Sujet Précédent Sujet Suivant

Fenetre CID

Résolu
biftek60 Messages postés 21 Statut Membre -  
biftek60 Messages postés 21 Statut Membre -
Bonjour,

voila j'ai un probleme j'ai ces modite fenetre qui s'ouvre toute les 2min j'aimerai avoir de l'aide svp j'ai lu plusieurs poste deja et il est dit de posté personnelment donc voila j'atend votre aide merci

Ps: je suis sur vista
A voir également:

33 réponses

  • 1
  • 2
Réponse 1 / 33
biftek60 Messages postés 21 Statut Membre
 
a savoir aussi que j'ai deja deinstaller messenger live plus machin lol et que j'ai toujours le probleme et je n'ai pas CiD help ou autre dans les deinstalation
0
Réponse 2 / 33
biftek60 Messages postés 21 Statut Membre
 
voici ausii mon resultat hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 12:54:22, on 08/05/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Packard Bell\FIJI\ABoard.exe
C:\Program Files\Packard Bell\FIJI\AOSD.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Johnny\AppData\Local\dheifjfb.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\Johnny\Desktop\HijackThis.exe
c:\program files\google\googletoolbar1user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\kind frag bone.7enyqbd"
O4 - HKCU\..\Run: [dheifjfb] c:\users\johnny\appdata\local\dheifjfb.exe dheifjfb
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\Johnny\AppData\LocalLow\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA35026A-AEC4-4F0D-940B-F7AEDC55470E}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ccEvtMgr - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: ccSetMgr - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: lxcg_device - - C:\Windows\system32\lxcgcoms.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
0
Réponse 3 / 33
gil le fantom Messages postés 2809 Statut Membre 25
 
bonjour,
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
0
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt gil le fantom,

j'avais pas vu que tu avais déjà posté


je te laisse la main!!!

bonne suite a tous les deux
0
Réponse 4 / 33
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt,

tu n'as pas que CID

________

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe

O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\kind frag bone.7enyqbd"
O4 - HKCU\..\Run: [dheifjfb] c:\users\johnny\appdata\local\dheifjfb.exe dheifjfb

___________________

télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\Program Files\Search Settings\kb126\SearchSettings.dll
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
C:\Program Files\Search Settings
C:\Program Files\Search Settings\SearchSettings.exe
C:\ProgramData\kind frag bone.7enyqbd
c:\users\johnny\appdata\local\dheifjfb.exe

clique sur MoveIt! pour lancer la suppression.

______________________

vire ce qui est dans MOVED FILE en allant dans poste de travail puis C puis OTMOVIT

______________

Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
_________________

Télécharge ceci: (by Moe) :

http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe

Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.

le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 33
biftek60 Messages postés 21 Statut Membre
 
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Johnny ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 08/05/2008 | 13:18:44,09 ] [ PC : PC-DE-JOHNNY ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[25/03/2008|20:04] C:\Users\Johnny\AppData\Roaming\Adobe\Flash Player
[28/02/2008|11:32] C:\Users\Johnny\AppData\Roaming\Adobe\Linguistics
[23/02/2008|13:53] C:\Users\Johnny\AppData\Roaming\Adobe\Acrobat

[22/02/2008|20:14] C:\Users\Johnny\AppData\Roaming\CyberLink\MediaCache
[22/02/2008|20:14] C:\Users\Johnny\AppData\Roaming\CyberLink\MagicSports

[03/05/2008|13:28] C:\Users\Johnny\AppData\Roaming\Google\Local Search History

[22/02/2008|20:13] C:\Users\Johnny\AppData\Roaming\Identities\{E2A3DD73-69A9-459D-9BE8-1F67B61EB657}

[22/02/2008|21:00] C:\Users\Johnny\AppData\Roaming\InstallShield\ISEngine12.0

[22/02/2008|21:06] C:\Users\Johnny\AppData\Roaming\Macromedia\Flash Player

[13/03/2008|19:43] C:\Users\Johnny\AppData\Roaming\Media Player Classic\default.mpcpl

[01/05/2008|13:03] C:\Users\Johnny\AppData\Roaming\Microsoft\Templates
[20/04/2008|22:19] C:\Users\Johnny\AppData\Roaming\Microsoft\Office
[20/04/2008|21:53] C:\Users\Johnny\AppData\Roaming\Microsoft\QuickStyles
[20/04/2008|21:38] C:\Users\Johnny\AppData\Roaming\Microsoft\UProof
[17/04/2008|11:26] C:\Users\Johnny\AppData\Roaming\Microsoft\MSN Messenger
[15/03/2008|14:08] C:\Users\Johnny\AppData\Roaming\Microsoft\Windows Photo Gallery
[09/03/2008|18:55] C:\Users\Johnny\AppData\Roaming\Microsoft\Internet Explorer
[26/02/2008|19:26] C:\Users\Johnny\AppData\Roaming\Microsoft\Crypto
[25/02/2008|15:08] C:\Users\Johnny\AppData\Roaming\Microsoft\OIS
[24/02/2008|20:43] C:\Users\Johnny\AppData\Roaming\Microsoft\Clip Organizer
[24/02/2008|20:07] C:\Users\Johnny\AppData\Roaming\Microsoft\Proof
[24/02/2008|20:05] C:\Users\Johnny\AppData\Roaming\Microsoft\Document Building Blocks
[24/02/2008|20:05] C:\Users\Johnny\AppData\Roaming\Microsoft\Word
[24/02/2008|20:05] C:\Users\Johnny\AppData\Roaming\Microsoft\AddIns
[23/02/2008|14:06] C:\Users\Johnny\AppData\Roaming\Microsoft\IdentityCRL
[22/02/2008|21:58] C:\Users\Johnny\AppData\Roaming\Microsoft\Windows
[22/02/2008|21:34] C:\Users\Johnny\AppData\Roaming\Microsoft\Credentials
[22/02/2008|20:14] C:\Users\Johnny\AppData\Roaming\Microsoft\CLR Security Config
[22/02/2008|20:13] C:\Users\Johnny\AppData\Roaming\Microsoft\SystemCertificates
[22/02/2008|20:13] C:\Users\Johnny\AppData\Roaming\Microsoft\Protect

[04/05/2008|20:44] C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox

[22/03/2008|12:32] C:\Users\Johnny\AppData\Roaming\Nero\Nero8

[08/05/2008|13:17] C:\Users\Johnny\AppData\Roaming\Packard Bell\Setup my PC
[30/04/2008|21:22] C:\Users\Johnny\AppData\Roaming\Packard Bell\Smart Restore
[22/02/2008|20:34] C:\Users\Johnny\AppData\Roaming\Packard Bell\InfoCentre
[22/02/2008|20:14] C:\Users\Johnny\AppData\Roaming\Packard Bell\IDCard

[08/05/2008|12:31] C:\Users\Johnny\AppData\Roaming\PC Tools\Spyware Doctor

[08/05/2008|12:15] C:\Users\Johnny\AppData\Roaming\QuickZip45.ini\QuickZip45.ini

[26/02/2008|17:48] C:\Users\Johnny\AppData\Roaming\Roxio\MediaManager9

[22/02/2008|20:48] C:\Users\Johnny\AppData\Roaming\Symantec\Cleanup

[22/02/2008|20:35] C:\Users\Johnny\AppData\Roaming\Talkback\MozillaOrg

[26/02/2008|17:57] C:\Users\Johnny\AppData\Roaming\UserTile.png\UserTile.png

[28/04/2008|21:48] C:\Users\Johnny\AppData\Roaming\vlc\vlcrc
[13/03/2008|21:32] C:\Users\Johnny\AppData\Roaming\vlc\cache

[26/04/2008|20:44] C:\Users\Johnny\AppData\Roaming\Winamp\winamp.ini
[26/04/2008|20:44] C:\Users\Johnny\AppData\Roaming\Winamp\winamp.m3u
[26/04/2008|20:44] C:\Users\Johnny\AppData\Roaming\Winamp\Winamp.m3u8
[26/04/2008|18:02] C:\Users\Johnny\AppData\Roaming\Winamp\studio.xnf
[26/04/2008|17:53] C:\Users\Johnny\AppData\Roaming\Winamp\Plugins
[26/04/2008|17:53] C:\Users\Johnny\AppData\Roaming\Winamp\Winamp.q1
[10/03/2008|22:14] C:\Users\Johnny\AppData\Roaming\Winamp\links.xml
[14/09/2005|21:17] C:\Users\Johnny\AppData\Roaming\Winamp\demo.mp3

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[08/05/2008 13:00][--a------] C:\Windows\tasks\Extension de garantie.job
[08/05/2008 13:00][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[08/05/2008 13:16][--ah-----] C:\Windows\tasks\SA.DAT
[08/05/2008 13:14][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[14/11/2007|10:12] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[05/03/2008|09:53] C:\ProgramData\Adobe
[22/02/2008|19:53] C:\ProgramData\Application Data
[22/02/2008|20:04] C:\ProgramData\Bureau
[14/11/2007|10:01] C:\ProgramData\CyberLink
[22/02/2008|19:53] C:\ProgramData\Desktop
[22/02/2008|19:53] C:\ProgramData\Documents
[22/02/2008|21:15] C:\ProgramData\eMule
[22/02/2008|20:04] C:\ProgramData\Favoris
[22/02/2008|19:53] C:\ProgramData\Favorites
[14/11/2007|10:00] C:\ProgramData\Google
[07/05/2008|20:20] C:\ProgramData\inside curb curb.0247agv
[07/05/2008|17:25] C:\ProgramData\inside curb curb.07r5m
[01/05/2008|13:19] C:\ProgramData\inside curb curb.09pet
[01/05/2008|14:46] C:\ProgramData\inside curb curb.0dzv0u
[28/04/2008|21:36] C:\ProgramData\inside curb curb.0lw6h
[26/04/2008|22:58] C:\ProgramData\inside curb curb.0p6bw
[30/04/2008|14:25] C:\ProgramData\inside curb curb.0ry7v97
[27/04/2008|17:21] C:\ProgramData\inside curb curb.0wpbdkz
[26/04/2008|18:36] C:\ProgramData\inside curb curb.0ym3irj
[28/04/2008|21:58] C:\ProgramData\inside curb curb.11zxnv
[03/05/2008|18:04] C:\ProgramData\inside curb curb.12lywu
[29/04/2008|16:15] C:\ProgramData\inside curb curb.19emh
[27/04/2008|18:26] C:\ProgramData\inside curb curb.1fzgvb
[07/05/2008|17:04] C:\ProgramData\inside curb curb.1tn5dux
[27/04/2008|18:48] C:\ProgramData\inside curb curb.21f9ts
[27/04/2008|16:15] C:\ProgramData\inside curb curb.21w6l2p
[26/04/2008|17:53] C:\ProgramData\inside curb curb.23fjc
[25/04/2008|22:57] C:\ProgramData\inside curb curb.268o3uf
[25/04/2008|21:51] C:\ProgramData\inside curb curb.2acf1n
[01/05/2008|15:08] C:\ProgramData\inside curb curb.2dh0y7
[03/05/2008|15:52] C:\ProgramData\inside curb curb.2v9sm
[29/04/2008|09:42] C:\ProgramData\inside curb curb.2ylpv
[03/05/2008|14:03] C:\ProgramData\inside curb curb.304x6
[29/04/2008|14:26] C:\ProgramData\inside curb curb.33s3k5
[03/05/2008|19:31] C:\ProgramData\inside curb curb.3bdg6
[30/04/2008|18:25] C:\ProgramData\inside curb curb.3dr9blr
[07/05/2008|19:15] C:\ProgramData\inside curb curb.3vimp
[28/04/2008|10:40] C:\ProgramData\inside curb curb.43oy43v
[29/04/2008|19:54] C:\ProgramData\inside curb curb.46j3w9n
[29/04/2008|16:59] C:\ProgramData\inside curb curb.48poe5k
[01/05/2008|15:30] C:\ProgramData\inside curb curb.4aovft4
[25/04/2008|23:40] C:\ProgramData\inside curb curb.4az40
[29/04/2008|11:09] C:\ProgramData\inside curb curb.4f0f7cb
[03/05/2008|16:58] C:\ProgramData\inside curb curb.4gbpw
[28/04/2008|12:07] C:\ProgramData\inside curb curb.4ne7u0o
[04/05/2008|14:25] C:\ProgramData\inside curb curb.4uky6
[27/04/2008|14:48] C:\ProgramData\inside curb curb.59zpgy
[29/04/2008|23:10] C:\ProgramData\inside curb curb.5k849
[07/05/2008|23:59] C:\ProgramData\inside curb curb.5klb2
[29/04/2008|19:10] C:\ProgramData\inside curb curb.5lesxa
[07/05/2008|22:09] C:\ProgramData\inside curb curb.5r2zy73
[28/04/2008|20:52] C:\ProgramData\inside curb curb.5tkjxn9
[28/04/2008|09:34] C:\ProgramData\inside curb curb.5wymm
[04/05/2008|20:58] C:\ProgramData\inside curb curb.5xwldg
[03/05/2008|17:20] C:\ProgramData\inside curb curb.6adqi
[29/04/2008|20:16] C:\ProgramData\inside curb curb.6nmybyr
[08/05/2008|11:42] C:\ProgramData\inside curb curb.6uboxdj
[01/05/2008|16:36] C:\ProgramData\inside curb curb.6w7hxci
[04/05/2008|16:14] C:\ProgramData\inside curb curb.77tpt
[04/05/2008|14:47] C:\ProgramData\inside curb curb.7tbrtp8
[26/04/2008|21:31] C:\ProgramData\inside curb curb.83yyhq
[29/04/2008|17:43] C:\ProgramData\inside curb curb.8ghkxn
[28/04/2008|11:45] C:\ProgramData\inside curb curb.8qck8
[03/05/2008|22:26] C:\ProgramData\inside curb curb.8vgqk
[30/04/2008|15:52] C:\ProgramData\inside curb curb.8ys87ae
[04/05/2008|17:20] C:\ProgramData\inside curb curb.9f21v
[03/05/2008|17:42] C:\ProgramData\inside curb curb.9gt8u2i
[04/05/2008|15:52] C:\ProgramData\inside curb curb.9juvp9z
[30/04/2008|19:09] C:\ProgramData\inside curb curb.9k4odm
[04/05/2008|18:47] C:\ProgramData\inside curb curb.9qx42
[07/05/2008|18:31] C:\ProgramData\inside curb curb.9rl5c5
[29/04/2008|12:15] C:\ProgramData\inside curb curb.9ta1r
[25/04/2008|21:29] C:\ProgramData\inside curb curb.9tavzn
[30/04/2008|20:36] C:\ProgramData\inside curb curb.9ujkn
[01/05/2008|20:14] C:\ProgramData\inside curb curb.9v8zyfv
[28/04/2008|21:14] C:\ProgramData\inside curb curb.9wf4d
[03/05/2008|20:37] C:\ProgramData\inside curb curb.9y9vu
[08/05/2008|12:04] C:\ProgramData\inside curb curb.ae3bdv
[27/04/2008|20:59] C:\ProgramData\inside curb curb.aeejmwy
[27/04/2008|16:59] C:\ProgramData\inside curb curb.ajrch
[03/05/2008|16:14] C:\ProgramData\inside curb curb.at3ot8
[07/05/2008|17:47] C:\ProgramData\inside curb curb.bgaovd
[29/04/2008|22:05] C:\ProgramData\inside curb curb.bmg1u4
[27/04/2008|21:43] C:\ProgramData\inside curb curb.c6elal
[03/05/2008|20:58] C:\ProgramData\inside curb curb.c9jgm
[29/04/2008|13:21] C:\ProgramData\inside curb curb.cax441
[07/05/2008|18:53] C:\ProgramData\inside curb curb.ck0dn
[30/04/2008|22:47] C:\ProgramData\inside curb curb.cmgds
[27/04/2008|15:53] C:\ProgramData\inside curb curb.cqsenxl
[01/05/2008|14:03] C:\ProgramData\inside curb curb.ct42kp9
[01/05/2008|13:41] C:\ProgramData\inside curb curb.cx0df
[29/04/2008|15:53] C:\ProgramData\inside curb curb.cxlzp
[30/04/2008|23:31] C:\ProgramData\inside curb curb.d0uek
[04/05/2008|17:41] C:\ProgramData\inside curb curb.d68qvz
[07/05/2008|19:58] C:\ProgramData\inside curb curb.d6r6c0m
[27/04/2008|14:04] C:\ProgramData\inside curb curb.df0if3
[29/04/2008|15:32] C:\ProgramData\inside curb curb.dhz52b
[04/05/2008|16:58] C:\ProgramData\inside curb curb.divxja
[29/04/2008|18:05] C:\ProgramData\inside curb curb.dl0y9
[29/04/2008|21:43] C:\ProgramData\inside curb curb.dtzi0
[27/04/2008|19:32] C:\ProgramData\inside curb curb.dusmdg
[07/05/2008|19:36] C:\ProgramData\inside curb curb.dyculyp
[25/04/2008|23:18] C:\ProgramData\inside curb curb.e0h8av5
[08/05/2008|12:26] C:\ProgramData\inside curb curb.e4a2a
[04/05/2008|14:03] C:\ProgramData\inside curb curb.e4uvq6j
[01/05/2008|18:47] C:\ProgramData\inside curb curb.e92x7kv
[30/04/2008|23:09] C:\ProgramData\inside curb curb.ekqaf
[30/04/2008|13:41] C:\ProgramData\inside curb curb.elph9
[28/04/2008|11:02] C:\ProgramData\inside curb curb.eoytc9o
[04/05/2008|21:20] C:\ProgramData\inside curb curb.epfj74
[04/05/2008|19:52] C:\ProgramData\inside curb curb.euedj
[29/04/2008|17:21] C:\ProgramData\inside curb curb.ezy24k1
[27/04/2008|20:15] C:\ProgramData\inside curb curb.f21pn5
[27/04/2008|20:37] C:\ProgramData\inside curb curb.f3fmr
[03/05/2008|16:36] C:\ProgramData\inside curb curb.f4r0de
[29/04/2008|10:48] C:\ProgramData\inside curb curb.f4ukkru
[29/04/2008|23:32] C:\ProgramData\inside curb curb.f83jb0z
[17/04/2008|10:43] C:\ProgramData\inside curb curb.ffsrkim
[01/05/2008|22:03] C:\ProgramData\inside curb curb.fobymj4
[03/05/2008|21:20] C:\ProgramData\inside curb curb.fpadgw
[26/04/2008|18:14] C:\ProgramData\inside curb curb.fqu3790
[27/04/2008|14:26] C:\ProgramData\inside curb curb.fwehff
[07/05/2008|15:36] C:\ProgramData\inside curb curb.fxu028
[29/04/2008|10:04] C:\ProgramData\inside curb curb.fzkk4s
[30/04/2008|21:42] C:\ProgramData\inside curb curb.g3ju0
[01/05/2008|15:52] C:\ProgramData\inside curb curb.gewzcl4
[29/04/2008|20:59] C:\ProgramData\inside curb curb.gf0yfhf
[30/04/2008|20:58] C:\ProgramData\inside curb curb.gspv3nk
[01/05/2008|20:36] C:\ProgramData\inside curb curb.gvk6h7
[03/05/2008|10:25] C:\ProgramData\inside curb curb.gzvjc59
[03/05/2008|10:47] C:\ProgramData\inside curb curb.h8x156
[04/05/2008|19:31] C:\ProgramData\inside curb curb.hczjx
[30/04/2008|17:19] C:\ProgramData\inside curb curb.hdqca1
[29/04/2008|12:59] C:\ProgramData\inside curb curb.hdr4vwe
[03/05/2008|15:09] C:\ProgramData\inside curb curb.hhquq4
[30/04/2008|16:14] C:\ProgramData\inside curb curb.ho3261c
[30/04/2008|12:14] C:\ProgramData\inside curb curb.hyeyc07
[26/04/2008|20:47] C:\ProgramData\inside curb curb.i1rn9
[04/05/2008|16:36] C:\ProgramData\inside curb curb.i31t81q
[01/05/2008|19:30] C:\ProgramData\inside curb curb.iffma90
[26/04/2008|18:58] C:\ProgramData\inside curb curb.ig8is
[07/05/2008|15:58] C:\ProgramData\inside curb curb.iixlwn
[03/05/2008|11:08] C:\ProgramData\inside curb curb.iuhy99k
[29/04/2008|18:48] C:\ProgramData\inside curb curb.iwykt1
[25/04/2008|22:35] C:\ProgramData\inside curb curb.ix6cjp
[07/05/2008|16:42] C:\ProgramData\inside curb curb.izv8hj
[07/05/2008|18:09] C:\ProgramData\inside curb curb.j2ebq
[03/05/2008|13:41] C:\ProgramData\inside curb curb.j6ybr
[03/05/2008|19:53] C:\ProgramData\inside curb curb.j7xmn5
[07/05/2008|21:48] C:\ProgramData\inside curb curb.jkf24p3
[01/05/2008|17:41] C:\ProgramData\inside curb curb.jpcsnz
[03/05/2008|19:09] C:\ProgramData\inside curb curb.jqswhr
[07/05/2008|23:15] C:\ProgramData\inside curb curb.jrt9p1
[03/05/2008|11:52] C:\ProgramData\inside curb curb.jryqjd
[04/05/2008|18:25] C:\ProgramData\inside curb curb.jv8ln
[03/05/2008|18:25] C:\ProgramData\inside curb curb.jx9skp
[26/04/2008|00:24] C:\ProgramData\inside curb curb.k0rjq
[30/04/2008|12:35] C:\ProgramData\inside curb curb.k0s4fk4
[26/04/2008|19:42] C:\ProgramData\inside curb curb.k2uas
[26/04/2008|22:15] C:\ProgramData\inside curb curb.k4hv601
[04/05/2008|21:42] C:\ProgramData\inside curb curb.kfwhhi
[27/04/2008|16:37] C:\ProgramData\inside curb curb.kgtzyuc
[08/05/2008|13:09] C:\ProgramData\inside curb curb.ksx9l
[30/04/2008|18:03] C:\ProgramData\inside curb curb.kx6v2u
[03/05/2008|20:15] C:\ProgramData\inside curb curb.kza156g
[26/04/2008|20:26] C:\ProgramData\inside curb curb.l1dsm
[07/05/2008|23:37] C:\ProgramData\inside curb curb.l2u5x
[27/04/2008|19:10] C:\ProgramData\inside curb curb.l4xnoio
[29/04/2008|13:42] C:\ProgramData\inside curb curb.lhmxm
[28/04/2008|11:23] C:\ProgramData\inside curb curb.ltlo7
[27/04/2008|21:21] C:\ProgramData\inside curb curb.lv195
[03/05/2008|21:42] C:\ProgramData\inside curb curb.m1rkp
[27/04/2008|15:10] C:\ProgramData\inside curb curb.m5f8yt
[28/04/2008|09:56] C:\ProgramData\inside curb curb.mahjoh2
[04/05/2008|22:04] C:\ProgramData\inside curb curb.mayll
[28/04/2008|13:13] C:\ProgramData\inside curb curb.mbde9a3
[03/05/2008|14:47] C:\ProgramData\inside curb curb.mf6z6t
[28/04/2008|12:29] C:\ProgramData\inside curb curb.mfrcn2
[30/04/2008|20:14] C:\ProgramData\inside curb curb.mhskdx
[26/04/2008|21:53] C:\ProgramData\inside curb curb.mtu1ib
[26/04/2008|22:37] C:\ProgramData\inside curb curb.mxsdvy
[04/05/2008|13:19] C:\ProgramData\inside curb curb.n0aiyiz
[04/05/2008|19:09] C:\ProgramData\inside curb curb.n0ov9
[30/04/2008|19:52] C:\ProgramData\inside curb curb.n362qe
[26/04/2008|21:09] C:\ProgramData\inside curb curb.n47xs5
[26/04/2008|19:20] C:\ProgramData\inside curb curb.n6x9ysj
[25/04/2008|21:07] C:\ProgramData\inside curb curb.n8wqu
[25/04/2008|22:13] C:\ProgramData\inside curb curb.ndbkrt
[03/05/2008|10:03] C:\ProgramData\inside curb curb.nisy3v
[01/05/2008|16:14] C:\ProgramData\inside curb curb.nn1oi0z
[29/04/2008|18:26] C:\ProgramData\inside curb curb.nnqfn
[04/05/2008|18:03] C:\ProgramData\inside curb curb.nokdx
[30/04/2008|15:08] C:\ProgramData\inside curb curb.o1xtqt
[03/05/2008|15:31] C:\ProgramData\inside curb curb.o2qku0w
[30/04/2008|14:03] C:\ProgramData\inside curb curb.o5s13f
[30/04/2008|11:52] C:\ProgramData\inside curb curb.o93wq
[26/04/2008|00:02] C:\ProgramData\inside curb curb.oed8obj
[29/04/2008|22:27] C:\ProgramData\inside curb curb.ogygjt
[28/04/2008|12:51] C:\ProgramData\inside curb curb.opvev
[30/04/2008|21:20] C:\ProgramData\inside curb curb.oqcvuda
[29/04/2008|11:31] C:\ProgramData\inside curb curb.ow9fjci
[03/05/2008|14:25] C:\ProgramData\inside curb curb.ox4jat
[27/04/2008|19:53] C:\ProgramData\inside curb curb.pe7k3w1
[01/05/2008|21:20] C:\ProgramData\inside curb curb.pnhj5r
[01/05/2008|16:57] C:\ProgramData\inside curb curb.pqghq
[29/04/2008|22:49] C:\ProgramData\inside curb curb.pr63fq
[03/05/2008|13:20] C:\ProgramData\inside curb curb.puqef
[29/04/2008|14:04] C:\ProgramData\inside curb curb.pwjgc
[29/04/2008|10:26] C:\ProgramData\inside curb curb.qh4byio
[01/05/2008|18:25] C:\ProgramData\inside curb curb.qlrqk
[30/04/2008|19:30] C:\ProgramData\inside curb curb.qrlrp
[03/05/2008|11:30] C:\ProgramData\inside curb curb.qsw36n
[07/05/2008|20:42] C:\ProgramData\inside curb curb.r6mvp0b
[04/05/2008|20:14] C:\ProgramData\inside curb curb.rb4au18
[03/05/2008|22:48] C:\ProgramData\inside curb curb.rg6uj1
[26/04/2008|20:04] C:\ProgramData\inside curb curb.rojc2p6
[17/04/2008|10:43] C:\ProgramData\inside curb curb.rqs2x
[27/04/2008|15:31] C:\ProgramData\inside curb curb.rsv06g
[27/04/2008|18:04] C:\ProgramData\inside curb curb.rzp4z
[29/04/2008|15:10] C:\ProgramData\inside curb curb.s48fz1h
[03/05/2008|12:36] C:\ProgramData\inside curb curb.s50jzao
[30/04/2008|15:30] C:\ProgramData\inside curb curb.sc4isvc
[07/05/2008|22:31] C:\ProgramData\inside curb curb.sgnc9f
[29/04/2008|11:53] C:\ProgramData\inside curb curb.shmfae
[01/05/2008|22:25] C:\ProgramData\inside curb curb.sll9v3l
[03/05/2008|12:14] C:\ProgramData\inside curb curb.t1d66ka
[01/05/2008|20:58] C:\ProgramData\inside curb curb.t27egm
[04/05/2008|13:41] C:\ProgramData\inside curb curb.t5nrelh
[27/04/2008|17:42] C:\ProgramData\inside curb curb.tb5u0iu
[04/05/2008|15:08] C:\ProgramData\inside curb curb.tqe0wc
[01/05/2008|18:03] C:\ProgramData\inside curb curb.u0s26tq
[01/05/2008|17:19] C:\ProgramData\inside curb curb.ubi0bj
[01/05/2008|19:52] C:\ProgramData\inside curb curb.uhikoiw
[29/04/2008|14:48] C:\ProgramData\inside curb curb.v9h67v
[29/04/2008|20:37] C:\ProgramData\inside curb curb.vbyye
[03/05/2008|12:58] C:\ProgramData\inside curb curb.vc195
[01/05/2008|19:09] C:\ProgramData\inside curb curb.vjk9w
[30/04/2008|16:36] C:\ProgramData\inside curb curb.vrn8c7
[04/05/2008|15:30] C:\ProgramData\inside curb curb.vz6fgvs
[30/04/2008|16:58] C:\ProgramData\inside curb curb.vzldwq
[03/05/2008|22:04] C:\ProgramData\inside curb curb.w33oipu
[03/05/2008|18:47] C:\ProgramData\inside curb curb.w39o8a
[07/05/2008|22:53] C:\ProgramData\inside curb curb.wescn5t
[28/04/2008|10:18] C:\ProgramData\inside curb curb.wkoc0
[30/04/2008|18:47] C:\ProgramData\inside curb curb.woe1e2i
[01/05/2008|14:25] C:\ProgramData\inside curb curb.wohuk9
[01/05/2008|21:41] C:\ProgramData\inside curb curb.xehy6j
[30/04/2008|22:25] C:\ProgramData\inside curb curb.xgma04c
[29/04/2008|19:32] C:\ProgramData\inside curb curb.xqzj6
[07/05/2008|16:20] C:\ProgramData\inside curb curb.xw5qc
[08/05/2008|12:47] C:\ProgramData\inside curb curb.xzjsod
[30/04/2008|14:46] C:\ProgramData\inside curb curb.xzo6k
[07/05/2008|21:26] C:\ProgramData\inside curb curb.y083jz
[30/04/2008|12:57] C:\ProgramData\inside curb curb.y0bvn
[07/05/2008|21:04] C:\ProgramData\inside curb curb.y67kp5
[29/04/2008|16:37] C:\ProgramData\inside curb curb.y94x6l1
[30/04/2008|13:19] C:\ProgramData\inside curb curb.yguuor
[30/04/2008|17:41] C:\ProgramData\inside curb curb.yhsw2
[03/05/2008|23:09] C:\ProgramData\inside curb curb.ynmbww
[04/05/2008|20:36] C:\ProgramData\inside curb curb.yvbb1z0
[30/04/2008|22:03] C:\ProgramData\inside curb curb.ywk5gw
[30/04/2008|23:53] C:\ProgramData\inside curb curb.yzpvaw
[29/04/2008|12:37] C:\ProgramData\inside curb curb.zkia0hi
[29/04/2008|21:21] C:\ProgramData\inside curb curb.zkre7ys
[14/11/2007|09:58] C:\ProgramData\InstallShield
[17/04/2008|10:43] C:\ProgramData\kind frag bone.7enyqbd
[21/04/2008|09:48] C:\ProgramData\Kiwee Toolbar2
[22/02/2008|20:04] C:\ProgramData\Menu D‚marrer
[22/02/2008|21:02] C:\ProgramData\Microsoft
[11/04/2008|16:26] C:\ProgramData\Microsoft Help
[22/02/2008|20:04] C:\ProgramData\ModŠles
[28/04/2008|21:02] C:\ProgramData\Nero
[14/11/2007|09:49] C:\ProgramData\NVIDIA
[24/03/2008|13:40] C:\ProgramData\pixelStorm
[14/11/2007|10:15] C:\ProgramData\Roxio
[14/11/2007|10:12] C:\ProgramData\Skype
[22/02/2008|21:32] C:\ProgramData\Sonic
[05/03/2008|11:28] C:\ProgramData\Sony Ericsson
[22/02/2008|19:53] C:\ProgramData\Start Menu
[04/05/2008|20:22] C:\ProgramData\Symantec
[17/04/2008|10:43] C:\ProgramData\Team Wave Body
[08/05/2008|13:18] C:\ProgramData\TEMP
[22/02/2008|19:53] C:\ProgramData\Templates
[17/04/2008|10:43] C:\ProgramData\Tool Eggs Less City
[26/04/2008|17:51] C:\ProgramData\Winamp Toolbar
[24/02/2008|00:26] C:\ProgramData\WinZip
[22/02/2008|21:48] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[14/11/2007|10:12] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[05/03/2008|09:53] C:\Program Files\Adobe
[26/02/2008|13:22] C:\Program Files\AnmSMP
[19/04/2008|16:52] C:\Program Files\Antipub
[23/02/2008|15:23] C:\Program Files\AskTBar
[28/04/2008|20:59] C:\Program Files\BoontyGames
[20/03/2008|21:40] C:\Program Files\Common Files
[14/11/2007|10:01] C:\Program Files\CyberLink
[13/03/2008|20:01] C:\Program Files\Dealio
[14/11/2007|09:35] C:\Program Files\desktop.ini
[22/02/2008|21:08] C:\Program Files\eMule
[22/02/2008|20:04] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[28/04/2008|13:22] C:\Program Files\Free Easy Burner
[14/11/2007|10:00] C:\Program Files\Google
[30/04/2008|21:30] C:\Program Files\HD1988 Labs
[14/11/2007|09:50] C:\Program Files\HDReg
[22/02/2008|22:39] C:\Program Files\InstallShield Installation Information
[12/04/2008|14:07] C:\Program Files\Internet Explorer
[21/04/2008|09:45] C:\Program Files\Kiwee Toolbar2
[24/02/2008|18:15] C:\Program Files\K-Lite Codec Pack
[03/05/2008|12:18] C:\Program Files\Lexmark 2300 Series
[22/02/2008|22:03] C:\Program Files\Maxis
[03/05/2008|12:49] C:\Program Files\MB Softs
[23/02/2008|13:31] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[14/11/2007|10:10] C:\Program Files\Microsoft Office
[14/11/2007|10:10] C:\Program Files\Microsoft Works
[14/11/2007|10:10] C:\Program Files\Microsoft.NET
[14/11/2007|17:51] C:\Program Files\Movie Maker
[14/11/2007|10:00] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[23/02/2008|13:26] C:\Program Files\MSXML 4.0
[23/02/2008|15:30] C:\Program Files\Nero
[20/03/2008|21:49] C:\Program Files\NeroInstall.bak
[08/05/2008|12:03] C:\Program Files\NoAdware5.0
[08/04/2008|13:14] C:\Program Files\Norton 360
[14/11/2007|10:12] C:\Program Files\Packard Bell
[26/02/2008|13:38] C:\Program Files\Picasa2
[28/03/2008|19:08] C:\Program Files\Poker
[28/04/2008|13:21] C:\Program Files\QuickZip4
[14/11/2007|09:44] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[14/11/2007|09:58] C:\Program Files\Roxio
[22/02/2008|21:00] C:\Program Files\SAGEM
[14/11/2007|09:51] C:\Program Files\Seagate
[26/02/2008|13:29] C:\Program Files\Seagrand
[13/03/2008|20:03] C:\Program Files\Search Settings
[14/11/2007|10:12] C:\Program Files\Skype
[05/03/2008|11:27] C:\Program Files\Sony Ericsson
[23/03/2008|22:55] C:\Program Files\SopCast
[08/05/2008|12:35] C:\Program Files\Spyware Doctor
[23/02/2008|17:24] C:\Program Files\Symantec
[23/02/2008|14:45] C:\Program Files\TVAnts
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[13/03/2008|20:02] C:\Program Files\VideoLAN
[25/02/2008|15:30] C:\Program Files\Web Photo Album
[04/05/2008|20:20] C:\Program Files\WebMediaPlayer
[26/04/2008|18:09] C:\Program Files\Winamp
[26/04/2008|17:51] C:\Program Files\Winamp Toolbar
[14/11/2007|17:54] C:\Program Files\Windows Calendar
[14/11/2007|17:51] C:\Program Files\Windows Collaboration
[14/11/2007|18:06] C:\Program Files\Windows Defender
[14/11/2007|17:51] C:\Program Files\Windows Journal
[22/02/2008|21:49] C:\Program Files\Windows Live
[11/04/2008|17:01] C:\Program Files\Windows Mail
[14/11/2007|17:53] C:\Program Files\Windows Media Player
[22/02/2008|20:04] C:\Program Files\Windows NT
[14/11/2007|17:51] C:\Program Files\Windows Photo Gallery
[23/02/2008|13:37] C:\Program Files\Windows Sidebar
[24/02/2008|00:26] C:\Program Files\WinZip
[27/03/2008|21:05] C:\Program Files\WordBiz

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[05/03/2008|09:53] C:\Program Files\Common Files\Adobe
[14/11/2007|10:10] C:\Program Files\Common Files\DESIGNER
[14/11/2007|10:00] C:\Program Files\Common Files\InstallShield
[22/02/2008|21:19] C:\Program Files\Common Files\microsoft shared
[28/04/2008|21:02] C:\Program Files\Common Files\Nero
[14/11/2007|09:58] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[14/11/2007|10:12] C:\Program Files\Common Files\Skype
[14/11/2007|09:58] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[14/11/2007|09:58] C:\Program Files\Common Files\SureThing Shared
[06/03/2008|23:28] C:\Program Files\Common Files\Symantec Shared
[14/11/2007|18:16] C:\Program Files\Common Files\System
[22/02/2008|21:49] C:\Program Files\Common Files\WindowsLiveInstaller
[14/11/2007|09:51] C:\Program Files\Common Files\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 69

iexplore.exe ~ [3748]

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\inside curb curb.0247agv
C:\ProgramData\inside curb curb.07r5m
C:\ProgramData\inside curb curb.09pet
C:\ProgramData\inside curb curb.0dzv0u
C:\ProgramData\inside curb curb.0lw6h
C:\ProgramData\inside curb curb.0p6bw
C:\ProgramData\inside curb curb.0ry7v97
C:\ProgramData\inside curb curb.0wpbdkz
C:\ProgramData\inside curb curb.0ym3irj
C:\ProgramData\inside curb curb.11zxnv
C:\ProgramData\inside curb curb.12lywu
C:\ProgramData\inside curb curb.19emh
C:\ProgramData\inside curb curb.1fzgvb
C:\ProgramData\inside curb curb.1tn5dux
C:\ProgramData\inside curb curb.21f9ts
C:\ProgramData\inside curb curb.21w6l2p
C:\ProgramData\inside curb curb.23fjc
C:\ProgramData\inside curb curb.268o3uf
C:\ProgramData\inside curb curb.2acf1n
C:\ProgramData\inside curb curb.2dh0y7
C:\ProgramData\inside curb curb.2v9sm
C:\ProgramData\inside curb curb.2ylpv
C:\ProgramData\inside curb curb.304x6
C:\ProgramData\inside curb curb.33s3k5
C:\ProgramData\inside curb curb.3bdg6
C:\ProgramData\inside curb curb.3dr9blr
C:\ProgramData\inside curb curb.3vimp
C:\ProgramData\inside curb curb.43oy43v
C:\ProgramData\inside curb curb.46j3w9n
C:\ProgramData\inside curb curb.48poe5k
C:\ProgramData\inside curb curb.4aovft4
C:\ProgramData\inside curb curb.4az40
C:\ProgramData\inside curb curb.4f0f7cb
C:\ProgramData\inside curb curb.4gbpw
C:\ProgramData\inside curb curb.4ne7u0o
C:\ProgramData\inside curb curb.4uky6
C:\ProgramData\inside curb curb.59zpgy
C:\ProgramData\inside curb curb.5k849
C:\ProgramData\inside curb curb.5klb2
C:\ProgramData\inside curb curb.5lesxa
C:\ProgramData\inside curb curb.5r2zy73
C:\ProgramData\inside curb curb.5tkjxn9
C:\ProgramData\inside curb curb.5wymm
C:\ProgramData\inside curb curb.5xwldg
C:\ProgramData\inside curb curb.6adqi
C:\ProgramData\inside curb curb.6nmybyr
C:\ProgramData\inside curb curb.6uboxdj
C:\ProgramData\inside curb curb.6w7hxci
C:\ProgramData\inside curb curb.77tpt
C:\ProgramData\inside curb curb.7tbrtp8
C:\ProgramData\inside curb curb.83yyhq
C:\ProgramData\inside curb curb.8ghkxn
C:\ProgramData\inside curb curb.8qck8
C:\ProgramData\inside curb curb.8vgqk
C:\ProgramData\inside curb curb.8ys87ae
C:\ProgramData\inside curb curb.9f21v
C:\ProgramData\inside curb curb.9gt8u2i
C:\ProgramData\inside curb curb.9juvp9z
C:\ProgramData\inside curb curb.9k4odm
C:\ProgramData\inside curb curb.9qx42
C:\ProgramData\inside curb curb.9rl5c5
C:\ProgramData\inside curb curb.9ta1r
C:\ProgramData\inside curb curb.9tavzn
C:\ProgramData\inside curb curb.9ujkn
C:\ProgramData\inside curb curb.9v8zyfv
C:\ProgramData\inside curb curb.9wf4d
C:\ProgramData\inside curb curb.9y9vu
C:\ProgramData\inside curb curb.ae3bdv
C:\ProgramData\inside curb curb.aeejmwy
C:\ProgramData\inside curb curb.ajrch
C:\ProgramData\inside curb curb.at3ot8
C:\ProgramData\inside curb curb.bgaovd
C:\ProgramData\inside curb curb.bmg1u4
C:\ProgramData\inside curb curb.c6elal
C:\ProgramData\inside curb curb.c9jgm
C:\ProgramData\inside curb curb.cax441
C:\ProgramData\inside curb curb.ck0dn
C:\ProgramData\inside curb curb.cmgds
C:\ProgramData\inside curb curb.cqsenxl
C:\ProgramData\inside curb curb.ct42kp9
C:\ProgramData\inside curb curb.cx0df
C:\ProgramData\inside curb curb.cxlzp
C:\ProgramData\inside curb curb.d0uek
C:\ProgramData\inside curb curb.d68qvz
C:\ProgramData\inside curb curb.d6r6c0m
C:\ProgramData\inside curb curb.df0if3
C:\ProgramData\inside curb curb.dhz52b
C:\ProgramData\inside curb curb.divxja
C:\ProgramData\inside curb curb.dl0y9
C:\ProgramData\inside curb curb.dtzi0
C:\ProgramData\inside curb curb.dusmdg
C:\ProgramData\inside curb curb.dyculyp
C:\ProgramData\inside curb curb.e0h8av5
C:\ProgramData\inside curb curb.e4a2a
C:\ProgramData\inside curb curb.e4uvq6j
C:\ProgramData\inside curb curb.e92x7kv
C:\ProgramData\inside curb curb.ekqaf
C:\ProgramData\inside curb curb.elph9
C:\ProgramData\inside curb curb.eoytc9o
C:\ProgramData\inside curb curb.epfj74
C:\ProgramData\inside curb curb.euedj
C:\ProgramData\inside curb curb.ezy24k1
C:\ProgramData\inside curb curb.f21pn5
C:\ProgramData\inside curb curb.f3fmr
C:\ProgramData\inside curb curb.f4r0de
C:\ProgramData\inside curb curb.f4ukkru
C:\ProgramData\inside curb curb.f83jb0z
C:\ProgramData\inside curb curb.ffsrkim
C:\ProgramData\inside curb curb.fobymj4
C:\ProgramData\inside curb curb.fpadgw
C:\ProgramData\inside curb curb.fqu3790
C:\ProgramData\inside curb curb.fwehff
C:\ProgramData\inside curb curb.fxu028
C:\ProgramData\inside curb curb.fzkk4s
C:\ProgramData\inside curb curb.g3ju0
C:\ProgramData\inside curb curb.gewzcl4
C:\ProgramData\inside curb curb.gf0yfhf
C:\ProgramData\inside curb curb.gspv3nk
C:\ProgramData\inside curb curb.gvk6h7
C:\ProgramData\inside curb curb.gzvjc59
C:\ProgramData\inside curb curb.h8x156
C:\ProgramData\inside curb curb.hczjx
C:\ProgramData\inside curb curb.hdqca1
C:\ProgramData\inside curb curb.hdr4vwe
C:\ProgramData\inside curb curb.hhquq4
C:\ProgramData\inside curb curb.ho3261c
C:\ProgramData\inside curb curb.hyeyc07
C:\ProgramData\inside curb curb.i1rn9
C:\ProgramData\inside curb curb.i31t81q
C:\ProgramData\inside curb curb.iffma90
C:\ProgramData\inside curb curb.ig8is
C:\ProgramData\inside curb curb.iixlwn
C:\ProgramData\inside curb curb.iuhy99k
C:\ProgramData\inside curb curb.iwykt1
C:\ProgramData\inside curb curb.ix6cjp
C:\ProgramData\inside curb curb.izv8hj
C:\ProgramData\inside curb curb.j2ebq
C:\ProgramData\inside curb curb.j6ybr
C:\ProgramData\inside curb curb.j7xmn5
C:\ProgramData\inside curb curb.jkf24p3
C:\ProgramData\inside curb curb.jpcsnz
C:\ProgramData\inside curb curb.jqswhr
C:\ProgramData\inside curb curb.jrt9p1
C:\ProgramData\inside curb curb.jryqjd
C:\ProgramData\inside curb curb.jv8ln
C:\ProgramData\inside curb curb.jx9skp
C:\ProgramData\inside curb curb.k0rjq
C:\ProgramData\inside curb curb.k0s4fk4
C:\ProgramData\inside curb curb.k2uas
C:\ProgramData\inside curb curb.k4hv601
C:\ProgramData\inside curb curb.kfwhhi
C:\ProgramData\inside curb curb.kgtzyuc
C:\ProgramData\inside curb curb.ksx9l
C:\ProgramData\inside curb curb.kx6v2u
C:\ProgramData\inside curb curb.kza156g
C:\ProgramData\inside curb curb.l1dsm
C:\ProgramData\inside curb curb.l2u5x
C:\ProgramData\inside curb curb.l4xnoio
C:\ProgramData\inside curb curb.lhmxm
C:\ProgramData\inside curb curb.ltlo7
C:\ProgramData\inside curb curb.lv195
C:\ProgramData\inside curb curb.m1rkp
C:\ProgramData\inside curb curb.m5f8yt
C:\ProgramData\inside curb curb.mahjoh2
C:\ProgramData\inside curb curb.mayll
C:\ProgramData\inside curb curb.mbde9a3
C:\ProgramData\inside curb curb.mf6z6t
C:\ProgramData\inside curb curb.mfrcn2
C:\ProgramData\inside curb curb.mhskdx
C:\ProgramData\inside curb curb.mtu1ib
C:\ProgramData\inside curb curb.mxsdvy
C:\ProgramData\inside curb curb.n0aiyiz
C:\ProgramData\inside curb curb.n0ov9
C:\ProgramData\inside curb curb.n362qe
C:\ProgramData\inside curb curb.n47xs5
C:\ProgramData\inside curb curb.n6x9ysj
C:\ProgramData\inside curb curb.n8wqu
C:\ProgramData\inside curb curb.ndbkrt
C:\ProgramData\inside curb curb.nisy3v
C:\ProgramData\inside curb curb.nn1oi0z
C:\ProgramData\inside curb curb.nnqfn
C:\ProgramData\inside curb curb.nokdx
C:\ProgramData\inside curb curb.o1xtqt
C:\ProgramData\inside curb curb.o2qku0w
C:\ProgramData\inside curb curb.o5s13f
C:\ProgramData\inside curb curb.o93wq
C:\ProgramData\inside curb curb.oed8obj
C:\ProgramData\inside curb curb.ogygjt
C:\ProgramData\inside curb curb.opvev
C:\ProgramData\inside curb curb.oqcvuda
C:\ProgramData\inside curb curb.ow9fjci
C:\ProgramData\inside curb curb.ox4jat
C:\ProgramData\inside curb curb.pe7k3w1
C:\ProgramData\inside curb curb.pnhj5r
C:\ProgramData\inside curb curb.pqghq
C:\ProgramData\inside curb curb.pr63fq
C:\ProgramData\inside curb curb.puqef
C:\ProgramData\inside curb curb.pwjgc
C:\ProgramData\inside curb curb.qh4byio
C:\ProgramData\inside curb curb.qlrqk
C:\ProgramData\inside curb curb.qrlrp
C:\ProgramData\inside curb curb.qsw36n
C:\ProgramData\inside curb curb.r6mvp0b
C:\ProgramData\inside curb curb.rb4au18
C:\ProgramData\inside curb curb.rg6uj1
C:\ProgramData\inside curb curb.rojc2p6
C:\ProgramData\inside curb curb.rqs2x
C:\ProgramData\inside curb curb.rsv06g
C:\ProgramData\inside curb curb.rzp4z
C:\ProgramData\inside curb curb.s48fz1h
C:\ProgramData\inside curb curb.s50jzao
C:\ProgramData\inside curb curb.sc4isvc
C:\ProgramData\inside curb curb.sgnc9f
C:\ProgramData\inside curb curb.shmfae
C:\ProgramData\inside curb curb.sll9v3l
C:\ProgramData\inside curb curb.t1d66ka
C:\ProgramData\inside curb curb.t27egm
C:\ProgramData\inside curb curb.t5nrelh
C:\ProgramData\inside curb curb.tb5u0iu
C:\ProgramData\inside curb curb.tqe0wc
C:\ProgramData\inside curb curb.u0s26tq
C:\ProgramData\inside curb curb.ubi0bj
C:\ProgramData\inside curb curb.uhikoiw
C:\ProgramData\inside curb curb.v9h67v
C:\ProgramData\inside curb curb.vbyye
C:\ProgramData\inside curb curb.vc195
C:\ProgramData\inside curb curb.vjk9w
C:\ProgramData\inside curb curb.vrn8c7
C:\ProgramData\inside curb curb.vz6fgvs
C:\ProgramData\inside curb curb.vzldwq
C:\ProgramData\inside curb curb.w33oipu
C:\ProgramData\inside curb curb.w39o8a
C:\ProgramData\inside curb curb.wescn5t
C:\ProgramData\inside curb curb.wkoc0
C:\ProgramData\inside curb curb.woe1e2i
C:\ProgramData\inside curb curb.wohuk9
C:\ProgramData\inside curb curb.xehy6j
C:\ProgramData\inside curb curb.xgma04c
C:\ProgramData\inside curb curb.xqzj6
C:\ProgramData\inside curb curb.xw5qc
C:\ProgramData\inside curb curb.xzjsod
C:\ProgramData\inside curb curb.xzo6k
C:\ProgramData\inside curb curb.y083jz
C:\ProgramData\inside curb curb.y0bvn
C:\ProgramData\inside curb curb.y67kp5
C:\ProgramData\inside curb curb.y94x6l1
C:\ProgramData\inside curb curb.yguuor
C:\ProgramData\inside curb curb.yhsw2
C:\ProgramData\inside curb curb.ynmbww
C:\ProgramData\inside curb curb.yvbb1z0
C:\ProgramData\inside curb curb.ywk5gw
C:\ProgramData\inside curb curb.yzpvaw
C:\ProgramData\inside curb curb.zkia0hi
C:\ProgramData\inside curb curb.zkre7ys
C:\ProgramData\kind frag bone.7enyqbd
C:\ProgramData\inside curb curb.0247agv
C:\ProgramData\inside curb curb.07r5m
C:\ProgramData\inside curb curb.0dzv0u
C:\ProgramData\inside curb curb.0p6bw
C:\ProgramData\inside curb curb.0ym3irj
C:\ProgramData\inside curb curb.11zxnv
C:\ProgramData\inside curb curb.19emh
C:\ProgramData\inside curb curb.1fzgvb
C:\ProgramData\inside curb curb.1tn5dux
C:\ProgramData\inside curb curb.21f9ts
C:\ProgramData\inside curb curb.23fjc
C:\ProgramData\inside curb curb.268o3uf
C:\ProgramData\inside curb curb.2dh0y7
C:\ProgramData\inside curb curb.304x6
C:\ProgramData\inside curb curb.3bdg6
C:\ProgramData\inside curb curb.3vimp
C:\ProgramData\inside curb curb.43oy43v
C:\ProgramData\inside curb curb.46j3w9n
C:\ProgramData\inside curb curb.48poe5k
C:\ProgramData\inside curb curb.4aovft4
C:\ProgramData\inside curb curb.4az40
C:\ProgramData\inside curb curb.4f0f7cb
C:\ProgramData\inside curb curb.4ne7u0o
C:\ProgramData\inside curb curb.4uky6
C:\ProgramData\inside curb curb.59zpgy
C:\ProgramData\inside curb curb.5k849
C:\ProgramData\inside curb curb.5lesxa
C:\ProgramData\inside curb curb.5r2zy73
C:\ProgramData\inside curb curb.5tkjxn9
C:\ProgramData\inside curb curb.5wymm
C:\ProgramData\inside curb curb.5xwldg
C:\ProgramData\inside curb curb.6nmybyr
C:\ProgramData\inside curb curb.6uboxdj
C:\ProgramData\inside curb curb.6w7hxci
C:\ProgramData\inside curb curb.77tpt
C:\ProgramData\inside curb curb.7tbrtp8
C:\ProgramData\inside curb curb.83yyhq
C:\ProgramData\inside curb curb.8ys87ae
C:\ProgramData\inside curb curb.9f21v
C:\ProgramData\inside curb curb.9gt8u2i
C:\ProgramData\inside curb curb.9juvp9z
C:\ProgramData\inside curb curb.9k4odm
C:\ProgramData\inside curb curb.9qx42
C:\ProgramData\inside curb curb.9rl5c5
C:\ProgramData\inside curb curb.9ta1r
C:\ProgramData\inside curb curb.9tavzn
C:\ProgramData\inside curb curb.9ujkn
C:\ProgramData\inside curb curb.9y9vu
C:\ProgramData\inside curb curb.ae3bdv
C:\ProgramData\inside curb curb.ajrch
C:\ProgramData\inside curb curb.at3ot8
C:\ProgramData\inside curb curb.bmg1u4
C:\ProgramData\inside curb curb.c6elal
C:\ProgramData\inside curb curb.c9jgm
C:\ProgramData\inside curb curb.cax441
C:\ProgramData\inside curb curb.ck0dn
C:\ProgramData\inside curb curb.cmgds
C:\ProgramData\inside curb curb.cqsenxl
C:\ProgramData\inside curb curb.ct42kp9
C:\ProgramData\inside curb curb.cx0df
C:\ProgramData\inside curb curb.d0uek
C:\ProgramData\inside curb curb.d68qvz
C:\ProgramData\inside curb curb.d6r6c0m
C:\ProgramData\inside curb curb.df0if3
C:\ProgramData\inside curb curb.dhz52b
C:\ProgramData\inside curb curb.divxja
C:\ProgramData\inside curb curb.dtzi0
C:\ProgramData\inside curb curb.dusmdg
C:\ProgramData\inside curb curb.e0h8av5
C:\ProgramData\inside curb curb.ekqaf
C:\ProgramData\inside curb curb.elph9
C:\ProgramData\inside curb curb.epfj74
C:\ProgramData\inside curb curb.euedj
C:\ProgramData\inside curb curb.ezy24k1
C:\ProgramData\inside curb curb.f21pn5
C:\ProgramData\inside curb curb.f3fmr
C:\ProgramData\inside curb curb.f4r0de
C:\ProgramData\inside curb curb.f4ukkru
C:\ProgramData\inside curb curb.f83jb0z
C:\ProgramData\inside curb curb.ffsrkim
C:\ProgramData\inside curb curb.fobymj4
C:\ProgramData\inside curb curb.fqu3790
C:\ProgramData\inside curb curb.fwehff
C:\ProgramData\inside curb curb.fxu028
C:\ProgramData\inside curb curb.fzkk4s
C:\ProgramData\inside curb curb.g3ju0
C:\ProgramData\inside curb curb.gf0yfhf
C:\ProgramData\inside curb curb.h8x156
C:\ProgramData\inside curb curb.hczjx
C:\ProgramData\inside curb curb.hdqca1
C:\ProgramData\inside curb curb.hhquq4
C:\ProgramData\inside curb curb.ho3261c
C:\ProgramData\inside curb curb.i1rn9
C:\ProgramData\inside curb curb.i31t81q
C:\ProgramData\inside curb curb.iffma90
C:\ProgramData\inside curb curb.ig8is
C:\ProgramData\inside curb curb.iuhy99k
C:\ProgramData\inside curb curb.iwykt1
C:\ProgramData\inside curb curb.ix6cjp
C:\ProgramData\inside curb curb.izv8hj
C:\ProgramData\inside curb curb.j2ebq
C:\ProgramData\inside curb curb.j7xmn5
C:\ProgramData\inside curb curb.jkf24p3
C:\ProgramData\inside curb curb.jqswhr
C:\ProgramData\inside curb curb.jrt9p1
C:\ProgramData\inside curb curb.jryqjd
C:\ProgramData\inside curb curb.jv8ln
C:\ProgramData\inside curb curb.k0rjq
C:\ProgramData\inside curb curb.k0s4fk4
C:\ProgramData\inside curb curb.k2uas
C:\ProgramData\inside curb curb.kfwhhi
C:\ProgramData\inside curb curb.kgtzyuc
C:\ProgramData\inside curb curb.ksx9l
C:\ProgramData\inside curb curb.kx6v2u
C:\ProgramData\inside curb curb.kza156g
C:\ProgramData\inside curb curb.l1dsm
C:\ProgramData\inside curb curb.l4xnoio
C:\ProgramData\inside curb curb.ltlo7
C:\ProgramData\inside curb curb.m5f8yt
C:\ProgramData\inside curb curb.mahjoh2
C:\ProgramData\inside curb curb.mayll
C:\ProgramData\inside curb curb.mfrcn2
C:\ProgramData\inside curb curb.mhskdx
C:\ProgramData\inside curb curb.mxsdvy
C:\ProgramData\inside curb curb.n0aiyiz
C:\ProgramData\inside curb curb.n0ov9
C:\ProgramData\inside curb curb.n362qe
C:\ProgramData\inside curb curb.n47xs5
C:\ProgramData\inside curb curb.ndbkrt
C:\ProgramData\inside curb curb.nisy3v
C:\ProgramData\inside curb curb.nn1oi0z
C:\ProgramData\inside curb curb.nnqfn
C:\ProgramData\inside curb curb.nokdx
C:\ProgramData\inside curb curb.o1xtqt
C:\ProgramData\inside curb curb.o2qku0w
C:\ProgramData\inside curb curb.o5s13f
C:\ProgramData\inside curb curb.o93wq
C:\ProgramData\inside curb curb.oed8obj
C:\ProgramData\inside curb curb.ox4jat
C:\ProgramData\inside curb curb.pnhj5r
C:\ProgramData\inside curb curb.pqghq
C:\ProgramData\inside curb curb.pr63fq
C:\ProgramData\inside curb curb.qrlrp
C:\ProgramData\inside curb curb.qsw36n
C:\ProgramData\inside curb curb.r6mvp0b
C:\ProgramData\inside curb curb.rojc2p6
C:\ProgramData\inside curb curb.rqs2x
C:\ProgramData\inside curb curb.rsv06g
C:\ProgramData\inside curb curb.rzp4z
C:\ProgramData\inside curb curb.s48fz1h
C:\ProgramData\inside curb curb.sc4isvc
C:\ProgramData\inside curb curb.sgnc9f
C:\ProgramData\inside curb curb.shmfae
C:\ProgramData\inside curb curb.sll9v3l
C:\ProgramData\inside curb curb.tb5u0iu
C:\ProgramData\inside curb curb.tqe0wc
C:\ProgramData\inside curb curb.u0s26tq
C:\ProgramData\inside curb curb.v9h67v
C:\ProgramData\inside curb curb.vc195
C:\ProgramData\inside curb curb.vjk9w
C:\ProgramData\inside curb curb.vrn8c7
C:\ProgramData\inside curb curb.vz6fgvs
C:\ProgramData\inside curb curb.vzldwq
C:\ProgramData\inside curb curb.w33oipu
C:\ProgramData\inside curb curb.wescn5t
C:\ProgramData\inside curb curb.wohuk9
C:\ProgramData\inside curb curb.xqzj6
C:\ProgramData\inside curb curb.xzjsod
C:\ProgramData\inside curb curb.xzo6k
C:\ProgramData\inside curb curb.y083jz
C:\ProgramData\inside curb curb.y0bvn
C:\ProgramData\inside curb curb.y67kp5
C:\ProgramData\inside curb curb.yguuor
C:\ProgramData\inside curb curb.yhsw2
C:\ProgramData\inside curb curb.ynmbww
C:\ProgramData\inside curb curb.yvbb1z0
C:\ProgramData\inside curb curb.yzpvaw
C:\ProgramData\inside curb curb.zkia0hi
C:\ProgramData\inside curb curb.zkre7ys
C:\ProgramData\kind frag bone.7enyqbd

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\ProgramData\Tool Eggs Less City
C:\ProgramData\Tool Eggs Less City\Ace Tick.exe

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-08 13:26:46
Windows 6.0.6000 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\Windows\system32\nvs2.inf
C:\Users\Johnny\AppData\Local\dheifjfb_navps.dat
C:\Users\Johnny\AppData\Local\dheifjfb.exe
C:\Users\Johnny\AppData\Local\dheifjfb.dat
C:\Users\Johnny\AppData\Local\dheifjfb_nav.dat
[b]! EGDACCESS !/b

/!\ [Fich:371][Doss:31] C:\Users\Johnny\AppData\Local\Temp
/!\ [Fich:1044][Doss:1] C:\Users\Johnny\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:1216][Doss:11] C:\Users\Johnny\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 13:27:28,02 ]----------------------
0
Réponse 6 / 33
biftek60 Messages postés 21 Statut Membre
 
lol oui je vais essaye de suivre les conseil de gil dabord merci kan meme jlpg
0
Réponse 7 / 33
gil le fantom Messages postés 2809 Statut Membre 25
 
tu as tout fait raison jlpjlp
Relance Lop S&D

* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

puis applique les conseils de jlpjlp

jlpjlp,tu peut prendre la suite,c'est pas un probléme
0
Réponse 8 / 33
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
NON c'est ton post
je te laisse faire

a bientôt
0
Réponse 9 / 33
biftek60 Messages postés 21 Statut Membre
 
oki donc je relance Lop
0
Réponse 10 / 33
biftek60 Messages postés 21 Statut Membre
 
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Johnny ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 08/05/2008 | 13:47:43,80 ] [ PC : PC-DE-JOHNNY ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\ProgramData\Tool Eggs Less City\Ace Tick.exe
Supprimé! - C:\ProgramData\inside curb curb.0247agv
Supprimé! - C:\ProgramData\inside curb curb.07r5m
Supprimé! - C:\ProgramData\inside curb curb.09pet
Supprimé! - C:\ProgramData\inside curb curb.0dzv0u
Supprimé! - C:\ProgramData\inside curb curb.0lw6h
Supprimé! - C:\ProgramData\inside curb curb.0p6bw
Supprimé! - C:\ProgramData\inside curb curb.0ry7v97
Supprimé! - C:\ProgramData\inside curb curb.0wpbdkz
Supprimé! - C:\ProgramData\inside curb curb.0ym3irj
Supprimé! - C:\ProgramData\inside curb curb.11zxnv
Supprimé! - C:\ProgramData\inside curb curb.12lywu
Supprimé! - C:\ProgramData\inside curb curb.19emh
Supprimé! - C:\ProgramData\inside curb curb.1fzgvb
Supprimé! - C:\ProgramData\inside curb curb.1tn5dux
Supprimé! - C:\ProgramData\inside curb curb.21f9ts
Supprimé! - C:\ProgramData\inside curb curb.21w6l2p
Supprimé! - C:\ProgramData\inside curb curb.23fjc
Supprimé! - C:\ProgramData\inside curb curb.268o3uf
Supprimé! - C:\ProgramData\inside curb curb.2acf1n
Supprimé! - C:\ProgramData\inside curb curb.2dh0y7
Supprimé! - C:\ProgramData\inside curb curb.2v9sm
Supprimé! - C:\ProgramData\inside curb curb.2ylpv
Supprimé! - C:\ProgramData\inside curb curb.304x6
Supprimé! - C:\ProgramData\inside curb curb.33s3k5
Supprimé! - C:\ProgramData\inside curb curb.3bdg6
Supprimé! - C:\ProgramData\inside curb curb.3dr9blr
Supprimé! - C:\ProgramData\inside curb curb.3vimp
Supprimé! - C:\ProgramData\inside curb curb.43oy43v
Supprimé! - C:\ProgramData\inside curb curb.46j3w9n
Supprimé! - C:\ProgramData\inside curb curb.48poe5k
Supprimé! - C:\ProgramData\inside curb curb.4aovft4
Supprimé! - C:\ProgramData\inside curb curb.4az40
Supprimé! - C:\ProgramData\inside curb curb.4f0f7cb
Supprimé! - C:\ProgramData\inside curb curb.4gbpw
Supprimé! - C:\ProgramData\inside curb curb.4ne7u0o
Supprimé! - C:\ProgramData\inside curb curb.4uky6
Supprimé! - C:\ProgramData\inside curb curb.59zpgy
Supprimé! - C:\ProgramData\inside curb curb.5k849
Supprimé! - C:\ProgramData\inside curb curb.5klb2
Supprimé! - C:\ProgramData\inside curb curb.5lesxa
Supprimé! - C:\ProgramData\inside curb curb.5r2zy73
Supprimé! - C:\ProgramData\inside curb curb.5tkjxn9
Supprimé! - C:\ProgramData\inside curb curb.5wymm
Supprimé! - C:\ProgramData\inside curb curb.5xwldg
Supprimé! - C:\ProgramData\inside curb curb.6adqi
Supprimé! - C:\ProgramData\inside curb curb.6nmybyr
Supprimé! - C:\ProgramData\inside curb curb.6uboxdj
Supprimé! - C:\ProgramData\inside curb curb.6w7hxci
Supprimé! - C:\ProgramData\inside curb curb.77tpt
Supprimé! - C:\ProgramData\inside curb curb.7tbrtp8
Supprimé! - C:\ProgramData\inside curb curb.83yyhq
Supprimé! - C:\ProgramData\inside curb curb.8ghkxn
Supprimé! - C:\ProgramData\inside curb curb.8qck8
Supprimé! - C:\ProgramData\inside curb curb.8vgqk
Supprimé! - C:\ProgramData\inside curb curb.8ys87ae
Supprimé! - C:\ProgramData\inside curb curb.9f21v
Supprimé! - C:\ProgramData\inside curb curb.9gt8u2i
Supprimé! - C:\ProgramData\inside curb curb.9juvp9z
Supprimé! - C:\ProgramData\inside curb curb.9k4odm
Supprimé! - C:\ProgramData\inside curb curb.9qx42
Supprimé! - C:\ProgramData\inside curb curb.9rl5c5
Supprimé! - C:\ProgramData\inside curb curb.9ta1r
Supprimé! - C:\ProgramData\inside curb curb.9tavzn
Supprimé! - C:\ProgramData\inside curb curb.9ujkn
Supprimé! - C:\ProgramData\inside curb curb.9v8zyfv
Supprimé! - C:\ProgramData\inside curb curb.9wf4d
Supprimé! - C:\ProgramData\inside curb curb.9y9vu
Supprimé! - C:\ProgramData\inside curb curb.ae3bdv
Supprimé! - C:\ProgramData\inside curb curb.aeejmwy
Supprimé! - C:\ProgramData\inside curb curb.ajrch
Supprimé! - C:\ProgramData\inside curb curb.at3ot8
Supprimé! - C:\ProgramData\inside curb curb.bgaovd
Supprimé! - C:\ProgramData\inside curb curb.bmg1u4
Supprimé! - C:\ProgramData\inside curb curb.c6elal
Supprimé! - C:\ProgramData\inside curb curb.c9jgm
Supprimé! - C:\ProgramData\inside curb curb.cax441
Supprimé! - C:\ProgramData\inside curb curb.ck0dn
Supprimé! - C:\ProgramData\inside curb curb.cmgds
Supprimé! - C:\ProgramData\inside curb curb.cqsenxl
Supprimé! - C:\ProgramData\inside curb curb.ct42kp9
Supprimé! - C:\ProgramData\inside curb curb.cx0df
Supprimé! - C:\ProgramData\inside curb curb.cxlzp
Supprimé! - C:\ProgramData\inside curb curb.d0uek
Supprimé! - C:\ProgramData\inside curb curb.d68qvz
Supprimé! - C:\ProgramData\inside curb curb.d6r6c0m
Supprimé! - C:\ProgramData\inside curb curb.df0if3
Supprimé! - C:\ProgramData\inside curb curb.dhz52b
Supprimé! - C:\ProgramData\inside curb curb.divxja
Supprimé! - C:\ProgramData\inside curb curb.dl0y9
Supprimé! - C:\ProgramData\inside curb curb.dtzi0
Supprimé! - C:\ProgramData\inside curb curb.dusmdg
Supprimé! - C:\ProgramData\inside curb curb.dyculyp
Supprimé! - C:\ProgramData\inside curb curb.e0h8av5
Supprimé! - C:\ProgramData\inside curb curb.e4a2a
Supprimé! - C:\ProgramData\inside curb curb.e4uvq6j
Supprimé! - C:\ProgramData\inside curb curb.e92x7kv
Supprimé! - C:\ProgramData\inside curb curb.ekqaf
Supprimé! - C:\ProgramData\inside curb curb.elph9
Supprimé! - C:\ProgramData\inside curb curb.eoytc9o
Supprimé! - C:\ProgramData\inside curb curb.epfj74
Supprimé! - C:\ProgramData\inside curb curb.euedj
Supprimé! - C:\ProgramData\inside curb curb.ezy24k1
Supprimé! - C:\ProgramData\inside curb curb.f21pn5
Supprimé! - C:\ProgramData\inside curb curb.f3fmr
Supprimé! - C:\ProgramData\inside curb curb.f4r0de
Supprimé! - C:\ProgramData\inside curb curb.f4ukkru
Supprimé! - C:\ProgramData\inside curb curb.f83jb0z
Supprimé! - C:\ProgramData\inside curb curb.ffsrkim
Supprimé! - C:\ProgramData\inside curb curb.fobymj4
Supprimé! - C:\ProgramData\inside curb curb.fpadgw
Supprimé! - C:\ProgramData\inside curb curb.fqu3790
Supprimé! - C:\ProgramData\inside curb curb.fwehff
Supprimé! - C:\ProgramData\inside curb curb.fxu028
Supprimé! - C:\ProgramData\inside curb curb.fzkk4s
Supprimé! - C:\ProgramData\inside curb curb.g3ju0
Supprimé! - C:\ProgramData\inside curb curb.gewzcl4
Supprimé! - C:\ProgramData\inside curb curb.gf0yfhf
Supprimé! - C:\ProgramData\inside curb curb.gspv3nk
Supprimé! - C:\ProgramData\inside curb curb.gvk6h7
Supprimé! - C:\ProgramData\inside curb curb.gzvjc59
Supprimé! - C:\ProgramData\inside curb curb.h8x156
Supprimé! - C:\ProgramData\inside curb curb.hczjx
Supprimé! - C:\ProgramData\inside curb curb.hdqca1
Supprimé! - C:\ProgramData\inside curb curb.hdr4vwe
Supprimé! - C:\ProgramData\inside curb curb.hhquq4
Supprimé! - C:\ProgramData\inside curb curb.ho3261c
Supprimé! - C:\ProgramData\inside curb curb.hyeyc07
Supprimé! - C:\ProgramData\inside curb curb.i1rn9
Supprimé! - C:\ProgramData\inside curb curb.i31t81q
Supprimé! - C:\ProgramData\inside curb curb.iffma90
Supprimé! - C:\ProgramData\inside curb curb.ig8is
Supprimé! - C:\ProgramData\inside curb curb.iixlwn
Supprimé! - C:\ProgramData\inside curb curb.iuhy99k
Supprimé! - C:\ProgramData\inside curb curb.iwykt1
Supprimé! - C:\ProgramData\inside curb curb.ix6cjp
Supprimé! - C:\ProgramData\inside curb curb.izv8hj
Supprimé! - C:\ProgramData\inside curb curb.j2ebq
Supprimé! - C:\ProgramData\inside curb curb.j6ybr
Supprimé! - C:\ProgramData\inside curb curb.j7xmn5
Supprimé! - C:\ProgramData\inside curb curb.jkf24p3
Supprimé! - C:\ProgramData\inside curb curb.jpcsnz
Supprimé! - C:\ProgramData\inside curb curb.jqswhr
Supprimé! - C:\ProgramData\inside curb curb.jrt9p1
Supprimé! - C:\ProgramData\inside curb curb.jryqjd
Supprimé! - C:\ProgramData\inside curb curb.jv8ln
Supprimé! - C:\ProgramData\inside curb curb.jx9skp
Supprimé! - C:\ProgramData\inside curb curb.k0rjq
Supprimé! - C:\ProgramData\inside curb curb.k0s4fk4
Supprimé! - C:\ProgramData\inside curb curb.k2uas
Supprimé! - C:\ProgramData\inside curb curb.k4hv601
Supprimé! - C:\ProgramData\inside curb curb.kfwhhi
Supprimé! - C:\ProgramData\inside curb curb.kgtzyuc
Supprimé! - C:\ProgramData\inside curb curb.ksx9l
Supprimé! - C:\ProgramData\inside curb curb.kx6v2u
Supprimé! - C:\ProgramData\inside curb curb.kza156g
Supprimé! - C:\ProgramData\inside curb curb.l1dsm
Supprimé! - C:\ProgramData\inside curb curb.l2u5x
Supprimé! - C:\ProgramData\inside curb curb.l4xnoio
Supprimé! - C:\ProgramData\inside curb curb.lhmxm
Supprimé! - C:\ProgramData\inside curb curb.ltlo7
Supprimé! - C:\ProgramData\inside curb curb.lv195
Supprimé! - C:\ProgramData\inside curb curb.m1rkp
Supprimé! - C:\ProgramData\inside curb curb.m5f8yt
Supprimé! - C:\ProgramData\inside curb curb.mahjoh2
Supprimé! - C:\ProgramData\inside curb curb.mayll
Supprimé! - C:\ProgramData\inside curb curb.mbde9a3
Supprimé! - C:\ProgramData\inside curb curb.mf6z6t
Supprimé! - C:\ProgramData\inside curb curb.mfrcn2
Supprimé! - C:\ProgramData\inside curb curb.mhskdx
Supprimé! - C:\ProgramData\inside curb curb.mtu1ib
Supprimé! - C:\ProgramData\inside curb curb.mxsdvy
Supprimé! - C:\ProgramData\inside curb curb.n0aiyiz
Supprimé! - C:\ProgramData\inside curb curb.n0ov9
Supprimé! - C:\ProgramData\inside curb curb.n362qe
Supprimé! - C:\ProgramData\inside curb curb.n47xs5
Supprimé! - C:\ProgramData\inside curb curb.n6x9ysj
Supprimé! - C:\ProgramData\inside curb curb.n8wqu
Supprimé! - C:\ProgramData\inside curb curb.ndbkrt
Supprimé! - C:\ProgramData\inside curb curb.nisy3v
Supprimé! - C:\ProgramData\inside curb curb.nn1oi0z
Supprimé! - C:\ProgramData\inside curb curb.nnqfn
Supprimé! - C:\ProgramData\inside curb curb.nokdx
Supprimé! - C:\ProgramData\inside curb curb.o1xtqt
Supprimé! - C:\ProgramData\inside curb curb.o2qku0w
Supprimé! - C:\ProgramData\inside curb curb.o5s13f
Supprimé! - C:\ProgramData\inside curb curb.o93wq
Supprimé! - C:\ProgramData\inside curb curb.oed8obj
Supprimé! - C:\ProgramData\inside curb curb.ogygjt
Supprimé! - C:\ProgramData\inside curb curb.opvev
Supprimé! - C:\ProgramData\inside curb curb.oqcvuda
Supprimé! - C:\ProgramData\inside curb curb.ow9fjci
Supprimé! - C:\ProgramData\inside curb curb.ox4jat
Supprimé! - C:\ProgramData\inside curb curb.pe7k3w1
Supprimé! - C:\ProgramData\inside curb curb.pnhj5r
Supprimé! - C:\ProgramData\inside curb curb.pqghq
Supprimé! - C:\ProgramData\inside curb curb.pr63fq
Supprimé! - C:\ProgramData\inside curb curb.puqef
Supprimé! - C:\ProgramData\inside curb curb.pwjgc
Supprimé! - C:\ProgramData\inside curb curb.qh4byio
Supprimé! - C:\ProgramData\inside curb curb.qlrqk
Supprimé! - C:\ProgramData\inside curb curb.qrlrp
Supprimé! - C:\ProgramData\inside curb curb.qsw36n
Supprimé! - C:\ProgramData\inside curb curb.r6mvp0b
Supprimé! - C:\ProgramData\inside curb curb.rb4au18
Supprimé! - C:\ProgramData\inside curb curb.rg6uj1
Supprimé! - C:\ProgramData\inside curb curb.rojc2p6
Supprimé! - C:\ProgramData\inside curb curb.rqs2x
Supprimé! - C:\ProgramData\inside curb curb.rsv06g
Supprimé! - C:\ProgramData\inside curb curb.rzp4z
Supprimé! - C:\ProgramData\inside curb curb.s48fz1h
Supprimé! - C:\ProgramData\inside curb curb.s50jzao
Supprimé! - C:\ProgramData\inside curb curb.sc4isvc
Supprimé! - C:\ProgramData\inside curb curb.sgnc9f
Supprimé! - C:\ProgramData\inside curb curb.shmfae
Supprimé! - C:\ProgramData\inside curb curb.sll9v3l
Supprimé! - C:\ProgramData\inside curb curb.t1d66ka
Supprimé! - C:\ProgramData\inside curb curb.t27egm
Supprimé! - C:\ProgramData\inside curb curb.t5nrelh
Supprimé! - C:\ProgramData\inside curb curb.tb5u0iu
Supprimé! - C:\ProgramData\inside curb curb.tqe0wc
Supprimé! - C:\ProgramData\inside curb curb.u0s26tq
Supprimé! - C:\ProgramData\inside curb curb.ubi0bj
Supprimé! - C:\ProgramData\inside curb curb.uhikoiw
Supprimé! - C:\ProgramData\inside curb curb.v9h67v
Supprimé! - C:\ProgramData\inside curb curb.vbyye
Supprimé! - C:\ProgramData\inside curb curb.vc195
Supprimé! - C:\ProgramData\inside curb curb.vjk9w
Supprimé! - C:\ProgramData\inside curb curb.vrn8c7
Supprimé! - C:\ProgramData\inside curb curb.vz6fgvs
Supprimé! - C:\ProgramData\inside curb curb.vzldwq
Supprimé! - C:\ProgramData\inside curb curb.w33oipu
Supprimé! - C:\ProgramData\inside curb curb.w39o8a
Supprimé! - C:\ProgramData\inside curb curb.wescn5t
Supprimé! - C:\ProgramData\inside curb curb.wkoc0
Supprimé! - C:\ProgramData\inside curb curb.woe1e2i
Supprimé! - C:\ProgramData\inside curb curb.wohuk9
Supprimé! - C:\ProgramData\inside curb curb.xehy6j
Supprimé! - C:\ProgramData\inside curb curb.xgma04c
Supprimé! - C:\ProgramData\inside curb curb.xqzj6
Supprimé! - C:\ProgramData\inside curb curb.xw5qc
Supprimé! - C:\ProgramData\inside curb curb.xzjsod
Supprimé! - C:\ProgramData\inside curb curb.xzo6k
Supprimé! - C:\ProgramData\inside curb curb.y083jz
Supprimé! - C:\ProgramData\inside curb curb.y0bvn
Supprimé! - C:\ProgramData\inside curb curb.y67kp5
Supprimé! - C:\ProgramData\inside curb curb.y94x6l1
Supprimé! - C:\ProgramData\inside curb curb.yguuor
Supprimé! - C:\ProgramData\inside curb curb.yhsw2
Supprimé! - C:\ProgramData\inside curb curb.ynmbww
Supprimé! - C:\ProgramData\inside curb curb.yvbb1z0
Supprimé! - C:\ProgramData\inside curb curb.ywk5gw
Supprimé! - C:\ProgramData\inside curb curb.yzpvaw
Supprimé! - C:\ProgramData\inside curb curb.zkia0hi
Supprimé! - C:\ProgramData\inside curb curb.zkre7ys
Supprimé! - C:\ProgramData\kind frag bone.7enyqbd
Supprimé! - C:\ProgramData\Tool Eggs Less City
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

[25/03/2008|20:04] C:\Users\Johnny\AppData\Roaming\Adobe\Flash Player
[28/02/2008|11:32] C:\Users\Johnny\AppData\Roaming\Adobe\Linguistics
[23/02/2008|13:53] C:\Users\Johnny\AppData\Roaming\Adobe\Acrobat

[22/02/2008|20:14] C:\Users\Johnny\AppData\Roaming\CyberLink\MediaCache
[22/02/2008|20:14] C:\Users\Johnny\AppData\Roaming\CyberLink\MagicSports

[03/05/2008|13:28] C:\Users\Johnny\AppData\Roaming\Google\Local Search History

[22/02/2008|20:13] C:\Users\Johnny\AppData\Roaming\Identities\{E2A3DD73-69A9-459D-9BE8-1F67B61EB657}

[22/02/2008|21:00] C:\Users\Johnny\AppData\Roaming\InstallShield\ISEngine12.0

[22/02/2008|21:06] C:\Users\Johnny\AppData\Roaming\Macromedia\Flash Player

[13/03/2008|19:43] C:\Users\Johnny\AppData\Roaming\Media Player Classic\default.mpcpl

[01/05/2008|13:03] C:\Users\Johnny\AppData\Roaming\Microsoft\Templates
[20/04/2008|22:19] C:\Users\Johnny\AppData\Roaming\Microsoft\Office
[20/04/2008|21:53] C:\Users\Johnny\AppData\Roaming\Microsoft\QuickStyles
[20/04/2008|21:38] C:\Users\Johnny\AppData\Roaming\Microsoft\UProof
[17/04/2008|11:26] C:\Users\Johnny\AppData\Roaming\Microsoft\MSN Messenger
[15/03/2008|14:08] C:\Users\Johnny\AppData\Roaming\Microsoft\Windows Photo Gallery
[09/03/2008|18:55] C:\Users\Johnny\AppData\Roaming\Microsoft\Internet Explorer
[26/02/2008|19:26] C:\Users\Johnny\AppData\Roaming\Microsoft\Crypto
[25/02/2008|15:08] C:\Users\Johnny\AppData\Roaming\Microsoft\OIS
[24/02/2008|20:43] C:\Users\Johnny\AppData\Roaming\Microsoft\Clip Organizer
[24/02/2008|20:07] C:\Users\Johnny\AppData\Roaming\Microsoft\Proof
[24/02/2008|20:05] C:\Users\Johnny\AppData\Roaming\Microsoft\Document Building Blocks
[24/02/2008|20:05] C:\Users\Johnny\AppData\Roaming\Microsoft\Word
[24/02/2008|20:05] C:\Users\Johnny\AppData\Roaming\Microsoft\AddIns
[23/02/2008|14:06] C:\Users\Johnny\AppData\Roaming\Microsoft\IdentityCRL
[22/02/2008|21:58] C:\Users\Johnny\AppData\Roaming\Microsoft\Windows
[22/02/2008|21:34] C:\Users\Johnny\AppData\Roaming\Microsoft\Credentials
[22/02/2008|20:14] C:\Users\Johnny\AppData\Roaming\Microsoft\CLR Security Config
[22/02/2008|20:13] C:\Users\Johnny\AppData\Roaming\Microsoft\SystemCertificates
[22/02/2008|20:13] C:\Users\Johnny\AppData\Roaming\Microsoft\Protect

[04/05/2008|20:44] C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox

[22/03/2008|12:32] C:\Users\Johnny\AppData\Roaming\Nero\Nero8

[08/05/2008|13:46] C:\Users\Johnny\AppData\Roaming\Packard Bell\Setup my PC
[30/04/2008|21:22] C:\Users\Johnny\AppData\Roaming\Packard Bell\Smart Restore
[22/02/2008|20:34] C:\Users\Johnny\AppData\Roaming\Packard Bell\InfoCentre
[22/02/2008|20:14] C:\Users\Johnny\AppData\Roaming\Packard Bell\IDCard

[08/05/2008|12:31] C:\Users\Johnny\AppData\Roaming\PC Tools\Spyware Doctor

[08/05/2008|12:15] C:\Users\Johnny\AppData\Roaming\QuickZip45.ini\QuickZip45.ini

[26/02/2008|17:48] C:\Users\Johnny\AppData\Roaming\Roxio\MediaManager9

[22/02/2008|20:48] C:\Users\Johnny\AppData\Roaming\Symantec\Cleanup

[22/02/2008|20:35] C:\Users\Johnny\AppData\Roaming\Talkback\MozillaOrg

[26/02/2008|17:57] C:\Users\Johnny\AppData\Roaming\UserTile.png\UserTile.png

[28/04/2008|21:48] C:\Users\Johnny\AppData\Roaming\vlc\vlcrc
[13/03/2008|21:32] C:\Users\Johnny\AppData\Roaming\vlc\cache

[26/04/2008|20:44] C:\Users\Johnny\AppData\Roaming\Winamp\winamp.ini
[26/04/2008|20:44] C:\Users\Johnny\AppData\Roaming\Winamp\winamp.m3u
[26/04/2008|20:44] C:\Users\Johnny\AppData\Roaming\Winamp\Winamp.m3u8
[26/04/2008|18:02] C:\Users\Johnny\AppData\Roaming\Winamp\studio.xnf
[26/04/2008|17:53] C:\Users\Johnny\AppData\Roaming\Winamp\Plugins
[26/04/2008|17:53] C:\Users\Johnny\AppData\Roaming\Winamp\Winamp.q1
[10/03/2008|22:14] C:\Users\Johnny\AppData\Roaming\Winamp\links.xml
[14/09/2005|21:17] C:\Users\Johnny\AppData\Roaming\Winamp\demo.mp3

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[08/05/2008 13:30][--a------] C:\Windows\tasks\Extension de garantie.job
[08/05/2008 13:30][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[08/05/2008 13:45][--ah-----] C:\Windows\tasks\SA.DAT
[08/05/2008 13:44][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[14/11/2007|10:12] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[05/03/2008|09:53] C:\ProgramData\Adobe
[22/02/2008|19:53] C:\ProgramData\Application Data
[22/02/2008|20:04] C:\ProgramData\Bureau
[14/11/2007|10:01] C:\ProgramData\CyberLink
[22/02/2008|19:53] C:\ProgramData\Desktop
[22/02/2008|19:53] C:\ProgramData\Documents
[22/02/2008|21:15] C:\ProgramData\eMule
[22/02/2008|20:04] C:\ProgramData\Favoris
[22/02/2008|19:53] C:\ProgramData\Favorites
[14/11/2007|10:00] C:\ProgramData\Google
[14/11/2007|09:58] C:\ProgramData\InstallShield
[21/04/2008|09:48] C:\ProgramData\Kiwee Toolbar2
[22/02/2008|20:04] C:\ProgramData\Menu D‚marrer
[22/02/2008|21:02] C:\ProgramData\Microsoft
[11/04/2008|16:26] C:\ProgramData\Microsoft Help
[22/02/2008|20:04] C:\ProgramData\ModŠles
[28/04/2008|21:02] C:\ProgramData\Nero
[14/11/2007|09:49] C:\ProgramData\NVIDIA
[24/03/2008|13:40] C:\ProgramData\pixelStorm
[14/11/2007|10:15] C:\ProgramData\Roxio
[14/11/2007|10:12] C:\ProgramData\Skype
[22/02/2008|21:32] C:\ProgramData\Sonic
[05/03/2008|11:28] C:\ProgramData\Sony Ericsson
[22/02/2008|19:53] C:\ProgramData\Start Menu
[08/05/2008|13:36] C:\ProgramData\Symantec
[17/04/2008|10:43] C:\ProgramData\Team Wave Body
[08/05/2008|13:46] C:\ProgramData\TEMP
[22/02/2008|19:53] C:\ProgramData\Templates
[26/04/2008|17:51] C:\ProgramData\Winamp Toolbar
[24/02/2008|00:26] C:\ProgramData\WinZip
[22/02/2008|21:48] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[14/11/2007|10:12] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[05/03/2008|09:53] C:\Program Files\Adobe
[26/02/2008|13:22] C:\Program Files\AnmSMP
[19/04/2008|16:52] C:\Program Files\Antipub
[23/02/2008|15:23] C:\Program Files\AskTBar
[28/04/2008|20:59] C:\Program Files\BoontyGames
[20/03/2008|21:40] C:\Program Files\Common Files
[14/11/2007|10:01] C:\Program Files\CyberLink
[13/03/2008|20:01] C:\Program Files\Dealio
[14/11/2007|09:35] C:\Program Files\desktop.ini
[22/02/2008|21:08] C:\Program Files\eMule
[22/02/2008|20:04] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[28/04/2008|13:22] C:\Program Files\Free Easy Burner
[14/11/2007|10:00] C:\Program Files\Google
[30/04/2008|21:30] C:\Program Files\HD1988 Labs
[14/11/2007|09:50] C:\Program Files\HDReg
[22/02/2008|22:39] C:\Program Files\InstallShield Installation Information
[12/04/2008|14:07] C:\Program Files\Internet Explorer
[21/04/2008|09:45] C:\Program Files\Kiwee Toolbar2
[24/02/2008|18:15] C:\Program Files\K-Lite Codec Pack
[03/05/2008|12:18] C:\Program Files\Lexmark 2300 Series
[22/02/2008|22:03] C:\Program Files\Maxis
[03/05/2008|12:49] C:\Program Files\MB Softs
[23/02/2008|13:31] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[14/11/2007|10:10] C:\Program Files\Microsoft Office
[14/11/2007|10:10] C:\Program Files\Microsoft Works
[14/11/2007|10:10] C:\Program Files\Microsoft.NET
[14/11/2007|17:51] C:\Program Files\Movie Maker
[14/11/2007|10:00] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[23/02/2008|13:26] C:\Program Files\MSXML 4.0
[23/02/2008|15:30] C:\Program Files\Nero
[20/03/2008|21:49] C:\Program Files\NeroInstall.bak
[08/05/2008|12:03] C:\Program Files\NoAdware5.0
[08/04/2008|13:14] C:\Program Files\Norton 360
[14/11/2007|10:12] C:\Program Files\Packard Bell
[26/02/2008|13:38] C:\Program Files\Picasa2
[28/03/2008|19:08] C:\Program Files\Poker
[28/04/2008|13:21] C:\Program Files\QuickZip4
[14/11/2007|09:44] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[14/11/2007|09:58] C:\Program Files\Roxio
[22/02/2008|21:00] C:\Program Files\SAGEM
[14/11/2007|09:51] C:\Program Files\Seagate
[26/02/2008|13:29] C:\Program Files\Seagrand
[13/03/2008|20:03] C:\Program Files\Search Settings
[14/11/2007|10:12] C:\Program Files\Skype
[05/03/2008|11:27] C:\Program Files\Sony Ericsson
[23/03/2008|22:55] C:\Program Files\SopCast
[08/05/2008|12:35] C:\Program Files\Spyware Doctor
[23/02/2008|17:24] C:\Program Files\Symantec
[23/02/2008|14:45] C:\Program Files\TVAnts
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[13/03/2008|20:02] C:\Program Files\VideoLAN
[25/02/2008|15:30] C:\Program Files\Web Photo Album
[04/05/2008|20:20] C:\Program Files\WebMediaPlayer
[26/04/2008|18:09] C:\Program Files\Winamp
[26/04/2008|17:51] C:\Program Files\Winamp Toolbar
[14/11/2007|17:54] C:\Program Files\Windows Calendar
[14/11/2007|17:51] C:\Program Files\Windows Collaboration
[14/11/2007|18:06] C:\Program Files\Windows Defender
[14/11/2007|17:51] C:\Program Files\Windows Journal
[22/02/2008|21:49] C:\Program Files\Windows Live
[11/04/2008|17:01] C:\Program Files\Windows Mail
[14/11/2007|17:53] C:\Program Files\Windows Media Player
[22/02/2008|20:04] C:\Program Files\Windows NT
[14/11/2007|17:51] C:\Program Files\Windows Photo Gallery
[23/02/2008|13:37] C:\Program Files\Windows Sidebar
[24/02/2008|00:26] C:\Program Files\WinZip
[27/03/2008|21:05] C:\Program Files\WordBiz

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[05/03/2008|09:53] C:\Program Files\Common Files\Adobe
[14/11/2007|10:10] C:\Program Files\Common Files\DESIGNER
[14/11/2007|10:00] C:\Program Files\Common Files\InstallShield
[22/02/2008|21:19] C:\Program Files\Common Files\microsoft shared
[28/04/2008|21:02] C:\Program Files\Common Files\Nero
[14/11/2007|09:58] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[14/11/2007|10:12] C:\Program Files\Common Files\Skype
[14/11/2007|09:58] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[14/11/2007|09:58] C:\Program Files\Common Files\SureThing Shared
[06/03/2008|23:28] C:\Program Files\Common Files\Symantec Shared
[14/11/2007|18:16] C:\Program Files\Common Files\System
[22/02/2008|21:49] C:\Program Files\Common Files\WindowsLiveInstaller
[14/11/2007|09:51] C:\Program Files\Common Files\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 65

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-08 13:59:02
Windows 6.0.6000 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\Windows\system32\nvs2.inf
C:\Users\Johnny\AppData\Local\dheifjfb_navps.dat
C:\Users\Johnny\AppData\Local\dheifjfb.exe
C:\Users\Johnny\AppData\Local\dheifjfb.dat
C:\Users\Johnny\AppData\Local\dheifjfb_nav.dat
[b]! EGDACCESS !/b

/!\ [Fich:371][Doss:31] C:\Users\Johnny\AppData\Local\Temp
/!\ [Fich:1053][Doss:1] C:\Users\Johnny\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:1685][Doss:11] C:\Users\Johnny\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 14:01:37,89 ]----------------------
0
Réponse 11 / 33
gil le fantom Messages postés 2809 Statut Membre 25
 
pour vista

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

tu télécharge navilog1
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
0
Réponse 12 / 33
biftek60 Messages postés 21 Statut Membre
 
ok jessayerais dans la soiré la je ne suis pas chez moi je te tien au courant merci
0
Réponse 13 / 33
biftek60 Messages postés 21 Statut Membre
 
Search Navipromo version 3.5.6 commencé le 09/05/2008 à 16:48:31,87

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Johnny"

Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\Windows" ***

*** Recherche dossiers dans "C:\Program Files" ***

C:\Program Files\WebMediaPlayer trouvé !

*** Recherche dossiers dans "C:\ProgramData" ***

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

...\WebMediaPlayer trouvé !

*** Recherche dossiers dans "c:\users\johnny\appdata\roaming\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "C:\Users\Johnny\AppData\Local\virtualstore\Program Files" ***

*** Recherche dossiers dans "C:\Users\Johnny\AppData\Roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\Johnny\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\Johnny\AppData\Local" *

Fichiers trouvés :

dheifjfb.exe trouvé !
dheifjfb.dat trouvé !
dheifjfb_nav.dat trouvé !
dheifjfb_navps.dat trouvé !
dheifjfb_navfx.dat trouvé !

*** Recherche fichiers ***

C:\Windows\system32\nvs2.inf trouvé !

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\Windows\system32" :

* Dans "C:\Users\Johnny\AppData\Local\Microsoft" :

* Dans "C:\Users\Johnny\AppData\Local" :

dheifjfb.dat trouvé !
dheifjfb_nav.dat trouvé !
dheifjfb_navfx.dat trouvé !
dheifjfb_navps.dat trouvé !

3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 09/05/2008 à 16:58:11,30 ***
0
Réponse 14 / 33
gil le fantom Messages postés 2809 Statut Membre 25
 
bonjour
tu cliques sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valides.
(ne fais pas le choix ,3 ou 4 sans notre avis/accord)

Le fix va t'informer qu'il va alors redémarrer ton PC
Fermes toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuies sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le bloc-notes. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.

Poste le rapport
0
Réponse 15 / 33
biftek60 Messages postés 21 Statut Membre
 
voila le rapport obtenue

Clean Navipromo version 3.5.6 commencé le 10/05/2008 à 14:58:53,74

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Johnny"

Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS

*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\Windows\System32" *

* Suppression dans "C:\Users\Johnny\AppData\Local\Microsoft" *

* Suppression dans "C:\Users\Johnny\AppData\Local" *

dheifjfb.exe trouvé !
Copie dheifjfb.exe réalisée avec succès !
dheifjfb.exe supprimé !

dheifjfb.dat trouvé !
Copie dheifjfb.dat réalisée avec succès !
dheifjfb.dat supprimé !

dheifjfb_nav.dat trouvé !
Copie dheifjfb_nav.dat réalisée avec succès !
dheifjfb_nav.dat supprimé !

dheifjfb_navps.dat trouvé !
Copie dheifjfb_navps.dat réalisée avec succès !
dheifjfb_navps.dat supprimé !

dheifjfb_navfx.dat trouvé !
Copie dheifjfb_navfx.dat réalisée avec succès !
dheifjfb_navfx.dat supprimé !

*** Suppression dossiers dans "C:\Windows" ***

*** Suppression dossiers dans "C:\Program Files" ***

C:\Program Files\WebMediaPlayer ...suppression...
C:\Program Files\WebMediaPlayer supprimé !

*** Suppression dossiers dans "C:\ProgramData" ***

*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

...\WebMediaPlayer ...suppression...
...\WebMediaPlayer supprimé !

*** Suppression dossiers dans c:\users\johnny\appdata\roaming\micros~1\windows\startm~1\programs ***

*** Suppression dossiers dans "C:\Users\Johnny\AppData\Local\virtualstore\Program Files" ***

*** Suppression dossiers dans "C:\Users\Johnny\AppData\Roaming" ***

*** Suppression fichiers ***

C:\Windows\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\Johnny\AppData\Local\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans "C:\Windows\system32" *

* Dans "C:\Users\Johnny\AppData\Local\Microsoft" *

* Dans "C:\Users\Johnny\AppData\Local" *

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 10/05/2008 à 15:02:54,72 ***
0
Réponse 16 / 33
gil le fantom Messages postés 2809 Statut Membre 25
 
peut tu appliquer le message 4 de jlpjlp stp
sauf lopxp
0
Réponse 17 / 33
biftek60 Messages postés 21 Statut Membre
 
desoler je par en weekend jusqua lundi donc je men reocupe des lundi merci pour ton aide et a lundi
0
Réponse 18 / 33
biftek60 Messages postés 21 Statut Membre
 
bonjour me revoila
0
Réponse 19 / 33
biftek60 Messages postés 21 Statut Membre
 
ComboFix 08-05-12.1 - Johnny 2008-05-13 18:51:59.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1828 [GMT 2:00]
Endroit: C:\Users\Johnny\Desktop\KillBagle.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Johnny\AppData\Roaming\macromedia\Flash Player\#SharedObjects\XE2K4ZZT\iforex.com
C:\Users\Johnny\AppData\Roaming\macromedia\Flash Player\#SharedObjects\XE2K4ZZT\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
C:\Users\Johnny\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
C:\Users\Johnny\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-13 to 2008-05-13 ))))))))))))))))))))))))))))))))))))
.

2008-05-13 18:41 . 2008-05-13 18:41 <REP> d-------- C:\_OTMoveIt
2008-05-09 16:46 . 2008-05-10 15:02 <REP> d-------- C:\Program Files\Navilog1
2008-05-08 13:08 . 2008-05-08 14:01 <REP> d-------- C:\Lop SD
2008-05-08 12:31 . 2008-05-08 12:31 <REP> d-------- C:\Users\Johnny\AppData\Roaming\PC Tools
2008-05-08 12:31 . 2008-05-13 17:46 <REP> d-a------ C:\Users\All Users\TEMP
2008-05-08 12:31 . 2008-05-12 22:06 <REP> d-------- C:\Program Files\Spyware Doctor
2008-05-08 12:31 . 2007-12-10 13:53 81,288 --a------ C:\Windows\System32\drivers\iksyssec.sys
2008-05-08 12:31 . 2007-12-10 13:53 66,952 --a------ C:\Windows\System32\drivers\iksysflt.sys
2008-05-08 12:31 . 2008-02-01 11:55 42,376 --a------ C:\Windows\System32\drivers\ikfilesec.sys
2008-05-08 12:31 . 2007-12-10 13:53 29,576 --a------ C:\Windows\System32\drivers\kcom.sys
2008-05-08 12:02 . 2008-05-08 12:03 <REP> d-------- C:\Program Files\NoAdware5.0
2008-05-03 12:49 . 2008-05-03 12:49 <REP> d-------- C:\Program Files\MB Softs
2008-05-03 12:18 . 2008-05-03 12:28 862 --a------ C:\Windows\System32\LexFiles.ulf
2008-05-03 12:15 . 2008-05-03 12:18 <REP> d-------- C:\Program Files\Lexmark 2300 Series
2008-05-03 12:15 . 2008-05-03 12:18 1,314 --a------ C:\lxcginst.000
2008-05-03 12:15 . 2008-05-03 12:28 1,033 --a------ C:\lxcginst.csv
2008-05-03 12:14 . 2008-05-04 12:57 <REP> d-------- C:\Temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}
2008-05-03 12:14 . 2008-05-03 12:14 <REP> d-------- C:\Temp
2008-05-03 12:14 . 2008-05-03 12:14 <REP> d-------- C:\Lexmark
2008-05-03 12:14 . 2008-05-03 12:27 278 --a------ C:\lxcgfire.csv
2008-05-03 12:14 . 2008-05-03 12:15 278 --a------ C:\lxcgfire.000
2008-04-30 21:30 . 2008-04-30 21:30 <REP> d-------- C:\Program Files\HD1988 Labs
2008-04-28 21:01 . 2008-02-28 14:26 1,414,440 --a------ C:\Windows\System32\ShellManager310E2D762.dll
2008-04-28 21:01 . 2008-02-28 14:01 774,144 --a------ C:\Windows\System32\NEROINSTAEC43759.DB
2008-04-28 20:59 . 2008-04-28 20:59 <REP> d-------- C:\Program Files\BoontyGames
2008-04-28 20:59 . 2008-04-28 20:59 0 --a------ C:\Windows\Irremote.ini
2008-04-28 20:58 . 2008-04-28 20:58 <REP> d-------- C:\Boonty
2008-04-28 13:22 . 2008-05-10 16:04 1,251 --a------ C:\Users\Johnny\AppData\Roaming\QuickZip45.ini
2008-04-28 13:21 . 2008-04-28 13:21 <REP> d-------- C:\Program Files\QuickZip4
2008-04-26 17:51 . 2008-04-26 17:51 <REP> d-------- C:\Users\All Users\Winamp Toolbar
2008-04-26 17:51 . 2008-04-26 17:51 <REP> d-------- C:\Program Files\Winamp Toolbar
2008-04-26 17:50 . 2008-04-26 18:00 <REP> d-------- C:\Users\Johnny\AppData\Roaming\Winamp
2008-04-26 17:50 . 2008-04-26 18:09 <REP> d-------- C:\Program Files\Winamp
2008-04-19 16:52 . 2008-04-19 16:52 <REP> d-------- C:\Program Files\Antipub
2008-04-17 10:43 . 2008-04-17 10:43 <REP> d-------- C:\Users\All Users\Team Wave Body

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-30 19:22 --------- d-----w C:\Users\Johnny\AppData\Roaming\Packard Bell
2008-04-28 19:02 --------- d-----w C:\Program Files\Common Files\Nero
2008-04-28 11:22 --------- d-----w C:\Program Files\Free Easy Burner
2008-04-21 07:45 --------- d-----w C:\Program Files\Kiwee Toolbar2
2008-04-11 15:01 --------- d-----w C:\Program Files\Windows Mail
2008-04-08 11:14 --------- d-----w C:\Program Files\Norton 360
2008-03-28 17:08 --------- d-----w C:\Program Files\Poker
2008-03-27 19:05 --------- d-----w C:\Program Files\WordBiz
2008-03-23 20:55 --------- d-----w C:\Program Files\SopCast
2008-03-20 19:49 --------- d-----w C:\Program Files\NeroInstall.bak
2008-03-13 19:32 --------- d-----w C:\Users\Johnny\AppData\Roaming\vlc
2008-03-13 18:02 --------- d-----w C:\Program Files\VideoLAN
2008-03-13 18:01 --------- d-----w C:\Program Files\Dealio
2008-02-29 06:51 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-02-29 06:39 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-02-29 06:39 371,712 ----a-w C:\Windows\System32\srcore.dll
2008-02-29 06:38 313,856 ----a-w C:\Windows\System32\rstrui.exe
2008-02-29 06:38 16,384 ----a-w C:\Windows\System32\srdelayed.exe
2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-29 06:34 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll
2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-02-23 11:36 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-02-23 11:36 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2008-02-23 11:36 542,720 ----a-w C:\Windows\System32\sysmain.dll
2008-02-23 11:36 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2008-02-23 11:36 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2008-02-23 11:36 297,984 ----a-w C:\Windows\System32\wlansec.dll
2008-02-23 11:36 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2008-02-23 11:36 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2008-02-23 11:36 2,923,520 ----a-w C:\Windows\explorer.exe
2008-02-23 11:35 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-23 11:34 613,888 ----a-w C:\Windows\System32\wpd_ci.dll
2008-02-23 11:34 558,080 ----a-w C:\Windows\System32\oleaut32.dll
2008-02-23 11:34 35,328 ----a-w C:\Windows\System32\dispci.dll
2008-02-23 11:34 260,096 ----a-w C:\Windows\System32\dpx.dll
2008-02-23 11:34 224,824 ----a-w C:\Windows\System32\clfs.sys
2008-02-23 11:34 221,696 ----a-w C:\Windows\System32\umpnpmgr.dll
2008-02-23 11:34 19,456 ----a-w C:\Windows\System32\cfgmgr32.dll
2008-02-23 11:34 12,800 ----a-w C:\Windows\System32\batt.dll
2008-02-23 11:34 101,888 ----a-w C:\Windows\System32\drvinst.exe
2008-02-23 11:34 1,585,664 ----a-w C:\Windows\System32\setupapi.dll
2008-02-23 11:33 905,400 ----a-w C:\Windows\System32\winresume.exe
2008-02-23 11:33 595,456 ----a-w C:\Windows\System32\schedsvc.dll
2008-02-23 11:33 39,424 ----a-w C:\Windows\System32\lodctr.exe
2008-02-23 11:33 32,256 ----a-w C:\Windows\System32\unlodctr.exe
2008-02-23 11:33 23,552 ----a-w C:\Windows\System32\nshhttp.dll
2008-02-23 11:33 17,408 ----a-w C:\Windows\System32\prflbmsg.dll
2008-02-23 11:33 115,200 ----a-w C:\Windows\System32\loadperf.dll
2008-02-23 11:31 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-23 11:31 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-23 11:31 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-23 11:31 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-23 11:31 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-23 11:30 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2008-02-23 11:30 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-23 11:30 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-23 11:30 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-23 11:30 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2008-02-23 11:30 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-23 11:30 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-23 11:30 2,048 ----a-w C:\Windows\System32\asferror.dll
2008-02-23 11:30 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-23 11:30 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-23 11:30 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-02-23 11:29 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-02-23 11:25 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-02-23 11:22 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-02-22 19:05 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2008-02-22 19:05 43,352 ----a-w C:\Windows\System32\wups2.dll
2008-02-22 19:05 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2008-02-22 19:05 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2008-02-22 19:04 80,896 ----a-w C:\Windows\System32\wudriver.dll
2008-02-22 19:04 549,720 ----a-w C:\Windows\System32\wuapi.dll
2008-02-22 19:04 33,624 ----a-w C:\Windows\System32\wups.dll
2008-02-22 19:03 31,232 ----a-w C:\Windows\System32\wuapp.exe
2008-02-22 19:03 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll
2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-19 05:10 620,088 ----a-w C:\Windows\System32\ci.dll
2008-02-14 23:19 944,184 ----a-w C:\Windows\System32\winload.exe
2007-11-14 07:35 174 --sha-w C:\Program Files\desktop.ini
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2008-03-20 00:36 1267040 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
2008-04-03 10:52 265360 --a------ C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll" [2008-04-03 10:52 265360]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-03-20 00:36 1267040]

[HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll [2008-04-03 10:52 265360]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 00:36 1267040]

[HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-23 13:29 1232896]
"SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 15:32 1120568]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36 201728]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-11-14 18:06 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 18:07 4390912 C:\Windows\RtHDVCpl.exe]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-06 21:15 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-06 21:15 8466432]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-06 21:15 81920]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 12:40 232184]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-11-14 10:00 243200]
"MSPService"="C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-13 00:36 102400]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 23:59 115816]
"toolbar_eula_launcher"="C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 18:20 28672]
"ACTIVBOARD"="C:\Program Files\Packard Bell\FIJI\aboard.exe" [2007-01-18 14:03 79416]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 18:38 583048]
"au"="C:\Program Files\Dealio\DealioAU.exe" [2008-02-08 14:11 546144]
"KiweeHook"="C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe" [2008-04-03 10:51 56456]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-04-10 15:14 1107848]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 23:18 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"ValidateAdminCodeSignatures"= 1 (0x1)
"FilterAdministratorToken"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= C:\PROGRA~1\CYBERL~1\MAGICS~1\Kernel\Burner\MKDMP3Enc.ACM
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7E1E89E1-C3B8-4FF9-AB2C-54B8836CCB5E}"= C:\Program Files\CyberLink\MagicSports\MagicSports.exe:CyberLink MagicSports
"{780B0225-3B1D-4926-912A-FBCA504AF94B}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F0F74F2B-FF94-43FB-8040-6AD5226FE601}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F77C2039-E7F6-4BE9-8EE6-046D08393894}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{C7192142-2BA0-4C59-B794-D4DFD994595B}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{7FCB2C36-0A4D-4CCA-9180-83800EFC9471}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{B0C26777-390D-46CF-A673-43DC3FF4540F}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{B89E753E-6CA3-4AF7-A32A-3E361B871358}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{6CAB4D84-E4AD-4EEF-A865-D35F606C1B5B}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{D0A79461-80D8-444C-8721-F70FAC7C33AC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{E32278C5-1C87-4DF6-B5C0-1CBFBCD40C18}"= UDP:C:\Program Files\eMule\emule.exe:eMule
"{F79F241D-F108-4319-BE3D-A04515984A88}"= TCP:C:\Program Files\eMule\emule.exe:eMule
"{E8E75928-72A1-481C-A11C-E12A007EF630}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{0CCE4A62-CBF2-44D0-AE61-C1ED5DD80E0E}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{2B8DAF89-F0BB-47BD-9845-B58766E7794A}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{B310015C-C63B-4BDD-ABC5-DAC43EC85B68}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{F2C0663D-0370-4FD4-960A-116500021242}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{A574B164-409C-4440-9C55-14841071FD5C}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{FE9B8810-947F-4D2B-BBB1-C53D503FBC03}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{F60C4D32-4BDC-4177-8E43-CA73B9F6AD96}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080508.002\IDSvix86.sys [2008-02-14 03:39]
R3 athrusb;Atheros Wireless LAN USB device driver;C:\Windows\system32\DRIVERS\athrusb.sys [2006-12-22 21:05]
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2007-01-09 23:32]

*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-13 16:30:00 C:\Windows\Tasks\Extension de garantie.job"
- C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe
"2008-05-13 16:30:00 C:\Windows\Tasks\Recovery DVD Creator.job"
- C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-13 18:55:37
Windows 6.0.6000 NTFS

detected NTDLL code modification:
ZwClose

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-13 18:57:10
ComboFix-quarantined-files.txt 2008-05-13 16:57:04

Pre-Run: 332,483,219,456 octets libres
Post-Run: 332,499,222,528 octets libres

271 --- E O F --- 2008-05-09 13:51:47
0
Réponse 20 / 33
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
recolle nous un rapport hijakchits pour voir
0

Discussions similaires

Caler une adresse au niveau de la fenêtre d'une enveloppe
®omain -
kent -

15 réponses
iCloud affichage fenêtres intempestives. Réglages impossible.
jemlabd -
jemlabd -

9 réponses
Conhost.exe
ThaBestGamer -
bazfile -

3 réponses
Problème de zoom sur Google Docs
o_soonia -
Alt -

6 réponses