->H:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->H:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 H:\WINDOWS\INF\PCHealth.inf
802.11 USB Wireless LAN Adapter-->H:\WINDOWS\system32\unwlsdrv.exe SiS163u
Adobe Acrobat 5.0-->H:\WINDOWS\ISUNINST.EXE -f"H:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"H:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe AIR-->h:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->H:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Adobe Shockwave Player 11.5-->"H:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Ad-Remover By C_XX-->H:\Program Files\Ad-Remover\Uninstall.exe
Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
Apple Mobile Device Support-->MsiExec.exe /I{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->H:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
AVS Audio Converter version 6.1-->"H:\Program Files\AVS4YOU\AVSAudioConverter6\unins000.exe"
AVS Update Manager 1.0-->"H:\Program Files\AVS4YOU\AVSUpdateManager\unins000.exe"
AVS4YOU Software Navigator 1.3-->"H:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Barre d'outils MSN-->H:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c
Bonjour-->MsiExec.exe /X{8A253629-0511-4854-8B4E-46E57E66005C}
CL-5300 Digital Camera Driver-->H:\PROGRA~1\CL-530~1\UNWISE.EXE H:\PROGRA~1\CL-530~1\INSTALL.LOG
Désinst. LG PC Suite III-->"H:\Program Files\LG Electronics\LG PC Suite III\unins000.exe"
Détecteur de flux Windows Live Toolbar-->MsiExec.exe /X{B9C5669B-4705-4046-A3EE-0BFD08D7B668}
DivX Converter-->H:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->H:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->H:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->H:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EMCO LAN File Search-->"H:\Program Files\EMCO\LAN File Search\unins000.exe"
Extension MSN pour Windows Live Toolbar-->MsiExec.exe /X{0C858954-92B6-40C8-84D0-D095070C263C}
Galerie de photos Windows Live-->MsiExec.exe /X{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
Google Toolbar for Internet Explorer-->"H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Windows XP (KB926239)-->"H:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Installation Windows Live-->H:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-78631D9AD8B8}
J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
K-Lite Mega Codec Pack 5.1.0-->"H:\Program Files\K-Lite Codec Pack\unins000.exe"
LG Bluetooth Drivers-->MsiExec.exe /X{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}
LG MC USB U330 driver-->RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}\setup.exe" -l0x40c -removeonly
LG USB Modem Drivers-->MsiExec.exe /X{3E8DE1A6-B365-4FF6-B917-2892A34990E8}
LimeWire 5.4.6-->"H:\Program Files\LimeWire\uninstall.exe"
McAfee VirusScan Enterprise-->MsiExec.exe /I{35C03C04-3F1F-42C2-A989-A757EE691F65}
Messenger Plus! 3-->"H:\Documents and Settings\élodie\Bureau\MON ESPACE\LOGICIEL\MsgPlus.exe" /Remove
Microsoft .NET Framework 2.0-->H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft ActiveSync 3.8-->"H:\WINDOWS\ISUN040C.EXE" -f"H:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"H:\Program Files\Microsoft ActiveSync\ceuninst.dll"
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"H:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft WinUsb 1.0-->"H:\WINDOWS\$NtUninstallwinusb0100$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
MP3 Player Utilities 4.18-->MsiExec.exe /I{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{C087CD39-A5D9-4F1A-9BC6-3670C54A0912}
NVIDIA Drivers-->H:\WINDOWS\system32\nvudisp.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->H:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1036
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PhotoFiltre-->"H:\Program Files\PhotoFiltre\Uninst.exe"
Picasa 3-->"H:\Program Files\Google\Picasa3\Uninstall.exe"
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Ralink Wireless LAN Card-->RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x9 -removeonly
Realtek AC'97 Audio-->RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x40c -removeonly
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Uninstall 1.0.0.1-->"H:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"H:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe"
Windows Imaging Component-->"H:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"H:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"H:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{B3B487E7-6171-4376-9074-B28082CEB504}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Contrôle parental-->MsiExec.exe /X{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}
Windows Live FolderShare-->MsiExec.exe /X{76810709-A7D3-468D-9167-A1780C1E766C}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{445B183D-F4F1-45C8-B9DB-F11355CA657B}
Windows Live Toolbar-->MsiExec.exe /X{9D6524E6-15CF-4852-BF70-04FE973A3DE1}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"H:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"H:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->"H:\Program Files\XviD\unins000.exe"

======Hosts File======

127.0.0.1 NtKrnlpa.info

======Security center information======

AV: McAfee VirusScan Enterprise
FW: NVIDIA Firewall

======System event log======

Computer Name: ORDINATE-3941EE
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.

Record Number: 22503
Source Name: Service Control Manager
Time Written: 20100703113328.000000+120
Event Type: Informations
User:

Computer Name: ORDINATE-3941EE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

Record Number: 22502
Source Name: Service Control Manager
Time Written: 20100703113328.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ORDINATE-3941EE
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.

Record Number: 22501
Source Name: Service Control Manager
Time Written: 20100703113328.000000+120
Event Type: Informations
User:

Computer Name: ORDINATE-3941EE
Event Code: 7036
Message: Le service Service Google Update (gupdate) est entré dans l'état : arrêté.

Record Number: 22500
Source Name: Service Control Manager
Time Written: 20100703113328.000000+120
Event Type: Informations
User:

Computer Name: ORDINATE-3941EE
Event Code: 7036
Message: Le service Service de découvertes SSDP est entré dans l'état : en cours d'exécution.

Record Number: 22499
Source Name: Service Control Manager
Time Written: 20100703113328.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: ORDINATE-3941EE
Event Code: 0
Message:
Record Number: 761
Source Name: SeaPort
Time Written: 20100308094228.000000+060
Event Type: Informations
User:

Computer Name: ORDINATE-3941EE
Event Code: 0
Message:
Record Number: 760
Source Name: gupdate
Time Written: 20100308094226.000000+060
Event Type: Informations
User:

Computer Name: ORDINATE-3941EE
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur ORDINATE-3941EE\élodie alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

Record Number: 759
Source Name: Userenv
Time Written: 20100308094116.000000+060
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: ORDINATE-3941EE
Event Code: 5000
Message: Service McShield démarré.

Version du moteur : 5400.1158

Version du fichier DAT : 5913.0000



Nombre de signatures dans le fichier EXTRA.DAT : Aucun

Nom des menaces pouvant être détectées par EXTRA.DAT : Aucun

Record Number: 758
Source Name: McLogEvent
Time Written: 20100308093609.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ORDINATE-3941EE
Event Code: 0
Message:
Record Number: 757
Source Name: gusvc
Time Written: 20100308093254.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;H:\Documents and Settings\élodie\Mes documents;H:\Program Files\Fichiers communs\DivX Shared\;H:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"VSEDEFLOGDIR"=H:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection
"DEFLOGDIR"=H:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;H:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=H:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Il y a deux rapports à envoyer.
J'attends le second.
0
Elo
 
Je ne peux pas posté le 2nd rapport que tu attends car lorsque je fait "valider" cela me marque en rouge "veuillez actionner Javascript" ....

Je ferai toutes les manips demain et je t'envoye les rapport car je commence le travail dans peu de temps il est temps pour moi de dormir un peu à demain et merci encore pour ton aide précieuse ...
0
Réponse 6 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Télécharge Malwarebytes' Anti-Malware
= = = = >>> En cliquant ici <<< = = = =

- Enregistre le sur le bureau
- Double clique sur le fichier téléchargé pour lancer le processus d'installation
- Lorsqu'il te le sera demandé, mets à jour Malwarebytes anti malware
- Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-clique sur l'icône de malwarebytes pour le relancer
- Dans l'onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur `Afficher les résultats' pour afficher tous les objets trouvés.
- Clique sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
- Rends toi dans l'onglet rapport/log
- Tu clique dessus pour l'afficher.
- Une fois affiché, cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu clique droit dans le cadre de la réponse et coller

Si tu as besoin d'aide regarde ce tutorial ICI

*********

Depuis l'ajout / Suppression de programmes, supprime ce logiciel :
Adobe Reader 9.1

*********

Installe Adobe Acrobat Reader 9.3

*********

Pour supprimer les anciennes versions de Java et télécharger la nouvelle,
Télécharge JavaRa.zip de Paul `Prm753' McLain et Fred de Vries sur ton Bureau :
= = = = =>>> En cliquant ici <<<= = = =
* Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique sur le répertoire JavaRa
* Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher).
* Sélectionne ta langue puis clique sur Select
* Clique sur Recherche de mises à jour
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher
* Autorise le processus à se connecter s'il le demande, clique sur Install et suis les instructions d'installation qui prennent quelques minutes
* L'installation est terminée
* Reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur Ok, puis une deuxième fois sur Ok.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.
Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
(Supprime-le une fois que tu l'as posté).
0
Réponse 7 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Si tu as des soucis pour envoyer le fichier, héberge-le sur cijoint.fr.

Aide en images.
0
Elo
 
Bonjour,

Voici le lien pour le 2nd rapport

http://www.cijoint.fr/cjlink.php?file=cj201007/cijQRiyJX2.txt
0
Réponse 8 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Tu n'as pas suivi la procédure car RSIT n'est pas enregistré sur ton PC comme demandé :

H:\Documents and Settings\élodie\Local Settings\Temporary Internet Files\Content.IE5\EE737J3A\RSIT[1].exe

Fais ce qui est dit ici pour le moment :
https://forums.commentcamarche.net/forum/affich-18639508-lecture-d-un-rapport-ac-adremover#7
0
Elo
 
Exact je vien de vérifier je ne trouve effectivement pas le dossier l'analyse avec Malwarebytes est en cours...
0
Elo
 
Voici le rapport de Malwarebytes ... Je peux continuer avec la suppression de Adobe et Java ?? (suite de la liste)

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4362

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

28/07/2010 13:37:37
mbam-log-2010-07-28 (13-37-37).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Elément(s) analysé(s): 250168
Temps écoulé: 1 heure(s), 13 minute(s), 16 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 50

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{db38e21a-0133-419d-92ad-ecdfd5244d6d} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{eb620c54-e229-4942-87ce-e717109fc8c6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
H:\Documents and Settings\carole\Local Settings\Temp\msgpl_825d.exe (Adware.Agent) -> Quarantined and deleted successfully.
H:\Documents and Settings\élodie\Local Settings\Temp\nsb2.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
H:\Documents and Settings\élodie\Local Settings\Temp\nseF.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
H:\Documents and Settings\élodie\Local Settings\Temp\nsj66.tmp\bardiscover.exe (Adware.BarDiscover) -> Quarantined and deleted successfully.
H:\Documents and Settings\élodie\Local Settings\Temp\nsp4.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Documents and Settings\élodie\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdate.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Documents and Settings\élodie\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\EoRezo\eorezo.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\EoRezo\EoEngine.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\EoRezo\EoRezoBHO.dll.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\EoRezo\EoAdv\EoAdv.dll.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\EoRezo\EoAdv\EoRezoBHO.dll.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\CntntCntr.dll.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\CoreSrv.dll.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\HostIE.dll.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\HostOL.dll.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\HotbarSA.exe.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\HotbarSAAX.dll.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\HotbarSADF.exe.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\HotbarUninstaller.exe.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\Srv.exe.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\Toolbar.dll.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\Weather.exe.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\Hotbar\bin\11.0.175.0\firefox\extensions\plugins\npclntax_HotbarSA.dll.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\Program Files\Ad-Remover\Quarantine\H\Program Files\ShoppingReport2\Bin\2.7.12\ShoppingReport.dll.vir (Adware.SmartShopper) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP510\A0163032.exe (Adware.BarDiscover) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP516\A0165158.exe (Adware.BarDiscover) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP518\A0165190.exe (Adware.BarDiscover) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168826.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168862.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168813.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168814.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168817.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168818.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168824.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168827.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168857.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168858.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168860.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168861.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168863.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168864.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168865.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168867.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168868.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168869.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168870.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168872.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{4FB80FCD-9329-433B-BC6C-59868A30E540}\RP530\A0168882.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
H:\WINDOWS\Temp\BAR8C.tmp\upgrade.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
0
Réponse 9 / 22
Elo
 
Voici le rapport de JavaRa ...

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Jul 28 14:08:28 2010

Found and removed: H:\Program Files\Java\jre1.5.0_03

Found and removed: H:\Program Files\Java\jre1.5.0_06

Found and removed: H:\Documents and Settings\élodie\Application Data\Sun\Java\jre1.6.0_11

Found and removed: H:\Documents and Settings\élodie\Application Data\Sun\Java\jre1.6.0_14

Found and removed: H:\Documents and Settings\élodie\Application Data\Sun\Java\jre1.6.0_15

Found and removed: Software\JavaSoft\Java2D\1.5.0_03

Found and removed: Software\JavaSoft\Java2D\1.5.0_06

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510003

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510003

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510003

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\JavaPlugin.150_03

Found and removed: SOFTWARE\Classes\JavaPlugin.150_06

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150030}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Jul 28 14:12:33 2010

------------------------------------

Finished reporting.
0
Réponse 10 / 22
Elo
 
Lorsque je redémarre l'ordinateur le fichier "DRIVERS" s'ouvre ... de plus je dois avoir la carte mémoire de mon appareil photo de touché car losque je l'introduit dans le lecteur cela me bloque mon poste de travail et un msg d'érreur s'inscrit ...

Vive la nouvelle technologie !!

J'ai maintenant effectuée toutes les taches inscritent...
0
Réponse 11 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Vide la quarantaine de MBAM.
Je regarde ton rapport RSIT ce soir.
0
Elo
 
quarantaine vidé. Impossible d'accéder au lecteur C pour effacer le rapport JavaRa "impossible à satisfaire la demande en raison d'une erreur de périphérique d'E/S.
Ok à ce soir Merci
0
Réponse 12 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Télécharge LopS&D (de eric_71)
= = = = >>> En cliquant ici <<< = = = =

Enregistre le fichier sur ton bureau.
Lance l'installation.
Une fois le programme lancé tape F pour être en Français.
Réponds OK au message d'alerte qui s'affiche.
Puis exécute l'option 1, Recherche.
Un rapport sera généré.
Poste son intégralité ici.
Note :
Le rapport se trouve ici : C:\LopR.txt
Petit tutorial si besoin ICI.
0
Elo
 
Voici la rapport de LopS&D

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : élodie ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan Enterprise 8.5.0.781 (Activated)
Firewall : NVIDIA Firewall 1.0 (Activated)
C:\ (USB)
D:\ (USB) - FAT32 - Total:3779 Mo (Free:3 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (Local Disk) - NTFS - Total:189 Go (Free:161 Go)
I:\ (USB)

"H:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 28/07/2010|20:38 )

--------------------\\ Listing des dossiers dans APPLIC~1

[09/06/2010|14:30] H:\DOCUME~1\ALLUSE~1\APPLIC~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[24/03/2010|20:04] H:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[28/07/2010|14:10] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/11/2008|22:08] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/03/2010|20:00] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[16/02/2010|15:03] H:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[29/11/2009|15:27] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[27/09/2009|18:31] H:\DOCUME~1\ALLUSE~1\APPLIC~1\LGMOBILEAX
[28/07/2010|12:19] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[23/04/2009|18:11] H:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[17/05/2010|20:13] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[08/05/2009|11:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[27/07/2006|21:49] H:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[25/11/2006|18:05] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism
[09/08/2006|11:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Program Proc Rdr Logo
[09/04/2009|10:21] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[28/07/2010|14:08] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun
[09/08/2006|12:20] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[27/07/2006|18:39] H:\DOCUME~1\carole\APPLIC~1\Identities
[07/05/2009|19:49] H:\DOCUME~1\carole\APPLIC~1\Macromedia
[07/05/2009|19:50] H:\DOCUME~1\carole\APPLIC~1\Microsoft
[30/01/2007|11:59] H:\DOCUME~1\carole\APPLIC~1\Mozilla

[04/06/2010|12:29] H:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[27/07/2006|10:48] H:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[30/07/2006|09:33] H:\DOCUME~1\DOMINI~1\APPLIC~1\Identities
[28/08/2006|13:54] H:\DOCUME~1\DOMINI~1\APPLIC~1\Macromedia
[20/04/2009|19:54] H:\DOCUME~1\DOMINI~1\APPLIC~1\Microsoft

[25/08/2008|12:40] H:\DOCUME~1\ilan\APPLIC~1\Adobe
[15/04/2007|19:09] H:\DOCUME~1\ilan\APPLIC~1\Apple Computer
[29/07/2006|11:29] H:\DOCUME~1\ilan\APPLIC~1\Identities
[11/02/2007|11:56] H:\DOCUME~1\ilan\APPLIC~1\Macromedia
[20/04/2009|19:54] H:\DOCUME~1\ilan\APPLIC~1\Microsoft

[13/08/2006|21:29] H:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[20/04/2009|19:54] H:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/04/2009|19:54] H:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[07/08/2006|12:11] H:\DOCUME~1\rosa\APPLIC~1\Identities
[20/04/2009|19:54] H:\DOCUME~1\rosa\APPLIC~1\Microsoft

[27/07/2006|11:01] H:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
[20/04/2009|19:54] H:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft

[30/12/2009|17:38] H:\DOCUME~1\LODIE~1\APPLIC~1\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[04/06/2010|12:29] H:\DOCUME~1\LODIE~1\APPLIC~1\Adobe
[05/06/2010|21:03] H:\DOCUME~1\LODIE~1\APPLIC~1\app
[24/03/2010|20:10] H:\DOCUME~1\LODIE~1\APPLIC~1\Apple Computer
[16/02/2010|15:03] H:\DOCUME~1\LODIE~1\APPLIC~1\AVS4YOU
[09/08/2006|15:23] H:\DOCUME~1\LODIE~1\APPLIC~1\BitTorrent
[06/12/2006|20:22] H:\DOCUME~1\LODIE~1\APPLIC~1\Canon
[06/05/2010|10:58] H:\DOCUME~1\LODIE~1\APPLIC~1\CoSoSys
[21/01/2009|20:52] H:\DOCUME~1\LODIE~1\APPLIC~1\DivX
[25/07/2010|17:10] H:\DOCUME~1\LODIE~1\APPLIC~1\Dofus 2
[06/06/2010|08:49] H:\DOCUME~1\LODIE~1\APPLIC~1\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[05/06/2010|21:03] H:\DOCUME~1\LODIE~1\APPLIC~1\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[29/11/2009|15:34] H:\DOCUME~1\LODIE~1\APPLIC~1\Google
[27/07/2006|19:48] H:\DOCUME~1\LODIE~1\APPLIC~1\Help
[27/07/2006|18:52] H:\DOCUME~1\LODIE~1\APPLIC~1\Identities
[17/02/2008|20:41] H:\DOCUME~1\LODIE~1\APPLIC~1\InterTrust
[12/12/2009|16:01] H:\DOCUME~1\LODIE~1\APPLIC~1\LanSearch
[12/02/2009|13:34] H:\DOCUME~1\LODIE~1\APPLIC~1\Lavasoft
[21/12/2009|23:50] H:\DOCUME~1\LODIE~1\APPLIC~1\LG Electronics
[28/07/2010|13:48] H:\DOCUME~1\LODIE~1\APPLIC~1\LimeWire
[09/08/2006|11:01] H:\DOCUME~1\LODIE~1\APPLIC~1\load peak love
[09/08/2006|10:32] H:\DOCUME~1\LODIE~1\APPLIC~1\Macromedia
[28/07/2010|12:20] H:\DOCUME~1\LODIE~1\APPLIC~1\Malwarebytes
[25/08/2006|22:10] H:\DOCUME~1\LODIE~1\APPLIC~1\Media Player Classic
[13/05/2010|21:00] H:\DOCUME~1\LODIE~1\APPLIC~1\Microsoft
[27/01/2007|18:28] H:\DOCUME~1\LODIE~1\APPLIC~1\Mozilla
[18/11/2009|23:27] H:\DOCUME~1\LODIE~1\APPLIC~1\Orange
[12/09/2009|13:55] H:\DOCUME~1\LODIE~1\APPLIC~1\Real
[05/06/2010|21:03] H:\DOCUME~1\LODIE~1\APPLIC~1\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[09/04/2009|10:19] H:\DOCUME~1\LODIE~1\APPLIC~1\Samsung
[09/04/2009|10:21] H:\DOCUME~1\LODIE~1\APPLIC~1\Sony
[08/11/2006|23:21] H:\DOCUME~1\LODIE~1\APPLIC~1\Sun
[09/08/2006|15:56] H:\DOCUME~1\LODIE~1\APPLIC~1\vlc
[09/08/2006|11:01] H:\DOCUME~1\LODIE~1\APPLIC~1\WINDOW IDLE DEAD

--------------------\\ Tâches planifiées dans H:\WINDOWS\tasks

[28/07/2010 20:36][--a------] H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[28/07/2010 20:36][--a------] H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[28/07/2010 18:33][--ah-----] H:\WINDOWS\tasks\User_Feed_Synchronization-{03D5C1B1-5823-4AC2-9683-4D8FE9A98134}.job
[28/07/2010 13:32][--a------] H:\WINDOWS\tasks\AppleSoftwareUpdate.job
[28/07/2010 14:31][--ah-----] H:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] H:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans H:\Program Files

[28/07/2010|14:09] H:\Program Files\Adobe
[27/07/2010|22:12] H:\Program Files\Ad-Remover
[24/03/2010|19:58] H:\Program Files\Apple Software Update
[23/04/2009|18:25] H:\Program Files\AvRack
[16/02/2010|16:08] H:\Program Files\AVS4YOU
[09/06/2010|14:22] H:\Program Files\Bonjour
[25/02/2008|22:43] H:\Program Files\CL-5300 Digital Camera
[27/12/2006|21:32] H:\Program Files\Common Files
[04/09/2009|23:13] H:\Program Files\DivX
[04/06/2010|12:29] H:\Program Files\Dofus 2
[12/12/2009|16:01] H:\Program Files\EMCO
[04/06/2010|12:28] H:\Program Files\Fichiers communs
[28/01/2010|22:16] H:\Program Files\Google
[09/08/2006|10:53] H:\Program Files\Grisoft
[27/07/2010|21:17] H:\Program Files\InstallShield Installation Information
[07/05/2009|11:09] H:\Program Files\Internet Explorer
[06/12/2006|22:09] H:\Program Files\Inventel
[28/07/2010|14:08] H:\Program Files\Java
[04/09/2009|23:16] H:\Program Files\K-Lite Codec Pack
[15/07/2010|17:54] H:\Program Files\LG Electronics
[10/06/2010|22:16] H:\Program Files\LimeWire
[28/07/2010|12:19] H:\Program Files\Malwarebytes' Anti-Malware
[23/04/2009|18:11] H:\Program Files\McAfee
[26/02/2007|19:25] H:\Program Files\Media Player Classic
[08/05/2009|11:02] H:\Program Files\Microsoft
[27/12/2006|21:32] H:\Program Files\Microsoft ActiveSync
[27/07/2006|10:48] H:\Program Files\microsoft frontpage
[15/10/2006|17:56] H:\Program Files\Microsoft Office
[06/10/2009|10:50] H:\Program Files\Microsoft Office Outlook Connector
[07/10/2009|09:01] H:\Program Files\Microsoft Silverlight
[17/05/2010|22:32] H:\Program Files\Microsoft SQL Server Compact Edition
[17/05/2010|22:33] H:\Program Files\Microsoft Sync Framework
[06/12/2006|20:23] H:\Program Files\Microsoft.NET
[17/05/2007|19:18] H:\Program Files\Mindscape
[20/04/2009|18:54] H:\Program Files\movie maker
[12/04/2009|18:34] H:\Program Files\MP3 Player Utilities 4.18
[13/02/2009|15:44] H:\Program Files\msn gaming zone
[17/05/2010|19:59] H:\Program Files\MSN Toolbar
[30/12/2009|17:39] H:\Program Files\MSXML 4.0
[27/07/2006|10:46] H:\Program Files\NetMeeting
[27/07/2006|11:14] H:\Program Files\NVIDIA Corporation
[27/07/2006|10:44] H:\Program Files\Online Services
[27/07/2006|10:46] H:\Program Files\Outlook Express
[07/05/2009|21:05] H:\Program Files\PhotoFiltre
[09/06/2010|14:26] H:\Program Files\QuickTime
[07/05/2009|10:57] H:\Program Files\RALINK
[27/07/2006|11:16] H:\Program Files\Realtek AC97
[27/07/2006|11:16] H:\Program Files\Realtek Sound Manager
[06/12/2006|20:23] H:\Program Files\Securitoo
[27/07/2006|10:47] H:\Program Files\Services en ligne
[30/03/2008|17:58] H:\Program Files\Sierra On-Line
[27/07/2010|22:30] H:\Program Files\trend micro
[27/07/2006|11:01] H:\Program Files\Uninstall Information
[09/08/2006|15:56] H:\Program Files\VideoLAN
[06/12/2006|22:09] H:\Program Files\Wanadoo
[06/12/2006|22:09] H:\Program Files\Wanadoo Messager
[06/12/2006|20:23] H:\Program Files\WebPod Studio
[17/05/2010|22:34] H:\Program Files\Windows Live
[17/05/2010|22:30] H:\Program Files\Windows Live SkyDrive
[06/11/2008|22:07] H:\Program Files\Windows Media Player
[27/07/2006|10:44] H:\Program Files\Windows NT
[27/07/2006|10:47] H:\Program Files\WindowsUpdate
[23/04/2009|18:32] H:\Program Files\WinRAR
[27/07/2006|10:48] H:\Program Files\xerox

--------------------\\ Listing des dossiers dans H:\Program Files\Fichiers communs

[28/07/2010|14:10] H:\Program Files\Fichiers communs\Adobe
[04/06/2010|12:28] H:\Program Files\Fichiers communs\Adobe AIR
[27/07/2010|21:18] H:\Program Files\Fichiers communs\Apple
[16/02/2010|16:08] H:\Program Files\Fichiers communs\AVSMedia
[23/04/2009|18:11] H:\Program Files\Fichiers communs\Cisco Systems
[06/12/2006|20:23] H:\Program Files\Fichiers communs\DESIGNER
[10/05/2009|14:54] H:\Program Files\Fichiers communs\DivX Shared
[09/04/2009|10:33] H:\Program Files\Fichiers communs\DVDVideoSoft
[17/02/2008|20:40] H:\Program Files\Fichiers communs\InstallShield
[28/07/2010|14:08] H:\Program Files\Fichiers communs\Java
[23/04/2009|18:10] H:\Program Files\Fichiers communs\McAfee
[08/05/2009|10:59] H:\Program Files\Fichiers communs\Microsoft Shared
[27/07/2006|10:46] H:\Program Files\Fichiers communs\MSSoap
[27/07/2006|12:35] H:\Program Files\Fichiers communs\ODBC
[27/07/2006|10:46] H:\Program Files\Fichiers communs\Services
[27/07/2006|12:35] H:\Program Files\Fichiers communs\SpeechEngines
[06/10/2009|10:50] H:\Program Files\Fichiers communs\System
[08/05/2009|10:27] H:\Program Files\Fichiers communs\Windows Live

--------------------\\ Process

( 48 Processes )

iexplore.exe ~ [PID:432]
iexplore.exe ~ [PID:2912]
iexplore.exe ~ [PID:396]
MsgPlus.exe ~ [PID:3656]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsb2.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsc4.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nse84.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nseF.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsh2F.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsi65.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsj21.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsj66.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsj9.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsk2D.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsm2B.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsm8D.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsp4.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsv31.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsv5.tmp
H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsx139.tmp
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[1].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[2].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[3].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[4].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[5].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[6].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[7].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[9].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[1].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[2].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[3].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[5].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[6].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[7].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@booking.db.advertising[2].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@game-advertising-online[1].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@game-advertising-online[2].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@traveladvertising[1].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@bigpoint[2].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@fr.farmerama.bigpoint[1].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@fr.farmerama.bigpoint[2].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@fr.partypoker[1].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@fr.partypoker[2].txt
H:\DOCUME~1\LODIE~1\Cookies\élodie@partypoker[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-28 20:40:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:1852][D:163]-> H:\DOCUME~1\LODIE~1\LOCALS~1\Temp
[F:3505][D:0]-> H:\DOCUME~1\LODIE~1\Cookies
[F:22590][D:129]-> H:\DOCUME~1\LODIE~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "H:\Lop SD\LopR_1.txt" - 28/07/2010|20:42 - Option : [1]

--------------------\\ Fin du rapport a 20:42:25
0
Réponse 13 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Nettoyage avec Lop S&D :

Relance Lop S&D
Tape F pour être en Français.
Réponds OK au message d'alerte qui s'affiche.
Ensuite, exécute l'option 2 : Suppression + Hosts
Un rapport sera généré.
Poste le entièrement ici.

******

Télécharge SystemLook sur ton Bureau.
* Double-clique sur SystemLook.exe pour le lancer.
* Copie - colle le contenu du texte ci-dessous dans la zone texte de SystemLook :

:dir
H:\Documents and Settings\élodie\Application Data

Clique sur le bouton Look pour démarrer l'examen.
A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie - colle le rapport dans ta prochaine réponse.
Note :
Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt

H:\Documents and Settings\élodie\Application Data
0
Elo
 
Voici le rapport Lop S&D


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : élodie ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan Enterprise 8.5.0.781 (Activated)
Firewall : NVIDIA Firewall 1.0 (Activated)
C:\ (USB)
D:\ (USB) - FAT32 - Total:3779 Mo (Free:3 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (Local Disk) - NTFS - Total:189 Go (Free:161 Go)
I:\ (USB)

"H:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 28/07/2010|21:20 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsb2.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsc4.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nse84.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nseF.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsh2F.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsi65.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsj21.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsj66.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsj9.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsk2D.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsm2B.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsm8D.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsp4.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsv31.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsv5.tmp
Supprime! - H:\DOCUME~1\LODIE~1\LOCALS~1\Temp\nsx139.tmp
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[1].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[2].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[3].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[4].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[5].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[6].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[7].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertstream[9].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[1].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[2].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[3].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[5].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[6].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@advertising[7].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@booking.db.advertising[2].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@game-advertising-online[1].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@game-advertising-online[2].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@traveladvertising[1].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@bigpoint[2].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@fr.farmerama.bigpoint[1].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@fr.farmerama.bigpoint[2].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@fr.partypoker[1].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@fr.partypoker[2].txt
Supprime! - H:\DOCUME~1\LODIE~1\Cookies\élodie@partypoker[1].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[09/06/2010|14:30] H:\DOCUME~1\ALLUSE~1\APPLIC~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[24/03/2010|20:04] H:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[28/07/2010|14:10] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/11/2008|22:08] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/03/2010|20:00] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[16/02/2010|15:03] H:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[29/11/2009|15:27] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[27/09/2009|18:31] H:\DOCUME~1\ALLUSE~1\APPLIC~1\LGMOBILEAX
[28/07/2010|12:19] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[23/04/2009|18:11] H:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[17/05/2010|20:13] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[08/05/2009|11:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[27/07/2006|21:49] H:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[25/11/2006|18:05] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism
[09/08/2006|11:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Program Proc Rdr Logo
[09/04/2009|10:21] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[28/07/2010|14:08] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun
[09/08/2006|12:20] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[27/07/2006|18:39] H:\DOCUME~1\carole\APPLIC~1\Identities
[07/05/2009|19:49] H:\DOCUME~1\carole\APPLIC~1\Macromedia
[07/05/2009|19:50] H:\DOCUME~1\carole\APPLIC~1\Microsoft
[30/01/2007|11:59] H:\DOCUME~1\carole\APPLIC~1\Mozilla

[04/06/2010|12:29] H:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[27/07/2006|10:48] H:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[30/07/2006|09:33] H:\DOCUME~1\DOMINI~1\APPLIC~1\Identities
[28/08/2006|13:54] H:\DOCUME~1\DOMINI~1\APPLIC~1\Macromedia
[20/04/2009|19:54] H:\DOCUME~1\DOMINI~1\APPLIC~1\Microsoft

[25/08/2008|12:40] H:\DOCUME~1\ilan\APPLIC~1\Adobe
[15/04/2007|19:09] H:\DOCUME~1\ilan\APPLIC~1\Apple Computer
[29/07/2006|11:29] H:\DOCUME~1\ilan\APPLIC~1\Identities
[11/02/2007|11:56] H:\DOCUME~1\ilan\APPLIC~1\Macromedia
[20/04/2009|19:54] H:\DOCUME~1\ilan\APPLIC~1\Microsoft

[13/08/2006|21:29] H:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[20/04/2009|19:54] H:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/04/2009|19:54] H:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[07/08/2006|12:11] H:\DOCUME~1\rosa\APPLIC~1\Identities
[20/04/2009|19:54] H:\DOCUME~1\rosa\APPLIC~1\Microsoft

[27/07/2006|11:01] H:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
[20/04/2009|19:54] H:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft

[30/12/2009|17:38] H:\DOCUME~1\LODIE~1\APPLIC~1\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[04/06/2010|12:29] H:\DOCUME~1\LODIE~1\APPLIC~1\Adobe
[05/06/2010|21:03] H:\DOCUME~1\LODIE~1\APPLIC~1\app
[24/03/2010|20:10] H:\DOCUME~1\LODIE~1\APPLIC~1\Apple Computer
[16/02/2010|15:03] H:\DOCUME~1\LODIE~1\APPLIC~1\AVS4YOU
[09/08/2006|15:23] H:\DOCUME~1\LODIE~1\APPLIC~1\BitTorrent
[06/12/2006|20:22] H:\DOCUME~1\LODIE~1\APPLIC~1\Canon
[06/05/2010|10:58] H:\DOCUME~1\LODIE~1\APPLIC~1\CoSoSys
[21/01/2009|20:52] H:\DOCUME~1\LODIE~1\APPLIC~1\DivX
[25/07/2010|17:10] H:\DOCUME~1\LODIE~1\APPLIC~1\Dofus 2
[06/06/2010|08:49] H:\DOCUME~1\LODIE~1\APPLIC~1\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[05/06/2010|21:03] H:\DOCUME~1\LODIE~1\APPLIC~1\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[29/11/2009|15:34] H:\DOCUME~1\LODIE~1\APPLIC~1\Google
[27/07/2006|19:48] H:\DOCUME~1\LODIE~1\APPLIC~1\Help
[27/07/2006|18:52] H:\DOCUME~1\LODIE~1\APPLIC~1\Identities
[17/02/2008|20:41] H:\DOCUME~1\LODIE~1\APPLIC~1\InterTrust
[12/12/2009|16:01] H:\DOCUME~1\LODIE~1\APPLIC~1\LanSearch
[12/02/2009|13:34] H:\DOCUME~1\LODIE~1\APPLIC~1\Lavasoft
[21/12/2009|23:50] H:\DOCUME~1\LODIE~1\APPLIC~1\LG Electronics
[28/07/2010|13:48] H:\DOCUME~1\LODIE~1\APPLIC~1\LimeWire
[09/08/2006|11:01] H:\DOCUME~1\LODIE~1\APPLIC~1\load peak love
[09/08/2006|10:32] H:\DOCUME~1\LODIE~1\APPLIC~1\Macromedia
[28/07/2010|12:20] H:\DOCUME~1\LODIE~1\APPLIC~1\Malwarebytes
[25/08/2006|22:10] H:\DOCUME~1\LODIE~1\APPLIC~1\Media Player Classic
[13/05/2010|21:00] H:\DOCUME~1\LODIE~1\APPLIC~1\Microsoft
[27/01/2007|18:28] H:\DOCUME~1\LODIE~1\APPLIC~1\Mozilla
[18/11/2009|23:27] H:\DOCUME~1\LODIE~1\APPLIC~1\Orange
[12/09/2009|13:55] H:\DOCUME~1\LODIE~1\APPLIC~1\Real
[05/06/2010|21:03] H:\DOCUME~1\LODIE~1\APPLIC~1\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[09/04/2009|10:19] H:\DOCUME~1\LODIE~1\APPLIC~1\Samsung
[09/04/2009|10:21] H:\DOCUME~1\LODIE~1\APPLIC~1\Sony
[08/11/2006|23:21] H:\DOCUME~1\LODIE~1\APPLIC~1\Sun
[09/08/2006|15:56] H:\DOCUME~1\LODIE~1\APPLIC~1\vlc
[09/08/2006|11:01] H:\DOCUME~1\LODIE~1\APPLIC~1\WINDOW IDLE DEAD

--------------------\\ Tâches planifiées dans H:\WINDOWS\tasks

[28/07/2010 20:36][--a------] H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[28/07/2010 20:36][--a------] H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[28/07/2010 18:33][--ah-----] H:\WINDOWS\tasks\User_Feed_Synchronization-{03D5C1B1-5823-4AC2-9683-4D8FE9A98134}.job
[28/07/2010 13:32][--a------] H:\WINDOWS\tasks\AppleSoftwareUpdate.job
[28/07/2010 14:31][--ah-----] H:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] H:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans H:\Program Files

[28/07/2010|14:09] H:\Program Files\Adobe
[27/07/2010|22:12] H:\Program Files\Ad-Remover
[24/03/2010|19:58] H:\Program Files\Apple Software Update
[23/04/2009|18:25] H:\Program Files\AvRack
[16/02/2010|16:08] H:\Program Files\AVS4YOU
[09/06/2010|14:22] H:\Program Files\Bonjour
[25/02/2008|22:43] H:\Program Files\CL-5300 Digital Camera
[27/12/2006|21:32] H:\Program Files\Common Files
[04/09/2009|23:13] H:\Program Files\DivX
[04/06/2010|12:29] H:\Program Files\Dofus 2
[12/12/2009|16:01] H:\Program Files\EMCO
[04/06/2010|12:28] H:\Program Files\Fichiers communs
[28/01/2010|22:16] H:\Program Files\Google
[09/08/2006|10:53] H:\Program Files\Grisoft
[27/07/2010|21:17] H:\Program Files\InstallShield Installation Information
[07/05/2009|11:09] H:\Program Files\Internet Explorer
[06/12/2006|22:09] H:\Program Files\Inventel
[28/07/2010|14:08] H:\Program Files\Java
[04/09/2009|23:16] H:\Program Files\K-Lite Codec Pack
[15/07/2010|17:54] H:\Program Files\LG Electronics
[10/06/2010|22:16] H:\Program Files\LimeWire
[28/07/2010|12:19] H:\Program Files\Malwarebytes' Anti-Malware
[23/04/2009|18:11] H:\Program Files\McAfee
[26/02/2007|19:25] H:\Program Files\Media Player Classic
[08/05/2009|11:02] H:\Program Files\Microsoft
[27/12/2006|21:32] H:\Program Files\Microsoft ActiveSync
[27/07/2006|10:48] H:\Program Files\microsoft frontpage
[15/10/2006|17:56] H:\Program Files\Microsoft Office
[06/10/2009|10:50] H:\Program Files\Microsoft Office Outlook Connector
[07/10/2009|09:01] H:\Program Files\Microsoft Silverlight
[17/05/2010|22:32] H:\Program Files\Microsoft SQL Server Compact Edition
[17/05/2010|22:33] H:\Program Files\Microsoft Sync Framework
[06/12/2006|20:23] H:\Program Files\Microsoft.NET
[17/05/2007|19:18] H:\Program Files\Mindscape
[20/04/2009|18:54] H:\Program Files\movie maker
[12/04/2009|18:34] H:\Program Files\MP3 Player Utilities 4.18
[13/02/2009|15:44] H:\Program Files\msn gaming zone
[17/05/2010|19:59] H:\Program Files\MSN Toolbar
[30/12/2009|17:39] H:\Program Files\MSXML 4.0
[27/07/2006|10:46] H:\Program Files\NetMeeting
[27/07/2006|11:14] H:\Program Files\NVIDIA Corporation
[27/07/2006|10:44] H:\Program Files\Online Services
[27/07/2006|10:46] H:\Program Files\Outlook Express
[07/05/2009|21:05] H:\Program Files\PhotoFiltre
[09/06/2010|14:26] H:\Program Files\QuickTime
[07/05/2009|10:57] H:\Program Files\RALINK
[27/07/2006|11:16] H:\Program Files\Realtek AC97
[27/07/2006|11:16] H:\Program Files\Realtek Sound Manager
[06/12/2006|20:23] H:\Program Files\Securitoo
[27/07/2006|10:47] H:\Program Files\Services en ligne
[30/03/2008|17:58] H:\Program Files\Sierra On-Line
[27/07/2010|22:30] H:\Program Files\trend micro
[27/07/2006|11:01] H:\Program Files\Uninstall Information
[09/08/2006|15:56] H:\Program Files\VideoLAN
[06/12/2006|22:09] H:\Program Files\Wanadoo
[06/12/2006|22:09] H:\Program Files\Wanadoo Messager
[06/12/2006|20:23] H:\Program Files\WebPod Studio
[17/05/2010|22:34] H:\Program Files\Windows Live
[17/05/2010|22:30] H:\Program Files\Windows Live SkyDrive
[06/11/2008|22:07] H:\Program Files\Windows Media Player
[27/07/2006|10:44] H:\Program Files\Windows NT
[27/07/2006|10:47] H:\Program Files\WindowsUpdate
[23/04/2009|18:32] H:\Program Files\WinRAR
[27/07/2006|10:48] H:\Program Files\xerox

--------------------\\ Listing des dossiers dans H:\Program Files\Fichiers communs

[28/07/2010|14:10] H:\Program Files\Fichiers communs\Adobe
[04/06/2010|12:28] H:\Program Files\Fichiers communs\Adobe AIR
[27/07/2010|21:18] H:\Program Files\Fichiers communs\Apple
[16/02/2010|16:08] H:\Program Files\Fichiers communs\AVSMedia
[23/04/2009|18:11] H:\Program Files\Fichiers communs\Cisco Systems
[06/12/2006|20:23] H:\Program Files\Fichiers communs\DESIGNER
[10/05/2009|14:54] H:\Program Files\Fichiers communs\DivX Shared
[09/04/2009|10:33] H:\Program Files\Fichiers communs\DVDVideoSoft
[17/02/2008|20:40] H:\Program Files\Fichiers communs\InstallShield
[28/07/2010|14:08] H:\Program Files\Fichiers communs\Java
[23/04/2009|18:10] H:\Program Files\Fichiers communs\McAfee
[08/05/2009|10:59] H:\Program Files\Fichiers communs\Microsoft Shared
[27/07/2006|10:46] H:\Program Files\Fichiers communs\MSSoap
[27/07/2006|12:35] H:\Program Files\Fichiers communs\ODBC
[27/07/2006|10:46] H:\Program Files\Fichiers communs\Services
[27/07/2006|12:35] H:\Program Files\Fichiers communs\SpeechEngines
[06/10/2009|10:50] H:\Program Files\Fichiers communs\System
[08/05/2009|10:27] H:\Program Files\Fichiers communs\Windows Live

--------------------\\ Process

( 44 Processes )

MsgPlus.exe ~ [PID:3656]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-28 21:22:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:1786][D:147]-> H:\DOCUME~1\LODIE~1\LOCALS~1\Temp
[F:3481][D:0]-> H:\DOCUME~1\LODIE~1\Cookies
[F:22737][D:129]-> H:\DOCUME~1\LODIE~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "H:\Lop SD\LopR_1.txt" - 28/07/2010|20:42 - Option : [1]
2 - "H:\Lop SD\LopR_2.txt" - 28/07/2010|21:23 - Option : [2]

--------------------\\ Fin du rapport a 21:23:38
0
Elo
 
Voici le rapport SystemLook

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 21:32 on 28/07/2010 by élodie (Administrator - Elevation successful)

========== dir ==========

H:\Documents and Settings\élodie\Application Data - Parameters: "(none)"

---Files---
D2Info0 --a--- 201 bytes [19:03 05/06/2010] [15:06 25/07/2010]
desktop.ini --ahs- 62 bytes [16:52 27/07/2006] [16:25 27/07/2006]
DofusAppId0_1 --a--- 8 bytes [06:49 06/06/2010] [18:44 10/06/2010]
DofusAppId0_2 --a--- 8 bytes [19:03 05/06/2010] [16:34 25/07/2010]

---Folders---
Adobe d----- [18:46 17/02/2008]
app d----- [19:03 05/06/2010]
Apple Computer d----- [18:15 04/12/2006]
AVS4YOU d----- [13:03 16/02/2010]
BitTorrent d----- [13:23 09/08/2006]
Canon d----- [18:22 06/12/2006]
CoSoSys d----- [08:58 06/05/2010]
DivX d----- [18:13 21/01/2009]
Dofus 2 d----- [19:03 05/06/2010]
Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 d----- [19:03 05/06/2010]
Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 d----- [06:49 06/06/2010]
Google d----- [13:34 29/11/2009]
Help d----- [17:48 27/07/2006]
Identities d----- [16:52 27/07/2006]
InterTrust d----- [18:41 17/02/2008]
LanSearch d----- [14:01 12/12/2009]
Lavasoft d----- [16:28 27/01/2007]
LG Electronics d----- [18:16 27/09/2009]
LimeWire d----- [18:12 08/06/2010]
load peak love d----- [09:00 09/08/2006]
Macromedia d----- [08:32 09/08/2006]
Malwarebytes d----- [10:20 28/07/2010]
Media Player Classic d----- [20:10 25/08/2006]
Microsoft d---s- [16:52 27/07/2006]
Mozilla d----- [16:27 27/01/2007]
Orange d----- [21:27 18/11/2009]
Real d----- [11:55 12/09/2009]
Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 d----- [19:03 05/06/2010]
Samsung d----- [10:54 09/12/2007]
Sony d----- [08:21 09/04/2009]
Sun d----- [21:21 08/11/2006]
vlc d----- [13:56 09/08/2006]
WINDOW IDLE DEAD d----- [09:01 09/08/2006]
{D94BA408-F110-488B-A65E-3AE7945F79E6} d--h-- [15:38 30/12/2009]

-=End Of File=-
0
Réponse 14 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Très bien pour Lop.
Passe à la suite.
0
Elo
 
Et pour Systèmelook?
0
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
C'est bon aussi.
Regarde la procédure ici :
https://forums.commentcamarche.net/forum/affich-18639508-lecture-d-un-rapport-ac-adremover#24
0
Réponse 15 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Tu es infecté depuis 2006 !

*******

Lopscript :

Relance Lop S&D
Tape F pour être en Français.
Réponds OK au message d'alerte qui s'affiche.
Ensuite, exécute l'option 4 : Lopscript

Copie (Ctrl+C) le texte se situant en gras ci-dessous :


H:\Documents and Settings\All Users\Application Data\Program Proc Rdr Logo
H:\Documents and Settings\All Users\Application Data\load peak love
H:\Documents and Settings\élodie\Application Data\Program Proc Rdr Logo
H:\Documents and Settings\élodie\Application Data\load peak love


Une page blanche va s'ouvrir, colle (Ctrl+v) le texte précédemment copié.
Ferme cette page, il te sera demandé de l'enregistrer, accepte.
/!\ Ne ferme pas la fenêtre lors de la suppression /!\
Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
0
Réponse 16 / 22
Elo
 
Voici le rapport LOP S&D

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : élodie ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan Enterprise 8.5.0.781 (Activated)
Firewall : NVIDIA Firewall 1.0 (Activated)
C:\ (USB)
D:\ (USB) - FAT32 - Total:3779 Mo (Free:3 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (Local Disk) - NTFS - Total:189 Go (Free:161 Go)
I:\ (USB)

"H:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [4] ( 28/07/2010|21:52 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

H:\Documents and Settings\All Users\Application Data\Program Proc Rdr Logo
H:\Documents and Settings\All Users\Application Data\load peak love
H:\Documents and Settings\élodie\Application Data\Program Proc Rdr Logo
H:\Documents and Settings\élodie\Application Data\load peak love

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - H:\Documents and Settings\All Users\Application Data\Program Proc Rdr Logo
... H:\Documents and Settings\All Users\Application Data\load peak love -> n'existe pas !
... H:\Documents and Settings\élodie\Application Data\Program Proc Rdr Logo -> n'existe pas !
Supprime! - H:\Documents and Settings\élodie\Application Data\load peak love

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[09/06/2010|14:30] H:\DOCUME~1\ALLUSE~1\APPLIC~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[24/03/2010|20:04] H:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[28/07/2010|14:10] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/11/2008|22:08] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/03/2010|20:00] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[16/02/2010|15:03] H:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[29/11/2009|15:27] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[27/09/2009|18:31] H:\DOCUME~1\ALLUSE~1\APPLIC~1\LGMOBILEAX
[28/07/2010|12:19] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[23/04/2009|18:11] H:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[17/05/2010|20:13] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[08/05/2009|11:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[27/07/2006|21:49] H:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[25/11/2006|18:05] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism
[09/04/2009|10:21] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[28/07/2010|14:08] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun
[09/08/2006|12:20] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[27/07/2006|18:39] H:\DOCUME~1\carole\APPLIC~1\Identities
[07/05/2009|19:49] H:\DOCUME~1\carole\APPLIC~1\Macromedia
[07/05/2009|19:50] H:\DOCUME~1\carole\APPLIC~1\Microsoft
[30/01/2007|11:59] H:\DOCUME~1\carole\APPLIC~1\Mozilla

[04/06/2010|12:29] H:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[27/07/2006|10:48] H:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[30/07/2006|09:33] H:\DOCUME~1\DOMINI~1\APPLIC~1\Identities
[28/08/2006|13:54] H:\DOCUME~1\DOMINI~1\APPLIC~1\Macromedia
[20/04/2009|19:54] H:\DOCUME~1\DOMINI~1\APPLIC~1\Microsoft

[25/08/2008|12:40] H:\DOCUME~1\ilan\APPLIC~1\Adobe
[15/04/2007|19:09] H:\DOCUME~1\ilan\APPLIC~1\Apple Computer
[29/07/2006|11:29] H:\DOCUME~1\ilan\APPLIC~1\Identities
[11/02/2007|11:56] H:\DOCUME~1\ilan\APPLIC~1\Macromedia
[20/04/2009|19:54] H:\DOCUME~1\ilan\APPLIC~1\Microsoft

[13/08/2006|21:29] H:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[20/04/2009|19:54] H:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/04/2009|19:54] H:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[07/08/2006|12:11] H:\DOCUME~1\rosa\APPLIC~1\Identities
[20/04/2009|19:54] H:\DOCUME~1\rosa\APPLIC~1\Microsoft

[27/07/2006|11:01] H:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
[20/04/2009|19:54] H:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft

[30/12/2009|17:38] H:\DOCUME~1\LODIE~1\APPLIC~1\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[04/06/2010|12:29] H:\DOCUME~1\LODIE~1\APPLIC~1\Adobe
[05/06/2010|21:03] H:\DOCUME~1\LODIE~1\APPLIC~1\app
[24/03/2010|20:10] H:\DOCUME~1\LODIE~1\APPLIC~1\Apple Computer
[16/02/2010|15:03] H:\DOCUME~1\LODIE~1\APPLIC~1\AVS4YOU
[09/08/2006|15:23] H:\DOCUME~1\LODIE~1\APPLIC~1\BitTorrent
[06/12/2006|20:22] H:\DOCUME~1\LODIE~1\APPLIC~1\Canon
[06/05/2010|10:58] H:\DOCUME~1\LODIE~1\APPLIC~1\CoSoSys
[21/01/2009|20:52] H:\DOCUME~1\LODIE~1\APPLIC~1\DivX
[25/07/2010|17:10] H:\DOCUME~1\LODIE~1\APPLIC~1\Dofus 2
[06/06/2010|08:49] H:\DOCUME~1\LODIE~1\APPLIC~1\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[05/06/2010|21:03] H:\DOCUME~1\LODIE~1\APPLIC~1\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[29/11/2009|15:34] H:\DOCUME~1\LODIE~1\APPLIC~1\Google
[27/07/2006|19:48] H:\DOCUME~1\LODIE~1\APPLIC~1\Help
[27/07/2006|18:52] H:\DOCUME~1\LODIE~1\APPLIC~1\Identities
[17/02/2008|20:41] H:\DOCUME~1\LODIE~1\APPLIC~1\InterTrust
[12/12/2009|16:01] H:\DOCUME~1\LODIE~1\APPLIC~1\LanSearch
[12/02/2009|13:34] H:\DOCUME~1\LODIE~1\APPLIC~1\Lavasoft
[21/12/2009|23:50] H:\DOCUME~1\LODIE~1\APPLIC~1\LG Electronics
[28/07/2010|14:32] H:\DOCUME~1\LODIE~1\APPLIC~1\LimeWire
[09/08/2006|10:32] H:\DOCUME~1\LODIE~1\APPLIC~1\Macromedia
[28/07/2010|12:20] H:\DOCUME~1\LODIE~1\APPLIC~1\Malwarebytes
[25/08/2006|22:10] H:\DOCUME~1\LODIE~1\APPLIC~1\Media Player Classic
[13/05/2010|21:00] H:\DOCUME~1\LODIE~1\APPLIC~1\Microsoft
[27/01/2007|18:28] H:\DOCUME~1\LODIE~1\APPLIC~1\Mozilla
[18/11/2009|23:27] H:\DOCUME~1\LODIE~1\APPLIC~1\Orange
[12/09/2009|13:55] H:\DOCUME~1\LODIE~1\APPLIC~1\Real
[05/06/2010|21:03] H:\DOCUME~1\LODIE~1\APPLIC~1\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[09/04/2009|10:19] H:\DOCUME~1\LODIE~1\APPLIC~1\Samsung
[09/04/2009|10:21] H:\DOCUME~1\LODIE~1\APPLIC~1\Sony
[08/11/2006|23:21] H:\DOCUME~1\LODIE~1\APPLIC~1\Sun
[09/08/2006|15:56] H:\DOCUME~1\LODIE~1\APPLIC~1\vlc
[09/08/2006|11:01] H:\DOCUME~1\LODIE~1\APPLIC~1\WINDOW IDLE DEAD

--------------------\\ Tâches planifiées dans H:\WINDOWS\tasks

[28/07/2010 21:36][--a------] H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[28/07/2010 20:36][--a------] H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[28/07/2010 18:33][--ah-----] H:\WINDOWS\tasks\User_Feed_Synchronization-{03D5C1B1-5823-4AC2-9683-4D8FE9A98134}.job
[28/07/2010 13:32][--a------] H:\WINDOWS\tasks\AppleSoftwareUpdate.job
[28/07/2010 14:31][--ah-----] H:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] H:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans H:\Program Files

[28/07/2010|14:09] H:\Program Files\Adobe
[27/07/2010|22:12] H:\Program Files\Ad-Remover
[24/03/2010|19:58] H:\Program Files\Apple Software Update
[23/04/2009|18:25] H:\Program Files\AvRack
[16/02/2010|16:08] H:\Program Files\AVS4YOU
[09/06/2010|14:22] H:\Program Files\Bonjour
[25/02/2008|22:43] H:\Program Files\CL-5300 Digital Camera
[27/12/2006|21:32] H:\Program Files\Common Files
[04/09/2009|23:13] H:\Program Files\DivX
[04/06/2010|12:29] H:\Program Files\Dofus 2
[12/12/2009|16:01] H:\Program Files\EMCO
[04/06/2010|12:28] H:\Program Files\Fichiers communs
[28/01/2010|22:16] H:\Program Files\Google
[09/08/2006|10:53] H:\Program Files\Grisoft
[27/07/2010|21:17] H:\Program Files\InstallShield Installation Information
[07/05/2009|11:09] H:\Program Files\Internet Explorer
[06/12/2006|22:09] H:\Program Files\Inventel
[28/07/2010|14:08] H:\Program Files\Java
[04/09/2009|23:16] H:\Program Files\K-Lite Codec Pack
[15/07/2010|17:54] H:\Program Files\LG Electronics
[10/06/2010|22:16] H:\Program Files\LimeWire
[28/07/2010|12:19] H:\Program Files\Malwarebytes' Anti-Malware
[23/04/2009|18:11] H:\Program Files\McAfee
[26/02/2007|19:25] H:\Program Files\Media Player Classic
[08/05/2009|11:02] H:\Program Files\Microsoft
[27/12/2006|21:32] H:\Program Files\Microsoft ActiveSync
[27/07/2006|10:48] H:\Program Files\microsoft frontpage
[15/10/2006|17:56] H:\Program Files\Microsoft Office
[06/10/2009|10:50] H:\Program Files\Microsoft Office Outlook Connector
[07/10/2009|09:01] H:\Program Files\Microsoft Silverlight
[17/05/2010|22:32] H:\Program Files\Microsoft SQL Server Compact Edition
[17/05/2010|22:33] H:\Program Files\Microsoft Sync Framework
[06/12/2006|20:23] H:\Program Files\Microsoft.NET
[17/05/2007|19:18] H:\Program Files\Mindscape
[20/04/2009|18:54] H:\Program Files\movie maker
[12/04/2009|18:34] H:\Program Files\MP3 Player Utilities 4.18
[13/02/2009|15:44] H:\Program Files\msn gaming zone
[17/05/2010|19:59] H:\Program Files\MSN Toolbar
[30/12/2009|17:39] H:\Program Files\MSXML 4.0
[27/07/2006|10:46] H:\Program Files\NetMeeting
[27/07/2006|11:14] H:\Program Files\NVIDIA Corporation
[27/07/2006|10:44] H:\Program Files\Online Services
[27/07/2006|10:46] H:\Program Files\Outlook Express
[07/05/2009|21:05] H:\Program Files\PhotoFiltre
[09/06/2010|14:26] H:\Program Files\QuickTime
[07/05/2009|10:57] H:\Program Files\RALINK
[27/07/2006|11:16] H:\Program Files\Realtek AC97
[27/07/2006|11:16] H:\Program Files\Realtek Sound Manager
[06/12/2006|20:23] H:\Program Files\Securitoo
[27/07/2006|10:47] H:\Program Files\Services en ligne
[30/03/2008|17:58] H:\Program Files\Sierra On-Line
[27/07/2010|22:30] H:\Program Files\trend micro
[27/07/2006|11:01] H:\Program Files\Uninstall Information
[09/08/2006|15:56] H:\Program Files\VideoLAN
[06/12/2006|22:09] H:\Program Files\Wanadoo
[06/12/2006|22:09] H:\Program Files\Wanadoo Messager
[06/12/2006|20:23] H:\Program Files\WebPod Studio
[17/05/2010|22:34] H:\Program Files\Windows Live
[17/05/2010|22:30] H:\Program Files\Windows Live SkyDrive
[06/11/2008|22:07] H:\Program Files\Windows Media Player
[27/07/2006|10:44] H:\Program Files\Windows NT
[27/07/2006|10:47] H:\Program Files\WindowsUpdate
[23/04/2009|18:32] H:\Program Files\WinRAR
[27/07/2006|10:48] H:\Program Files\xerox

--------------------\\ Listing des dossiers dans H:\Program Files\Fichiers communs

[28/07/2010|14:10] H:\Program Files\Fichiers communs\Adobe
[04/06/2010|12:28] H:\Program Files\Fichiers communs\Adobe AIR
[27/07/2010|21:18] H:\Program Files\Fichiers communs\Apple
[16/02/2010|16:08] H:\Program Files\Fichiers communs\AVSMedia
[23/04/2009|18:11] H:\Program Files\Fichiers communs\Cisco Systems
[06/12/2006|20:23] H:\Program Files\Fichiers communs\DESIGNER
[10/05/2009|14:54] H:\Program Files\Fichiers communs\DivX Shared
[09/04/2009|10:33] H:\Program Files\Fichiers communs\DVDVideoSoft
[17/02/2008|20:40] H:\Program Files\Fichiers communs\InstallShield
[28/07/2010|14:08] H:\Program Files\Fichiers communs\Java
[23/04/2009|18:10] H:\Program Files\Fichiers communs\McAfee
[08/05/2009|10:59] H:\Program Files\Fichiers communs\Microsoft Shared
[27/07/2006|10:46] H:\Program Files\Fichiers communs\MSSoap
[27/07/2006|12:35] H:\Program Files\Fichiers communs\ODBC
[27/07/2006|10:46] H:\Program Files\Fichiers communs\Services
[27/07/2006|12:35] H:\Program Files\Fichiers communs\SpeechEngines
[06/10/2009|10:50] H:\Program Files\Fichiers communs\System
[08/05/2009|10:27] H:\Program Files\Fichiers communs\Windows Live

--------------------\\ Process

( 44 Processes )

MsgPlus.exe ~ [PID:3656]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-28 21:54:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:1786][D:147]-> H:\DOCUME~1\LODIE~1\LOCALS~1\Temp
[F:3481][D:0]-> H:\DOCUME~1\LODIE~1\Cookies
[F:22574][D:129]-> H:\DOCUME~1\LODIE~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "H:\Lop SD\LopR_1.txt" - 28/07/2010|20:42 - Option : [1]
2 - "H:\Lop SD\LopR_2.txt" - 28/07/2010|21:23 - Option : [2]
3 - "H:\Lop SD\LopR_3.txt" - 28/07/2010|21:56 - Option : [4]

--------------------\\ Fin du rapport a 21:56:04
0
Réponse 17 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Parfait.
Comment va le PC ?
Poste un nouveau rapport RSIT stp en l'installant correctement comme il est dit dans ma procédure :

https://forums.commentcamarche.net/forum/affich-18639508-lecture-d-un-rapport-ac-adremover#4
0
Elo
 
Je ne peux pas envoyer le rapport ou est t'il que je te l'envoie avec cijoint.fr stp??

Un seul fichier ouvert avec le bloc note c'est le bon ?

Le Pc va bien les infections sont t'elles à l'origine du disfonctionement le la carte mémoire de mon appareil photo, mon Ipod et mon téléphone ??
0
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Oui, c'est le bon.
Envoie-le sur Cijoint.
0
Elo
 
http://www.cijoint.fr/cjlink.php?file=cj201007/cijlXCrC2r.txt

Voila !
0
Réponse 18 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Et "Comment va le PC ?"

*******

/!\ Procédure réservée à Elo. Ne tentez pas de la reproduire si vous avez un problème similaire sous peine de planter votre machine /!\
Télécharge OTM (de Old_Timer) sur ton Bureau.
= = = = >>> En cliquant ici <<< = = = =
Une fois installé sur le bureau, double-clique sur OTM.exe pour le lancer.
Copie la liste qui se trouve en gras ci-dessous, et colle-la dans le cadre de gauche de OTM :
Paste Instructions for Items to be moved.

:Procedure is:

:Services
NirSoft Service Controler

:Files
H:\WINDOWS\system32\drivers\NirCmd.exe

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"\??\H:\WINDOWS\system32\winlogon.exe"=-

:Commands
[purity]
[emptytemp]
[Reboot]

Clique sur MoveIt! pour lancer la suppression.
Après avoir fait Moveit!, une fenêtre s'affiche :
"The system requires a reboot to finish removing files. Do you want to reboot now ?"
Réponds Yes.
Le résultat apparaîtra dans le cadre "Results".
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

**********

Lance Hijackthis.
Il se situe ici :
H:\Program Files\trend micro\élodie.exe

Clique sur "Do a system scan only".
Coche ces lignes : 
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\SYSTEM32\DRIVERS 
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE 
O4 - HKLM\..\Run: [Rdr logo regs copy] H:\Documents and Settings\All Users\Application Data\Program Proc Rdr Logo\Ooze army.exe 
O4 - HKCU\..\Run: [Title Beep] H:\DOCUME~1\LODIE~1\APPLIC~1\LOADPE~1\Vc anti road.exe 
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install 
O4 - HKLM\..\Run: [MessengerPlus3] "H:\Documents and Settings\élodie\Bureau\MON ESPACE\LOGICIEL\MsgPlus.exe" 
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" 
O4 - HKCU\..\Run: [MessengerPlus3] "H:\Documents and Settings\élodie\Bureau\MON ESPACE\LOGICIEL\MsgPlus.exe" /WinStart 
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe 
O4 - HKCU\..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" 
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') 
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') 
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe

Clique ensuite sur fix checked.
Ferme Hijackthis.

T'as un problème ? Passe sur CCM!
Il n'y a pas de problème sans solution.
0
Réponse 19 / 22
Elo
 
All processes killed
Error: Unable to interpret <:Procedure is: > in the current context!
========== SERVICES/DRIVERS ==========
Service NirSoft Service Controler stopped successfully!
Service NirSoft Service Controler deleted successfully!
========== FILES ==========
File/Folder H:\WINDOWS\system32\drivers\NirCmd.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\\??\H:\WINDOWS\system32\winlogon.exe deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: carole
->Temp folder emptied: 514338 bytes
->Temporary Internet Files folder emptied: 7828473 bytes
->FireFox cache emptied: 720739 bytes
->Flash cache emptied: 348 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: dominique
->Temp folder emptied: 124458 bytes
->Temporary Internet Files folder emptied: 7968754 bytes
->Flash cache emptied: 348 bytes

User: ilan
->Temp folder emptied: 51850509 bytes
->Temporary Internet Files folder emptied: 29315597 bytes
->Flash cache emptied: 708 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 7952283 bytes
->Flash cache emptied: 300 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: rosa
->Temp folder emptied: 27479177 bytes
->Temporary Internet Files folder emptied: 187522 bytes

User: Utilisateur
->Temp folder emptied: 2242280 bytes
->Temporary Internet Files folder emptied: 1888269 bytes

User: élodie
->Temp folder emptied: 1101621228 bytes
->Temporary Internet Files folder emptied: 1218050460 bytes
->Java cache emptied: 78502955 bytes
->FireFox cache emptied: 721763 bytes
->Flash cache emptied: 7015213 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 100874503 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 144543 bytes

Total Files Cleaned = 2 529,00 mb

OTM by OldTimer - Version 3.1.15.0 log created on 07282010_223829
All processes killed

OTM by OldTimer - Version 3.1.15.0 log created on 07282010_223829

Files moved on Reboot...
File H:\Documents and Settings\élodie\Local Settings\Temp\~DF3F2E.tmp not found!
File H:\Documents and Settings\élodie\Local Settings\Temp\~DF408F.tmp not found!
File H:\Documents and Settings\élodie\Local Settings\Temp\~DF411E.tmp not found!
File H:\Documents and Settings\élodie\Local Settings\Temp\~DF414F.tmp not found!
File H:\Documents and Settings\élodie\Local Settings\Temp\~DF43A3.tmp not found!
File H:\Documents and Settings\élodie\Local Settings\Temp\~DF44C5.tmp not found!
File H:\Documents and Settings\élodie\Local Settings\Temp\~DFC32E.tmp not found!
File H:\Documents and Settings\élodie\Local Settings\Temp\~DFE16C.tmp not found!
H:\Documents and Settings\élodie\Local Settings\Temporary Internet Files\Content.IE5\SS2ITFHG\ads[5].htm moved successfully.
H:\Documents and Settings\élodie\Local Settings\Temporary Internet Files\Content.IE5\HD485N8R\affich-18639508-lecture-d-un-rapport-ac-adremover[1].txt moved successfully.
H:\Documents and Settings\élodie\Local Settings\Temporary Internet Files\Content.IE5\EE737J3A\ads[3].htm moved successfully.
H:\Documents and Settings\élodie\Local Settings\Temporary Internet Files\Content.IE5\04OW2AP6\affich-18639508-lecture-d-un-rapport-ac-adremover[1].txt moved successfully.
H:\Documents and Settings\élodie\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
H:\Documents and Settings\élodie\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.

Registry entries deleted on Reboot...
0
Elo
 
Petite coupure d'ordi je pense que la manip est nulle ?
0
Réponse 20 / 22
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Bien pour OTM.
Je te laisse passer à la suite.
0
Elo
 
Voila manip avec Hijackthis faite...
0
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Et le PC, comment va-t-il ?
0
Elo
 
Il va bien enfin pour moi il va bien (je ne suis pas une grande pro en informatique :) ) et avec les manips faitent mes pb de carte d'appareil photos et de Ipod devrai être réglés?
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
Message "Un bloqueur de publicité empêche la lecture..."
pistouri -
pistouri -

0 réponse
Erreur de lecture sur iptv smarters
Bogs -
bazfile -

1 réponse