Adware.lop besoin d'aide.

Hélène -  
 moe -
J'ai adware.lop sur mon ordinateur et je ne sais comment le supprimer. C'est le logiciel gratuit de symantec inclut dans le pack Google qui l'a remarqué alors que Avast et Spyware Doctor n'avaient rien capter. J'inclus le rapport de HijackThis. J'espere que quelqu'un pourra me donner la solution. Merci d'avance.

Logfile of HijackThis v1.99.1
Scan saved at 19:19:48, on 20/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Messenger Plus! 3\MsgPlus1.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\apps\ABoard\AOSD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\HLNELE~1\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus1.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKCU\..\Run: [MP3Chansons] rundll32.exe C:\WINDOWS\system32\MSA64CHK.dll,DllMostrar Matrix_HTML:MP3Chansons:t
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk045YYFR
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: MP3Chansons - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\MP3Chansons (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/installer-hidden-test.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/online2/chainz_2/mjolauncher.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game12.zylom.servicesalacarte.wanadoo.fr/activex/zylomloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://jeux.wanadoo.fr/online2/diner_dash/DinerDash.1.0.0.58.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/online2/rocket_mania/Oberongamesloader.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: -oxcfxmzj - C:\WINDOWS\system32\jgyzgc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

69 réponses

Précédent
Réponse 21 / 69
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
essaye sur ce lien



https://www.informatruc.com



fix ces lignes avec hijackthis

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O20 - Winlogon Notify: -oxcfxmzj - C:\WINDOWS\system32\jgyzgc.dll (file missing)







si ca persiste


fix aussi ces lignes


O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/installer-hidden-test.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab


O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/online2/chainz_2/mjolauncher.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game12.zylom.servicesalacarte.wanadoo.fr/activex/zylomloader.cab

O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://jeux.wanadoo.fr/online2/diner_dash/DinerDash.1.0.0.58.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/online2/rocket_mania/Oberongamesloader.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
0
Réponse 22 / 69
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonjour,

pour avancer sur lop :
Télécharge lopxp

http://www.alt-shift-return.org/Info/Fichiers/lopxpMH2.zip


dezippe le (clic droit dessus > extraire tout)
et lance lopxpmh.bat en double-cliquant dessus
quand il à terminé, un rapport s'ouvre , copie et colle le contenu dans ta réponse.
@+
0
Réponse 23 / 69
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt Lyonnais92

dis moi est ce que tu sais si le logiciel lopremver trouvé sur le site malekal est fiable ou pas car considéré par certain antivirus comme nefaste


http://clairvoyant.p2pforum.it/tools/lopremover.zip
0
Réponse 24 / 69
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonjour,

je ne sais pas.

Lop, je l'éradique à la main (avec de la chance, il suffit de faire désinstaller le sponsor de MSN, au pire, 2 clés à fixer par Hijackthis, un fichier et 2 à 4 dossiers à supprimer, OTMoveIt s'en sort très bien).
@+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 69
Hélène
 
Le rapport Clean up:

CleanUp! started on 07/23/07 16:48:45.
...
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\CP0NYIGK\0,,9810,00[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\CP0NYIGK\371698-2162558-458-238[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\CP0NYIGK\box2_482x155[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\CP0NYIGK\box_abonne_482x138[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\CP0NYIGK\favicon[1].ico - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\CP0NYIGK\flashlib[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\CP0NYIGK\hit[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\0,,9295,00[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\09047[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\2319372[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\38445_MobileGuetta6060v8[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\ads[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\bg_bouton_prospect[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\coeur[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\new[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\Nuits_gratuites_Afrique_du_Nord_160x600[1].swf - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\pi_abonne2[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\DPHD11GS\se-faire-aider-s[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\G74G6D1G\0,,10830,00[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\G74G6D1G\0000007325_000000000000000405917[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\G74G6D1G\box_482x114[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\G74G6D1G\box_actu_on_428x214[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\G74G6D1G\commentcamarche[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\G74G6D1G\dot[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\G74G6D1G\hit[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\G74G6D1G\player_precedente[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\G74G6D1G\tf1[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\16162654_300x250ppbonplan[1].swf - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\2339165_35[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\37702_unfilalapatte[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\ads[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\ads[2].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\boc_milieux_165[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\box_bas_165[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\consumer$20av$20scanner$201.0$20for$20google_microdefsb.curdefs_symalllanguages_livetri[1].zip - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\emailButton[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\fond_302[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\indent1[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\informatruc[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\player_pause_2[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\search[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\K87UTWU5\subhead_bg[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\0,,9299,00[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\2348226_1153[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\38442_SiteETE170120v5[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\ads[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\ads[2].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\arrow[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\B2212348[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\bottom_980[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\box_top_165x29[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\btn_recherche[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\consumer$20av$20scanner$201.0$20for$20google_microdefsb.jun_symalllanguages_livetri[1].zip - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\dossier-reseau[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\dossier-video[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\favicon[1].ico - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\fond[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\forum[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\mrs06256_scor_why_300x250[1].swf - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\player_suivant[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\point01[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\P1J6RW6R\template_css[1].css - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\0,,9292,00[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\0,,e0NBVF9JRFMgVU5WX0lEIFNUQ19JRCBDT01fSUR9IHsxMzMgMSAyIDB9,00[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\01[1] - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\1248438694@Left2!Left2[1] - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\ads[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\ads[2].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\ang_haut_302[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\btn_alice_az[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\carreblock[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\comportemental[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\dossier-audio[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\dossier-jeuxvideos[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\dossier-materiel[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\EXO_300x250_m1[1].swf - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\favicon[1].ico - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\getmsg[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\i.p.lastpg[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\icoimp2[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\icon_exclaim[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\imgad[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\pi_assistance2[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\pi_demarrage2[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\player_bg[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\printButton[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\repondre-dte[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\spring_merch_generic_728x90[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\SP45TKPH\window[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\2141344_35[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\2343517_35[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\3-728x90_ulteem_polaroid[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\38414_thalasso[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\38443_StarsTOPMODEL10060v5[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\674784368[1] - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\ads[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\autres-messages-bleu[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\autres-messages[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\button_bg[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\carre2[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\charte-commercial[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\dossier-macos[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\dossier-webmastering[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\effects[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\empty[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\getmsg[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\google[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\i.F42B5[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\i.p.nextpg[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\icon_arrow[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\inv[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\ix[1].e - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\mrs06256_tick_728x90[1].swf - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\pi_offres2[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\pi_shopping_transp[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\styles2007[1].css - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\T3109TUX\style[1].css - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\0,,10827,00[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\120x600_balneaire[1].swf - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\38438_Lost-Desmond2[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\83t[1].jpg - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\ads[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\ads[2].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\ads[3].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\ads[4].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\ads[5].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\B2212348[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\bgcolor[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\bg_recherche[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\carrevalid[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\ccm[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\charte-peace[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\coin_basdroit[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\contrat_alice[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\dossier-dev[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\dossier-tux[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\EXO_300x250_m3[1].swf - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\fichier[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\fleche_rouge_bas[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\fond-carte-pci[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\hardware[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\hit[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\hit[2].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\hit[3].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\homeleft[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\homeright[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\HoTMaiL[1].htm - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\i.F424A[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\i.p.cal.note[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\i.p.cont.group[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\i.p.delete[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\i.p.folder.inbox[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\i.p.folder[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\i.p.fwd[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\i.p.importance.h[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\i.p.prevpg.d[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\i.p.putinfolder[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\icofav[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\icozip2[2].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\icozip[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\imgad[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\magicien[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\maintenance[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\mrs06256_tick_728x90[1].swf - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\Nuits_gratuites-Med_160x600[1].swf - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\Nuits_gratuites_Afrique_du_Nord_160x600[1].swf - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\pdf_button[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\pi_mail2[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\plus[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\sbtnbk[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\scripts2007[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\se-depanner-s[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\securite[2].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\separateur_points[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\sur-yahoo[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\systeme[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\tab.separator.end[1].gif - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\Tagcomportemental[1].js - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\web[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\world[1].png - deleted
C:\Documents and Settings\Hélène Legrand\Local Settings\Temporary Internet Files\Content.IE5\YP399XF5\xiti[1].js - deleted
C:\Documents and Settings\Default User\Cookies\index.dat - deleted
C:\Documents and Settings\Default User\locals~1\tempor~1\Content.IE5\index.dat - deleted
C:\Documents and Settings\Default User\Cookies\index.dat - deleted
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\index.dat - deleted
C:\Documents and Settings\Administrateur\Cookies\index.dat - deleted
C:\Documents and Settings\Administrateur\locals~1\tempor~1\Content.IE5\index.dat - deleted
C:\Documents and Settings\Administrateur\Cookies\index.dat - deleted
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat - deleted
Emptied Recycle Bin on drive C:
'Run MRU' list - removed from the registry.
'Doc Find Spec MRU' list - removed from the registry.
'FindComputerMRU' list - removed from the registry.
'ComputerNameMRU' list - removed from the registry.
'ContainingTextMRU' list - removed from the registry.
'FilesNamedMRU' list - removed from the registry.
Search Assistant MRU list - removed from the registry.
Explorer Open/Save MRU list - removed from the registry.
Explorer Last Visited MRU list - removed from the registry.
Paint Recent File List - removed from the registry.
WordPad Recent File List - removed from the registry.
Telnet's MRU list - removed from the registry.
Windows Media Player Recent File List - removed from the registry.
WinZip Extract MRU list - removed from the registry.
WinZip File MRU list - removed from the registry.
CleanUp! 4.5.2 recovered 557.9 MB of disk space from 49079 files.
CleanUp! finished on 07/23/07 16:55:58.
0
Réponse 26 / 69
Hélène
 
Le rapport Hitjackthis après avoir fixer tout les lignes au dessus.

Logfile of HijackThis v1.99.1
Scan saved at 17:08:38, on 23/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Hélène Legrand\Mes documents\jean-marie.legrand5\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKCU\..\Run: [MP3Chansons] rundll32.exe C:\WINDOWS\system32\MSA64CHK.dll,DllMostrar Matrix_HTML:MP3Chansons:t
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk045YYFR
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: MP3Chansons - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\MP3Chansons (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0
Réponse 27 / 69
Hélène
 
Voila le rapport Lopxp:

Rapport lopxpMH2 version 2.0 fait à 17:19:12,01 le 23/07/2007
C:\Documents and Settings\Hélène Legrand\Mes documents\jean-marie.legrand5\lopxpMH2

******************************************
## Répertoires Application Data

Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Administrateur\Application Data

23/07/2007 14:28 <REP> .
23/07/2007 14:28 <REP> ..
23/07/2007 14:28 <REP> Identities
23/07/2007 14:28 <REP> Microsoft
23/07/2007 14:28 <REP> Real
23/07/2007 14:28 <REP> Sun
23/07/2007 14:28 <REP> Symantec
23/07/2007 14:28 <REP> You've Got Pictures Screensaver
23/07/2007 14:28 62 desktop.ini
1 fichier(s) 62 octets
8 Rép(s) 162 275 934 208 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data

23/07/2007 14:28 <REP> .
23/07/2007 14:28 <REP> ..
23/07/2007 14:28 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142050}
23/07/2007 14:28 <REP> Microsoft
23/07/2007 14:28 <REP> Powercinema
23/07/2007 14:28 1 656 336 IconCache.db
1 fichier(s) 1 656 336 octets
5 Rép(s) 162 275 934 208 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\All Users\Application Data

16/08/2004 18:54 <REP> .
16/08/2004 18:54 <REP> ..
12/05/2007 12:48 <REP> Adobe
16/12/2005 10:04 <REP> AOL
07/12/2006 20:47 <REP> Apple Computer
05/01/2007 12:12 <REP> Google
03/02/2006 19:45 <REP> Grisoft
14/01/2005 19:43 <REP> Less Vc Defy Option
06/11/2005 11:52 <REP> Macrovision
16/08/2004 18:54 <REP> Microsoft
11/02/2005 19:24 <REP> MSScanAppDataDir
14/02/2005 19:37 <REP> OLYMPUS
22/02/2005 17:20 <REP> pixelStorm
29/05/2006 21:15 <REP> PlayFirst
13/06/2006 17:34 <REP> PopCap
20/12/2004 12:25 <REP> QuickTime
16/08/2004 19:28 <REP> SBSI
20/12/2004 12:27 <REP> Symantec
12/05/2007 12:41 <REP> TEMP
20/12/2004 12:25 <REP> Viewpoint
21/08/2005 11:02 <REP> Windows Genuine Advantage
16/08/2004 18:55 62 desktop.ini
13/01/2005 22:07 1 135 hpzinstall.log
2 fichier(s) 1 197 octets
21 Rép(s) 162 275 934 208 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Default User\Application Data

16/08/2004 18:54 <REP> .
16/08/2004 18:54 <REP> ..
13/01/2005 21:29 <REP> Identities
16/08/2004 18:54 <REP> Microsoft
13/01/2005 21:29 <REP> Real
13/01/2005 21:29 <REP> Sun
13/01/2005 21:29 <REP> Symantec
13/01/2005 21:29 <REP> You've Got Pictures Screensaver
16/08/2004 18:54 62 desktop.ini
1 fichier(s) 62 octets
8 Rép(s) 162 275 938 304 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

16/08/2004 18:55 <REP> .
16/08/2004 18:55 <REP> ..
13/01/2005 21:29 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142050}
16/08/2004 19:10 <REP> Microsoft
13/01/2005 21:29 <REP> Powercinema
13/01/2005 21:29 2 690 846 IconCache.db
1 fichier(s) 2 690 846 octets
5 Rép(s) 162 275 934 208 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Hélène Legrand\Application Data

13/01/2005 21:30 <REP> .
13/01/2005 21:30 <REP> ..
18/02/2005 17:40 <REP> Adobe
18/02/2005 17:41 <REP> AdobeUM
30/03/2005 20:32 <REP> Aim
07/12/2006 20:50 <REP> Apple Computer
22/01/2005 14:35 <REP> Atari
03/02/2006 19:45 <REP> AVG7
27/08/2005 10:01 <REP> Cdrom Heck Copy
29/12/2006 18:05 <REP> Chessmaster Challenge
14/01/2005 23:30 <REP> CyberLink
05/01/2007 13:45 <REP> Google
13/03/2005 12:10 <REP> Help
13/01/2005 21:30 <REP> Identities
14/01/2005 19:43 <REP> info thunk
02/04/2005 15:38 <REP> InterTrust
24/04/2005 08:35 <REP> Leadertech
13/01/2005 22:04 <REP> Macromedia
13/01/2005 21:30 <REP> Microsoft
12/05/2007 13:42 <REP> Mozilla
13/01/2005 22:36 <REP> MSNInstaller
12/05/2007 12:40 <REP> PC Tools
06/02/2006 22:41 <REP> Picajet.com
29/05/2006 21:15 <REP> PlayFirst
13/01/2005 21:30 <REP> Real
24/04/2005 08:38 <REP> Sonic
13/01/2005 21:30 <REP> Sun
13/01/2005 21:30 <REP> Symantec
12/05/2007 13:43 <REP> Talkback
19/04/2005 11:34 <REP> Template
13/01/2005 21:30 62 desktop.ini
19/08/2006 11:17 7 867 GdiplusUpgrade_MSIApproach_Wrapper.log
17/01/2007 19:44 1 804 HPCOM_48BitScanUpdate.log
21/08/2005 10:17 4 096 Thumbs.db
31/03/2005 18:00 9 668 ViewerApp.dat
01/02/2006 14:00 17 078 ViewerTN.tn
6 fichier(s) 40 575 octets
30 Rép(s) 162 275 934 208 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Hélène Legrand\Local Settings\Application Data

13/01/2005 21:30 <REP> .
13/01/2005 21:30 <REP> ..
19/09/2006 20:07 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142010}
13/01/2005 21:30 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142050}
18/02/2005 17:41 <REP> Adobe
07/12/2006 20:50 <REP> Apple Computer
21/01/2005 19:03 <REP> ApplicationHistory
05/01/2007 13:45 <REP> Google
13/03/2005 12:10 <REP> Help
21/01/2005 19:04 <REP> HP
16/01/2005 22:07 <REP> Identities
21/01/2005 19:04 <REP> IsolatedStorage
13/01/2005 21:30 <REP> Microsoft
12/05/2007 13:42 <REP> Mozilla
13/01/2005 21:30 <REP> Powercinema
30/05/2005 17:19 <REP> Wildtangent
21/09/2006 20:32 <REP> WMTools Downloaded Files
06/04/2005 20:29 65 024 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
21/01/2005 19:03 137 fusioncache.dat
21/01/2005 19:03 77 848 GDIPFONTCACHEV1.DAT
13/01/2005 21:30 6 925 374 IconCache.db
4 fichier(s) 7 068 383 octets
17 Rép(s) 162 275 934 208 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Jean-Marie Legrand\Application Data

13/01/2005 22:20 <REP> .
13/01/2005 22:20 <REP> ..
07/02/2005 19:00 <REP> Adobe
07/02/2005 19:01 <REP> AdobeUM
30/01/2005 09:32 <REP> CyberLink
10/01/2007 12:47 <REP> Google
12/09/2005 22:12 <REP> Help
21/08/2005 11:26 <REP> info thunk
13/01/2005 22:51 <REP> Macromedia
13/01/2005 22:20 <REP> Microsoft
13/01/2005 22:20 <REP> Real
26/01/2007 16:03 <REP> Sun
13/01/2005 22:20 <REP> Symantec
13/10/2006 07:14 <REP> Template
13/01/2005 22:20 62 desktop.ini
11/07/2005 19:36 284 ViewerApp.dat
2 fichier(s) 346 octets
14 Rép(s) 162 275 930 112 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Jean-Marie Legrand\Local Settings\Application Data

13/01/2005 22:20 <REP> .
13/01/2005 22:20 <REP> ..
13/01/2005 22:20 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142050}
07/02/2005 19:01 <REP> Adobe
18/12/2006 17:35 <REP> Apple Computer
16/01/2005 07:36 <REP> ApplicationHistory
10/01/2007 12:47 <REP> Google
12/09/2005 22:12 <REP> Help
16/01/2005 07:36 <REP> HP
14/01/2005 19:08 <REP> Identities
02/10/2006 09:17 <REP> IsolatedStorage
13/01/2005 22:20 <REP> Microsoft
13/01/2005 22:20 <REP> Powercinema
02/04/2005 06:00 <REP> Wildtangent
16/01/2005 07:36 141 fusioncache.dat
16/01/2005 07:36 77 848 GDIPFONTCACHEV1.DAT
13/01/2005 22:20 4 319 900 IconCache.db
3 fichier(s) 4 397 889 octets
14 Rép(s) 162 275 930 112 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\LocalService\Application Data

16/08/2004 19:18 <REP> .
16/08/2004 19:18 <REP> ..
03/02/2006 23:15 <REP> AVG7
16/08/2004 19:18 <REP> Microsoft
13/03/2007 18:22 <REP> Symantec
0 fichier(s) 0 octets
5 Rép(s) 162 275 930 112 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

16/08/2004 19:18 <REP> .
16/08/2004 19:18 <REP> ..
30/12/2006 08:18 <REP> Help
16/08/2004 19:18 <REP> Microsoft
0 fichier(s) 0 octets
4 Rép(s) 162 275 930 112 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\NetworkService\Application Data

16/08/2004 19:18 <REP> .
16/08/2004 19:18 <REP> ..
09/05/2005 18:43 <REP> Macromedia
16/08/2004 19:18 <REP> Microsoft
13/01/2005 23:20 <REP> Symantec
0 fichier(s) 0 octets
5 Rép(s) 162 275 930 112 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

16/08/2004 19:18 <REP> .
16/08/2004 19:18 <REP> ..
16/08/2004 19:18 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 162 275 930 112 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Propriétaire\Application Data

13/01/2005 21:41 <REP> .
13/01/2005 21:41 <REP> ..
28/03/2005 17:21 <REP> Symantec
03/09/2005 22:54 <REP> You've Got Pictures Screensaver
0 fichier(s) 0 octets
4 Rép(s) 162 275 930 112 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Stéphanie Legrand\Application Data

Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Documents and Settings\Stéphanie Legrand\Local Settings\Application Data

Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

16/08/2004 19:16 <REP> .
16/08/2004 19:16 <REP> ..
13/01/2005 21:29 <REP> Identities
16/08/2004 19:16 <REP> Microsoft
13/01/2005 21:29 <REP> Real
13/01/2005 21:29 <REP> Sun
13/01/2005 21:29 <REP> Symantec
13/01/2005 21:29 <REP> You've Got Pictures Screensaver
16/08/2004 19:16 62 desktop.ini
1 fichier(s) 62 octets
8 Rép(s) 162 275 663 872 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

16/08/2004 19:16 <REP> .
16/08/2004 19:16 <REP> ..
13/01/2005 21:29 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142050}
16/08/2004 19:16 <REP> Microsoft
13/01/2005 21:29 <REP> Powercinema
13/01/2005 21:29 2 690 846 IconCache.db
1 fichier(s) 2 690 846 octets
5 Rép(s) 162 275 663 872 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks


C:\WINDOWS\Tasks\A5C1C280918A7E48.job
 }Z{Ž¦„C…cä]
s  "ˆ!×     < c : \ d o c u m e ~ 1 \ s t p h a n ~ 1 \ a p p l i c ~ 1 \ i n f o t h ~ 1 \ D e a f G l o b a l M a t h . e x e  S t é p h a n i e L e g r a n d   €  0 Í    <  

C:\WINDOWS\Tasks\Norton
Norton inexploitable


C:\WINDOWS\Tasks\Symantec
Symantec inexploitable

******************************************
## Répertoires de C:\Program Files

Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est A4BD-B99F

Répertoire de C:\Program Files

23/07/2007 16:48 <REP> .
23/07/2007 16:48 <REP> ..
21/04/2006 18:30 <REP> A.S.C
01/02/2006 14:14 <REP> Absolutist.com
27/06/2007 08:05 <REP> Adobe
13/01/2005 21:57 <REP> Alcatel
07/07/2007 10:06 <REP> Alice
28/03/2007 14:39 <REP> Alwil Software
13/01/2005 22:22 <REP> AOL 9.0
20/12/2004 12:25 <REP> AOL Compagnon
20/02/2006 15:52 <REP> Ashampoo
08/02/2006 20:01 <REP> BoontyGames
07/07/2006 15:30 <REP> Capturino V1.3
28/03/2007 14:16 <REP> CCleaner
23/07/2007 16:48 <REP> CleanUp!
23/07/2007 15:56 <REP> CleanUpAdmin
16/08/2004 19:05 <REP> ComPlus Applications
25/09/2006 06:08 <REP> Cookies
20/12/2004 12:29 <REP> CyberLink
29/06/2005 12:03 <REP> DesktopPlant
13/11/2005 13:04 <REP> Disney
01/11/2005 21:13 <REP> DivX
12/05/2007 14:38 <REP> Dynamic Toolbar
11/05/2007 21:17 <REP> eMule
10/12/2006 11:28 <REP> EZFace
04/03/2006 12:39 <REP> fdjeux
20/07/2007 21:01 <REP> Fichiers communs
19/03/2006 19:33 <REP> Flash 32
11/02/2007 16:23 <REP> FoneSync
15/05/2007 08:07 <REP> Google
20/04/2005 13:29 <REP> Grilles
03/02/2006 19:45 <REP> Grisoft
17/03/2007 14:23 <REP> Hasbro Interactive
19/08/2006 11:14 <REP> Hewlett-Packard
19/08/2006 11:14 <REP> HP
05/11/2006 13:22 <REP> HT Video Splitter & Joiner 2.0 Shareware
03/02/2007 13:15 <REP> IKEA HomePlanner
17/06/2007 08:47 <REP> info thunk
13/06/2007 17:01 <REP> Internet Explorer
20/04/2007 10:23 <REP> Java
20/12/2004 12:25 <REP> Learn2.com
11/05/2007 21:30 <REP> Maxis
20/07/2007 21:05 <REP> Messager Wanadoo
15/02/2005 11:10 <REP> Messenger
16/08/2004 19:11 <REP> microsoft frontpage
20/12/2004 12:32 <REP> microsoft office
14/05/2007 19:12 <REP> Microsoft Picture It! PhotoPub
11/02/2007 16:11 <REP> Microsoft Works
11/02/2007 16:07 <REP> Microsoft Works Suite 2001
20/12/2004 12:32 <REP> Microsoft.NET
16/08/2004 19:06 <REP> Movie Maker
14/05/2007 19:05 <REP> Mozilla Firefox
20/07/2007 21:07 <REP> MSN
13/01/2005 23:33 <REP> MSN Apps
16/08/2004 19:03 <REP> MSN Gaming Zone
20/07/2007 21:25 <REP> MSN Messenger
19/11/2006 19:01 <REP> MSXML 4.0
16/12/2006 10:28 <REP> MUSICMATCH
30/05/2005 06:59 <REP> MyWebSearch
25/06/2007 19:34 <REP> NetMeeting
23/07/2007 17:10 <REP> Norton Security Scan
24/01/2006 08:52 <REP> OfficeUpdate11
21/07/2006 17:46 <REP> orange
13/06/2007 13:51 <REP> Outlook Express
19/08/2006 11:23 <REP> Overland
20/12/2006 14:04 <REP> Philips
15/02/2006 14:42 <REP> PhotoFiltre
06/02/2006 22:38 <REP> PicaFr
20/02/2006 15:13 <REP> PicaJet
11/05/2007 22:05 <REP> Picasa2
09/07/2005 11:05 <REP> QuadernoDemo
20/12/2004 12:24 <REP> Real
29/12/2006 18:04 <REP> ReflexiveArcade
20/02/2006 15:14 <REP> RM-X Player V4
15/03/2006 16:21 <REP> Samsung
16/08/2004 19:07 <REP> Services en ligne
27/06/2007 08:29 <REP> Sierra On-Line
20/12/2004 12:34 <REP> Sonic
31/03/2005 17:50 <REP> Sony Corporation
11/07/2007 13:54 <REP> Spyware Doctor
14/04/2007 12:00 <REP> StofWare
28/03/2007 14:49 <REP> Symantec
12/10/2006 19:37 <REP> TechCity Solutions
30/08/2005 07:38 <REP> VeriSign
25/10/2005 16:18 <REP> VFDS_Male
17/12/2006 11:50 <REP> VIBE100 Utilities
20/12/2004 12:25 <REP> Viewpoint
20/01/2005 18:29 <REP> Vimicro
05/10/2006 18:29 <REP> Wanadoo
30/03/2005 20:32 <REP> WildTangent
21/07/2006 12:03 <REP> Winamp
07/01/2007 15:41 <REP> Windows Media Connect 2
07/01/2007 15:41 <REP> Windows Media Player
07/01/2007 17:19 <REP> Windows NT
20/02/2006 16:01 <REP> WinM3uPlayer
12/10/2006 18:06 <REP> Wireless 802.11g Monitor
25/04/2006 09:59 <REP> WSKA
16/08/2004 19:11 <REP> xerox
20/07/2007 19:42 <REP> YDKJWIN
0 fichier(s) 0 octets
99 Rép(s) 162 275 549 184 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow

* Mozilla Firefox (1 autorisé 2 interdit)

---------- C:\DOCUMENTS AND SETTINGS\HLÔNE LEGRAND\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\XQAY2YPW.DEFAULT\HOSTPERM.1

******************************************
## Registre

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


*************** Fin du rapport ****************
0
Réponse 28 / 69
Hélène
 
Et adware.lop est toujours là..............
0
Réponse 29 / 69
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonjour,

1) les éléments constitutifs de l'infection tels qu'ils se trouvent dans les log s

C:\Documents and Settings\All Users\Application Data
14/01/2005 19:43 <REP> Less Vc Defy Option

Répertoire de C:\Documents and Settings\Hélène Legrand\Application Data
14/01/2005 19:43 <REP> info thunk

Répertoire de C:\Documents and Settings\Jean-Marie Legrand\Application Data
21/08/2005 11:26 <REP> info thunk

Répertoire de C:\Program Files
17/06/2007 08:47 <REP> info thunk

C:\WINDOWS\Tasks\A5C1C280918A7E48.job

Il y a déjà eu suppression de constituants.

23) On va éliminer le responsable de la réinfection :


démarrer/exécuter, tape cmd et valide par entrée. Colle la ligne suivante dans la fenêtre noire qui s'ouvre :

del /a C:\WINDOWS\Tasks\A5C1C280918A7E48.job

valide par entrée, puis ferme la fenêtre de commande.

3) On va vérifier le contenu de 2 des 4 répertoires

Clique sur démarrer, tous les programmes, accessoires, puis bloc-note
Dès qu'il s'ouvre, copie/colle le texte ci-dessous dans le bloc note:

dir "C:\Program Files\info thunk\*" /a > files.txt
notepad files.txt


Clique sur fichier, enregistrer sous, choisis de mettre dans type: "tous les fichiers"
Nom de fichier: abcde.bat et enregistre le ou tu le retrouvera facilement

Double clique dessus, un rapport va s'ouvrir, enregistre le et poste le dans ta réponse

Quand tu as envoyé ce fichier : (sinon, le nouveau va écraser l'ancien)

Clique sur démarrer, tous les programmes, accessoires, puis bloc-note
Dès qu'il s'ouvre, copie/colle le texte ci-dessous dans le bloc note:

dir "C:\Documents and Settings\All Users\Application Data\Less Vc Defy Option \*" /a > files.txt
notepad files.txt


Clique sur fichier, enregistrer sous, choisis de mettre dans type: "tous les fichiers"
Nom de fichier: abcde.bat et enregistre le ou tu le retrouvera facilement

Double clique dessus, un rapport va s'ouvrir, enregistre le et envoit le moi stp

@+
0
Réponse 30 / 69
Hélène
 
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est A4BD-B99F

R‚pertoire de C:\Program Files\info thunk

17/06/2007 08:47 <REP> .
17/06/2007 08:47 <REP> ..
0 fichier(s) 0 octets
2 R‚p(s) 162ÿ250ÿ207ÿ232 octets libres

_______________________________________________________________________

Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est A4BD-B99F

R‚pertoire de C:\Documents and Settings\All Users\Application Data\Less Vc Defy Option
0
Réponse 31 / 69
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

tu es sur d'avoir posté l'intégralité du rapport de Less Vc Defy Option ?

Où en sont les pop ups cid ?
@+
0
Réponse 32 / 69
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
http://www.malekal.com/popup_CID_Bitdownload.php


slt tous les deux ,

encore adawre lop?

si oui , essye lopremover sur le lien suivant

a plus
0
Réponse 33 / 69
Hélène
 
Oui j'ai mit tout le rapport de Less Vc Defy Option et je n'ai plus aucun pop ups cid mais toujours adware.lop.....
Je risque rien de telecharger lopremover? Quand je lace le téléchargement je recois une alerte de avast comme quoi il y a un cheval de trois qui tente d'entrer dans mon ordinateur.
0
Réponse 34 / 69
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
pas de souci lance le , il est considéré comme nefaste par avast mais ce n'est pas le cas, melkal est un expert!!!
0
Réponse 35 / 69
Hélène
 
J'ai fais lopremover il n'a rien trouvé et adware.lop est toujours là. J'aimerai bien qui disparaisse vite comme je pars en vacances pour 3semaines vendredi matin........
0
Réponse 36 / 69
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
dans jout suppression de prog supprime si tu trouve:

Lop.com s'installe avec des applications.. en règle général, il est explicitement inscrit (en anglais) que le programme va ouvrir des popups de pubs. Voici une liste de quelques programmes connus pour installer l'infection Lop.com/Swizzor

* BitDownload
* BitGrabber
* BitRoll
* MessengerPlus! 3 sous le nom de sponsors
* Messenger Plus! Live sous le nom de sponsors
* NetPumper
* TorrentQ


_____________________
supprime si presents dans le poste de travail

* C:\Program Files\BitGrabber
* C:\Program Files\BitDownload
* C:\Program Files\Multi_Media_France


-------------------------------

essaye sinon spyswepper

https://www.webroot.com/us/en


# Cliquez sur sur le lien "Free Trial" pour le télécharger tout à droite
# Installez le et démarrez le

* Il va demander de télécharger la dernière définition, acceptez
* Ensuite, clic sur le bouton Options à gauche
* Clic sur l'onglet Options et cochez ces options :
o Sweep Memory
o Sweep Registry
o Sweep Cookies
o Sweep All User Accounts
o Enable Direct Disk Sweeping
o Sweep Contents of Compressed Files
o Sweep for Rootkits
o Décoche Do not Sweep System Restore Folder.
* Clicquez sur "Sweep Now" à gauche
* Clicquez sur le bouton "Start"
* Quand le scan est terminé, clic sur le bouton "Next"
* Assurez-vous que tout est coché et clicquez sur le bouton "Next"
* Lorsque tous les éléments trouvés ont été supprimés




sinon attend lyonnais92 pour virer manuellement
0
Réponse 37 / 69
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)



tu as encore ad aware lop? où est il trouvé?
0
Réponse 38 / 69
Hélène
 
J'ai effectué spysweepper (pas avec ce que tu m'as dit j'avais pas les mêmes options), cela m'a mis 11fichiers en quarantaine. adware.lop est toujours là, donc je vais attendre lyonnais92. J'espere qu'il partira vite car je pars en vacances pour 3semaines vendredi matin....
0
Réponse 39 / 69
Hélène
 
Je n'arrive pas à voir où il est trouvé.
0
Réponse 40 / 69
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)


et dis si toujours present et où
0