Resultat hijackthis(aidez moi)

Résolu/Fermé

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009 - 8 mai 2008 à 14:45
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 - 31 mai 2008 à 23:15

Bonjour,
Je sait que j'ai un virus puisque mon ordinateur ralentit. J'ai lu des topics a se sujet. Alors j'ai fait un scan avec 'hijackthis'.Mais je suis debutant (d'ailleur je vien juste de minscrire dans le forum) ;).Pouvais vous maidez a savoir se qui ne vas pas :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:03:33, on 08/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\aol\1175679566\ee\aolsoftware.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\othman\AppData\Local\Microsoft\wtjdoapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2filovemessenger%2fmars2005%2fbetty_boop.png%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1175679566\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sgcobyeqva] c:\users\dora\appdata\local\microsoft\sgcobyeqva.exe sgcobyeqva
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [wtjdoapp] c:\users\othman\appdata\local\microsoft\wtjdoapp.exe wtjdoapp
O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\nurb software body.zei7y"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Win Download] "C:\ProgramData\Army window window.lhu1ye2"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell BV - C:\Program Files\Packard bell\SAXO27\HIDSERVICE.EXE
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

A voir également:

Resultat hijackthis(aidez moi)
Hijackthis windows 10 - Télécharger - Antivirus & Antimalwares
Lexer resultat - Télécharger - Sport
Resultat foot - Télécharger - Vie quotidienne
Resultat loto 5/90 - Forum Linux / Unix
Évariste souhaite télécharger le logiciel libreoffice depuis le site de son éditeur. sélectionnez le résultat de recherche sur lequel il doit cliquer. ✓ - Forum Windows Vista

87 réponses

Réponse 61 / 87

lineve26 Messages postés 488 Date d'inscription dimanche 16 septembre 2007 Statut Contributeur Dernière intervention 14 mai 2008 32
9 mai 2008 à 11:30

Re Williams,

Voici la méthode de CCM pour désinstaller Norton. Ce sera mieux que les adresses que je t'ai données au-dessus :

http://www.commentcamarche.net/faq/sujet 3151 virus desintaller proprement norton symantec

Bon courage !

Edit : applique bien la procédure du sioux !!!

Réponse 62 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
10 mai 2008 à 13:47

Merci tous le monde je vais tous faire samedi soir. vendredi jété chez ma copine et donc occuper a quelque choses d'autre mdr.puis aujourdui aussi( ah les femmes) merci encore en esperant que samedi soir elle me dise pa de dormir chez elle.

Réponse 63 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
10 mai 2008 à 20:46

bonjour , j'ai suprimer norton puis effectuer les manoeuvre de le sioux( merci pour la simpliciter é la clarter de tes explication car je ne sis pa trés douer :) ).
voici le rapport navilog:

Clean Navipromo version 3.5.6 commencé le 10/05/2008 à 20:23:07,59

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "othman"

Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Mode suppression par méthode manuelle

Nom du fichier saisi : sgcobyeqva

*** Recherche, création sauvegardes et suppression ***

* Suppression dans "C:\Windows\system32" *

* Suppression dans "C:\Users\othman\AppData\Local\Microsoft" *

* Suppression dans "C:\Users\othman\AppData\Local\virtualstore\windows\system32" *

* Suppression dans "C:\Users\othman\AppData\Local" *

* Suppression dans "C:\Users\CECEET~1\AppData\Local" *

* Suppression dans "C:\Users\dora\AppData\Local" *

*** Suppression dossiers dans "C:\Windows" ***

*** Suppression dossiers dans "C:\Program Files" ***

*** Suppression dossiers dans "C:\ProgramData" ***

*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

*** Suppression dossiers dans c:\users\othman\appdata\roaming\micros~1\windows\startm~1\programs ***

*** Suppression dossiers dans "C:\Users\CECEET~1\appdata\roaming\micros~1\windows\startm~1\programs" ***

*** Suppression dossiers dans "C:\Users\dora\appdata\roaming\micros~1\windows\startm~1\programs" ***

*** Suppression dossiers dans "C:\Users\othman\AppData\Local\virtualstore\Program Files" ***

*** Suppression dossiers dans "C:\Users\CECEET~1\AppData\Local\virtualstore\Program Files" ***

*** Suppression dossiers dans "C:\Users\dora\AppData\Local\virtualstore\Program Files" ***

*** Suppression dossiers dans "C:\Users\othman\AppData\Roaming" ***

*** Suppression dossiers dans "C:\Users\CECEET~1\appdata\roaming" ***

*** Suppression dossiers dans "C:\Users\dora\appdata\roaming" ***

*** Suppression fichiers ***

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\othman\AppData\Local\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans "C:\Windows\system32" *

* Dans "C:\Users\othman\AppData\Local\Microsoft" *

* Dans "C:\Users\othman\AppData\Local\virtualstore\windows\system32" *

* Dans "C:\Users\othman\AppData\Local" *

* Dans "C:\Users\CECEET~1\AppData\Local" *

* Dans "C:\Users\dora\AppData\Local" *

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 10/05/2008 à 20:27:21,75 ***

merci.

Réponse 64 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
10 mai 2008 à 20:49

re voici mon rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:46:58, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2filovemessenger%2fmars2005%2fbetty_boop.png%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sgcobyeqva] c:\users\dora\appdata\local\microsoft\sgcobyeqva.exe sgcobyeqva
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\nurb software body.zei7y"
O4 - HKCU\..\Run: [Win Download] "C:\ProgramData\Army window window.lhu1ye2"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell BV - C:\Program Files\Packard bell\SAXO27\HIDSERVICE.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 65 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
10 mai 2008 à 21:02

merci pour aide :). voici le rapors :

-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : othman ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 10/05/2008 | 20:58:40,92 ] [ PC : PC-DE-OTHMAN ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[18/12/2007|15:33] C:\Users\othman\AppData\Roaming\Adobe\Linguistics
[29/06/2007|15:44] C:\Users\othman\AppData\Roaming\Adobe\Acrobat

[29/07/2007|09:57] C:\Users\othman\AppData\Roaming\AOL\ACS

[04/05/2007|20:36] C:\Users\othman\AppData\Roaming\ATI\ACE

[07/07/2007|15:26] C:\Users\othman\AppData\Roaming\dvdcss\BOB_LEPONGE_DVD1-2005081117103600-2e96f6eaee
[07/07/2007|15:25] C:\Users\othman\AppData\Roaming\dvdcss\CACHEDIR.TAG
[29/06/2007|20:30] C:\Users\othman\AppData\Roaming\dvdcss\FRIENDS-2004121612110000

[10/05/2008|07:51] C:\Users\othman\AppData\Roaming\Google\Local Search History
[25/07/2007|13:18] C:\Users\othman\AppData\Roaming\Google\GoogleEarth

[04/05/2007|20:35] C:\Users\othman\AppData\Roaming\Identities\{14480244-1495-45B1-A8AF-AF514B174D5C}

[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\library.dat
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\spam.dat
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\filters.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\questions.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\tables.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\installation.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\mojito.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\limewire.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\gnutella.net
[15/04/2008|11:01] C:\Users\othman\AppData\Roaming\LimeWire\createtimes.cache
[06/04/2008|12:49] C:\Users\othman\AppData\Roaming\LimeWire\ttrees.cache
[06/04/2008|12:49] C:\Users\othman\AppData\Roaming\LimeWire\ttroot.cache
[06/04/2008|12:49] C:\Users\othman\AppData\Roaming\LimeWire\fileurns.cache
[05/04/2008|14:34] C:\Users\othman\AppData\Roaming\LimeWire\simpp.xml
[02/04/2008|15:53] C:\Users\othman\AppData\Roaming\LimeWire\version.xml
[02/04/2008|15:52] C:\Users\othman\AppData\Roaming\LimeWire\.AppSpecialShare
[30/06/2007|01:12] C:\Users\othman\AppData\Roaming\LimeWire\responses.cache
[28/06/2007|23:37] C:\Users\othman\AppData\Roaming\LimeWire\.NetworkShare
[28/06/2007|20:38] C:\Users\othman\AppData\Roaming\LimeWire\update.xml
[28/06/2007|20:38] C:\Users\othman\AppData\Roaming\LimeWire\fileurns.bak
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\data.ser
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\secureMessage.key
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\public.key
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\pub1.key
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\version.key
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\xml
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\412splashfree.png
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\themes

[09/08/2007|09:55] C:\Users\othman\AppData\Roaming\Macromedia\Shockwave Player
[28/06/2007|19:44] C:\Users\othman\AppData\Roaming\Macromedia\Flash Player

[07/05/2008|19:34] C:\Users\othman\AppData\Roaming\Microsoft\Windows Photo Gallery
[05/05/2008|20:03] C:\Users\othman\AppData\Roaming\Microsoft\Windows Live Call
[22/04/2008|18:00] C:\Users\othman\AppData\Roaming\Microsoft\Services Windows Live
[11/02/2008|09:48] C:\Users\othman\AppData\Roaming\Microsoft\Installer
[07/02/2008|23:18] C:\Users\othman\AppData\Roaming\Microsoft\WLTB Custom Buttons
[07/02/2008|23:18] C:\Users\othman\AppData\Roaming\Microsoft\MSNLiveFav
[31/01/2008|23:11] C:\Users\othman\AppData\Roaming\Microsoft\Crypto
[30/01/2008|16:07] C:\Users\othman\AppData\Roaming\Microsoft\Pack Emoticones Love
[25/01/2008|20:52] C:\Users\othman\AppData\Roaming\Microsoft\MSN Messenger
[07/10/2007|11:57] C:\Users\othman\AppData\Roaming\Microsoft\Media Player
[05/08/2007|16:47] C:\Users\othman\AppData\Roaming\Microsoft\HTML Help
[28/07/2007|19:33] C:\Users\othman\AppData\Roaming\Microsoft\digital locker
[19/07/2007|20:30] C:\Users\othman\AppData\Roaming\Microsoft\IdentityCRL
[15/07/2007|21:47] C:\Users\othman\AppData\Roaming\Microsoft\Internet Explorer
[06/07/2007|23:07] C:\Users\othman\AppData\Roaming\Microsoft\Credentials
[23/06/2007|17:58] C:\Users\othman\AppData\Roaming\Microsoft\Windows Media Encoder
[07/06/2007|13:47] C:\Users\othman\AppData\Roaming\Microsoft\MSNIA
[09/05/2007|15:32] C:\Users\othman\AppData\Roaming\Microsoft\eHome
[04/05/2007|22:55] C:\Users\othman\AppData\Roaming\Microsoft\Windows
[04/05/2007|20:40] C:\Users\othman\AppData\Roaming\Microsoft\Network
[04/05/2007|20:36] C:\Users\othman\AppData\Roaming\Microsoft\CLR Security Config
[04/05/2007|20:36] C:\Users\othman\AppData\Roaming\Microsoft\SystemCertificates
[04/05/2007|20:35] C:\Users\othman\AppData\Roaming\Microsoft\Protect

[24/12/2007|12:56] C:\Users\othman\AppData\Roaming\Motive\Report.xml

[19/07/2007|21:30] C:\Users\othman\AppData\Roaming\Mozilla\Firefox

[08/05/2007|13:48] C:\Users\othman\AppData\Roaming\OFFICE One v7\OFFICE One Safety-Box v7
[04/05/2007|20:36] C:\Users\othman\AppData\Roaming\OFFICE One v7\OFFICE One Startup v7

[04/05/2007|21:11] C:\Users\othman\AppData\Roaming\OFFICEOne7\user

[10/05/2008|20:30] C:\Users\othman\AppData\Roaming\Packard Bell\Setup my PC
[28/07/2007|11:27] C:\Users\othman\AppData\Roaming\Packard Bell\PBUpdator
[24/06/2007|23:00] C:\Users\othman\AppData\Roaming\Packard Bell\InfoCentre
[20/06/2007|15:48] C:\Users\othman\AppData\Roaming\Packard Bell\Smart Restore
[04/05/2007|20:37] C:\Users\othman\AppData\Roaming\Packard Bell\Identity Card

[08/05/2008|18:35] C:\Users\othman\AppData\Roaming\PC Tools\Spyware Doctor

[02/02/2008|13:33] C:\Users\othman\AppData\Roaming\ppStream\update.ini
[02/10/2007|21:29] C:\Users\othman\AppData\Roaming\ppStream\settings.ini
[03/08/2007|10:28] C:\Users\othman\AppData\Roaming\ppStream\1.0.0.1386

[08/05/2008|17:51] C:\Users\othman\AppData\Roaming\Roxio\MediaManager9
[08/05/2007|13:46] C:\Users\othman\AppData\Roaming\Roxio\RoxioCentral
[08/05/2007|13:46] C:\Users\othman\AppData\Roaming\Roxio\RoxioCentral33

[05/08/2007|01:54] C:\Users\othman\AppData\Roaming\Sony\ACID Music Studio

[01/07/2007|19:08] C:\Users\othman\AppData\Roaming\Talkback\MozillaOrg

[08/04/2008|22:59] C:\Users\othman\AppData\Roaming\TVU Networks\TVU AutoUpgrade

[09/01/2008|17:20] C:\Users\othman\AppData\Roaming\UserTile.png\UserTile.png

[10/05/2008|19:34] C:\Users\othman\AppData\Roaming\vlc\vlcrc
[13/11/2007|13:26] C:\Users\othman\AppData\Roaming\vlc\cache

[03/05/2008|09:14] C:\Users\othman\AppData\Roaming\Winamp\studio.xnf
[03/05/2008|09:14] C:\Users\othman\AppData\Roaming\Winamp\winamp.ini
[03/05/2008|09:14] C:\Users\othman\AppData\Roaming\Winamp\winamp.m3u
[03/05/2008|09:14] C:\Users\othman\AppData\Roaming\Winamp\Winamp.m3u8
[30/04/2008|15:10] C:\Users\othman\AppData\Roaming\Winamp\Winamp.bm
[05/04/2008|20:47] C:\Users\othman\AppData\Roaming\Winamp\Plugins
[17/02/2008|22:25] C:\Users\othman\AppData\Roaming\Winamp\Winamp.q1
[14/09/2005|21:17] C:\Users\othman\AppData\Roaming\Winamp\demo.mp3

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[07/02/2008 22:53][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08/05/2007 13:45][--a------] C:\Windows\tasks\HDReg.job
[09/05/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - othman.job
[10/05/2008 20:54][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{8872FB24-A449-4011-9D31-616F20C400DB}.job
[10/05/2008 20:55][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{2E61C77D-B1DC-456A-9664-B0071F64BAE4}.job
[10/05/2008 20:30][--a------] C:\Windows\tasks\Extension de garantie.job
[10/05/2008 20:30][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[18/06/2007 23:00][--a------] C:\Windows\tasks\PBRegbk.job
[11/05/2007 21:30][--a------] C:\Windows\tasks\PBReg.job
[10/05/2008 20:26][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 20:25][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[02/04/2008|19:34] C:\ProgramData\Adobe
[10/05/2008|19:32] C:\ProgramData\AOL
[02/11/2006|15:02] C:\ProgramData\Application Data
[21/12/2007|23:06] C:\ProgramData\Army window window.0k214
[08/02/2008|00:01] C:\ProgramData\Army window window.1u9qlj
[11/04/2008|11:02] C:\ProgramData\Army window window.3ox42
[04/05/2008|09:38] C:\ProgramData\Army window window.eku3drx
[08/05/2008|07:57] C:\ProgramData\Army window window.lhu1ye2
[04/05/2008|09:38] C:\ProgramData\Army window window.lo5n1ob
[04/05/2007|20:21] C:\ProgramData\Bureau
[04/04/2007|11:51] C:\ProgramData\Ciel
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[23/11/2007|19:07] C:\ProgramData\eMule
[04/05/2007|20:21] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[10/05/2008|07:51] C:\ProgramData\Google
[10/05/2008|20:35] C:\ProgramData\Google Updater
[04/04/2007|11:44] C:\ProgramData\InstallShield
[17/02/2008|12:46] C:\ProgramData\Kiwee Toolbar2
[04/05/2007|20:21] C:\ProgramData\Menu D‚marrer
[11/07/2007|23:11] C:\ProgramData\Messenger Plus!
[27/07/2007|21:32] C:\ProgramData\Microsoft
[04/05/2007|20:21] C:\ProgramData\ModŠles
[18/06/2007|15:17] C:\ProgramData\Motive
[01/07/2007|19:08] C:\ProgramData\Mozilla
[04/05/2008|09:38] C:\ProgramData\Name 01 Find
[04/05/2008|09:38] C:\ProgramData\nurb software body.zei7y
[04/04/2007|11:59] C:\ProgramData\OFFICE One v7
[17/02/2008|22:24] C:\ProgramData\OrbNetworks
[31/03/2008|23:22] C:\ProgramData\Roxio
[10/05/2008|20:04] C:\ProgramData\Skype
[08/05/2007|13:46] C:\ProgramData\Sonic
[10/05/2008|07:47] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[08/05/2008|19:10] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[04/05/2008|09:38] C:\ProgramData\That Face Camp Shim
[08/04/2008|22:59] C:\ProgramData\TVU Networks
[04/04/2007|11:40] C:\ProgramData\Viewpoint
[14/04/2008|17:38] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[02/04/2008|19:33] C:\Program Files\Adobe
[06/07/2007|22:56] C:\Program Files\Adverts
[02/08/2007|21:18] C:\Program Files\Alwil Software
[18/12/2007|13:25] C:\Program Files\Ankama Games
[10/05/2008|19:27] C:\Program Files\AOL
[04/04/2007|11:38] C:\Program Files\ATI Technologies
[11/07/2007|23:47] C:\Program Files\BoontyGames
[04/04/2007|11:51] C:\Program Files\Ciel
[11/04/2008|11:02] C:\Program Files\Circle Developement
[24/12/2007|12:38] C:\Program Files\Club-Internet
[10/05/2008|20:04] C:\Program Files\Common Files
[31/08/2007|20:50] C:\Program Files\desktop.ini
[13/11/2007|13:26] C:\Program Files\Disc2Phone
[29/10/2007|21:47] C:\Program Files\DivX
[14/04/2008|12:24] C:\Program Files\DMV
[14/04/2008|15:03] C:\Program Files\Dofus
[23/11/2007|19:06] C:\Program Files\eMule
[28/11/2007|20:53] C:\Program Files\EPSON
[04/05/2007|20:21] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[27/02/2008|21:27] C:\Program Files\Five A Side Football
[10/05/2008|20:14] C:\Program Files\Google
[08/05/2008|11:34] C:\Program Files\GRISOFT
[04/04/2007|11:38] C:\Program Files\HDReg
[26/10/2007|19:08] C:\Program Files\InstallShield Installation Information
[11/04/2008|00:04] C:\Program Files\Internet Explorer
[04/04/2007|11:56] C:\Program Files\ISSENDIS
[15/08/2007|22:59] C:\Program Files\Jeskola Buzz
[26/10/2007|18:49] C:\Program Files\KONAMI
[10/05/2008|19:47] C:\Program Files\LimeWire
[10/02/2008|16:24] C:\Program Files\Matchball Tennis
[14/04/2008|17:39] C:\Program Files\Messenger Plus! Live
[07/07/2007|07:46] C:\Program Files\MessengerPlus! 3
[10/02/2008|16:03] C:\Program Files\Micro Application
[07/02/2008|22:33] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[07/02/2008|22:48] C:\Program Files\Microsoft SQL Server Compact Edition
[11/02/2008|09:28] C:\Program Files\Mini Golf
[17/02/2008|21:16] C:\Program Files\MiniKuGoo
[04/04/2007|21:20] C:\Program Files\Movie Maker
[07/05/2008|21:24] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[07/06/2007|13:36] C:\Program Files\MSN
[29/06/2007|09:59] C:\Program Files\MSXML 4.0
[10/05/2008|20:27] C:\Program Files\Navilog1
[04/04/2007|11:59] C:\Program Files\OFFICE ONE 7.0
[04/04/2007|11:59] C:\Program Files\OFFICE One v7
[04/04/2007|12:00] C:\Program Files\Packard Bell
[17/02/2008|12:47] C:\Program Files\PPLive TV
[17/02/2008|12:45] C:\Program Files\ppStream
[09/08/2007|00:29] C:\Program Files\Project64 1.6
[04/04/2007|11:37] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[04/04/2007|11:44] C:\Program Files\Roxio
[10/05/2008|20:04] C:\Program Files\Skype
[05/08/2007|01:47] C:\Program Files\Sony Setup
[12/04/2008|17:45] C:\Program Files\SopCast
[09/05/2008|16:27] C:\Program Files\Spybot - Search & Destroy
[08/05/2008|19:00] C:\Program Files\Spyware Doctor
[20/07/2007|18:31] C:\Program Files\SystemRequirementsLab
[08/05/2008|14:03] C:\Program Files\Trend Micro
[08/04/2008|23:02] C:\Program Files\tvants
[08/04/2008|22:58] C:\Program Files\TVUPlayer
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[29/06/2007|18:00] C:\Program Files\VideoLAN
[04/04/2007|11:40] C:\Program Files\Viewpoint
[30/04/2008|15:00] C:\Program Files\Winamp
[17/02/2008|22:24] C:\Program Files\Winamp Remote
[30/08/2007|08:33] C:\Program Files\Windows Calendar
[04/04/2007|21:20] C:\Program Files\Windows Collaboration
[29/06/2007|10:08] C:\Program Files\Windows Defender
[04/04/2007|21:20] C:\Program Files\Windows Journal
[28/02/2008|09:09] C:\Program Files\Windows Live
[07/02/2008|22:53] C:\Program Files\Windows Live Favorites
[07/02/2008|22:53] C:\Program Files\Windows Live Toolbar
[11/04/2008|00:04] C:\Program Files\Windows Mail
[11/10/2007|23:28] C:\Program Files\Windows Media Player
[04/05/2007|20:21] C:\Program Files\Windows NT
[04/04/2007|21:20] C:\Program Files\Windows Photo Gallery
[10/01/2008|10:42] C:\Program Files\Windows Sidebar

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[02/04/2008|19:35] C:\Program Files\Common Files\Adobe
[10/05/2008|19:32] C:\Program Files\Common Files\aol
[04/04/2007|11:51] C:\Program Files\Common Files\Ciel
[04/04/2007|11:43] C:\Program Files\Common Files\InstallShield
[07/02/2008|22:00] C:\Program Files\Common Files\microsoft shared
[24/12/2007|12:38] C:\Program Files\Common Files\Motive
[04/04/2007|11:51] C:\Program Files\Common Files\MSSoap
[04/04/2007|11:40] C:\Program Files\Common Files\Nullsoft
[04/04/2007|11:44] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[04/04/2007|11:44] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[04/04/2007|11:44] C:\Program Files\Common Files\SureThing Shared
[10/05/2008|20:14] C:\Program Files\Common Files\Symantec Shared
[02/10/2007|21:20] C:\Program Files\Common Files\Synacast
[29/06/2007|10:08] C:\Program Files\Common Files\System
[07/02/2008|21:51] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 67

iexplore.exe ~ [2448]
iexplore.exe ~ [1032]
iexplore.exe ~ [4264]

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\Army window window.0k214
C:\ProgramData\Army window window.1u9qlj
C:\ProgramData\Army window window.3ox42
C:\ProgramData\Army window window.eku3drx
C:\ProgramData\Army window window.lhu1ye2
C:\ProgramData\Army window window.lo5n1ob
C:\ProgramData\nurb software body.zei7y
C:\ProgramData\Army window window.1u9qlj
C:\ProgramData\Army window window.eku3drx
C:\ProgramData\Army window window.lo5n1ob
C:\ProgramData\nurb software body.zei7y

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\ProgramData\That Face Camp Shim
C:\ProgramData\That Face Camp Shim\Hide Love.exe
C:\Program Files\Adverts
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-10 20:59:06
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Users\othman\AppData\Roaming\Microsoft\Windows\Cookies\Low\othman@www.crackmuzik[1].txt
=> C:\Users\othman\Documents\Mes fichiers re‡us\Pc Game - Pro Evolution Soccer 2008 - PES - Crack No Cd + Serial.rar
=> C:\Users\othman\Documents\Mes fichiers re‡us\Pc Game - Pro Evolution Soccer 2008 - PES - Crack No Cd + Serial.zip
=> C:\Users\othman\Downloads\eMule\Incoming\Kanye.WEST.-.Late.Registration\Kanye_West-Late_Registration-2005-RNS\08-kanye_west-crack_music_(feat_the_game).mp3

/!\ [Fich:1][Doss:2] C:\Users\othman\AppData\Local\Temp
/!\ [Fich:2176][Doss:1] C:\Users\othman\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:5044][Doss:19] C:\Users\othman\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 20:59:39,58 ]----------------------

en esperant ne pas usée de votre temps inutililement.

Réponse 66 / 87

Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
10 mai 2008 à 22:14

Re

On attaque le nettoyage :

1) Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Vas dans démarrer puis Panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

Un redémarrage sera nécessaire.

2) LOP S&D d'Eric71

Relance LOP S&D d'Eric71

Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !

--> Poste le rapport généré (situé aussi ici C:\lopR.txt ) ainsi qu'un nouveau rapport HiajckThis.

( Si le Bureau ne réapparaît pas , lance le gestionnaire des tâches en cliquant sur Ctrl + Alt + Suppr , puis Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

@ suivre

Réponse 67 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
10 mai 2008 à 22:49

re
voici le rapor lopR:

-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : othman ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 10/05/2008 | 22:46:54,66 ] [ PC : PC-DE-OTHMAN ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\ProgramData\That Face Camp Shim\Hide Love.exe
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\ProgramData\Army window window.0k214
Supprimé! - C:\ProgramData\Army window window.1u9qlj
Supprimé! - C:\ProgramData\Army window window.3ox42
Supprimé! - C:\ProgramData\Army window window.eku3drx
Supprimé! - C:\ProgramData\Army window window.lhu1ye2
Supprimé! - C:\ProgramData\Army window window.lo5n1ob
Supprimé! - C:\ProgramData\nurb software body.zei7y
Supprimé! - C:\ProgramData\That Face Camp Shim
Supprimé! - C:\Program Files\Adverts
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

[18/12/2007|15:33] C:\Users\othman\AppData\Roaming\Adobe\Linguistics
[29/06/2007|15:44] C:\Users\othman\AppData\Roaming\Adobe\Acrobat

[29/07/2007|09:57] C:\Users\othman\AppData\Roaming\AOL\ACS

[04/05/2007|20:36] C:\Users\othman\AppData\Roaming\ATI\ACE

[07/07/2007|15:26] C:\Users\othman\AppData\Roaming\dvdcss\BOB_LEPONGE_DVD1-2005081117103600-2e96f6eaee
[07/07/2007|15:25] C:\Users\othman\AppData\Roaming\dvdcss\CACHEDIR.TAG
[29/06/2007|20:30] C:\Users\othman\AppData\Roaming\dvdcss\FRIENDS-2004121612110000

[10/05/2008|07:51] C:\Users\othman\AppData\Roaming\Google\Local Search History
[25/07/2007|13:18] C:\Users\othman\AppData\Roaming\Google\GoogleEarth

[04/05/2007|20:35] C:\Users\othman\AppData\Roaming\Identities\{14480244-1495-45B1-A8AF-AF514B174D5C}

[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\library.dat
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\spam.dat
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\filters.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\questions.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\tables.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\installation.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\mojito.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\limewire.props
[15/04/2008|11:03] C:\Users\othman\AppData\Roaming\LimeWire\gnutella.net
[15/04/2008|11:01] C:\Users\othman\AppData\Roaming\LimeWire\createtimes.cache
[06/04/2008|12:49] C:\Users\othman\AppData\Roaming\LimeWire\ttrees.cache
[06/04/2008|12:49] C:\Users\othman\AppData\Roaming\LimeWire\ttroot.cache
[06/04/2008|12:49] C:\Users\othman\AppData\Roaming\LimeWire\fileurns.cache
[05/04/2008|14:34] C:\Users\othman\AppData\Roaming\LimeWire\simpp.xml
[02/04/2008|15:53] C:\Users\othman\AppData\Roaming\LimeWire\version.xml
[02/04/2008|15:52] C:\Users\othman\AppData\Roaming\LimeWire\.AppSpecialShare
[30/06/2007|01:12] C:\Users\othman\AppData\Roaming\LimeWire\responses.cache
[28/06/2007|23:37] C:\Users\othman\AppData\Roaming\LimeWire\.NetworkShare
[28/06/2007|20:38] C:\Users\othman\AppData\Roaming\LimeWire\update.xml
[28/06/2007|20:38] C:\Users\othman\AppData\Roaming\LimeWire\fileurns.bak
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\data.ser
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\secureMessage.key
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\public.key
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\pub1.key
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\version.key
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\xml
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\412splashfree.png
[28/06/2007|20:37] C:\Users\othman\AppData\Roaming\LimeWire\themes

[09/08/2007|09:55] C:\Users\othman\AppData\Roaming\Macromedia\Shockwave Player
[28/06/2007|19:44] C:\Users\othman\AppData\Roaming\Macromedia\Flash Player

[07/05/2008|19:34] C:\Users\othman\AppData\Roaming\Microsoft\Windows Photo Gallery
[05/05/2008|20:03] C:\Users\othman\AppData\Roaming\Microsoft\Windows Live Call
[22/04/2008|18:00] C:\Users\othman\AppData\Roaming\Microsoft\Services Windows Live
[11/02/2008|09:48] C:\Users\othman\AppData\Roaming\Microsoft\Installer
[07/02/2008|23:18] C:\Users\othman\AppData\Roaming\Microsoft\WLTB Custom Buttons
[07/02/2008|23:18] C:\Users\othman\AppData\Roaming\Microsoft\MSNLiveFav
[31/01/2008|23:11] C:\Users\othman\AppData\Roaming\Microsoft\Crypto
[30/01/2008|16:07] C:\Users\othman\AppData\Roaming\Microsoft\Pack Emoticones Love
[25/01/2008|20:52] C:\Users\othman\AppData\Roaming\Microsoft\MSN Messenger
[07/10/2007|11:57] C:\Users\othman\AppData\Roaming\Microsoft\Media Player
[05/08/2007|16:47] C:\Users\othman\AppData\Roaming\Microsoft\HTML Help
[28/07/2007|19:33] C:\Users\othman\AppData\Roaming\Microsoft\digital locker
[19/07/2007|20:30] C:\Users\othman\AppData\Roaming\Microsoft\IdentityCRL
[15/07/2007|21:47] C:\Users\othman\AppData\Roaming\Microsoft\Internet Explorer
[06/07/2007|23:07] C:\Users\othman\AppData\Roaming\Microsoft\Credentials
[23/06/2007|17:58] C:\Users\othman\AppData\Roaming\Microsoft\Windows Media Encoder
[07/06/2007|13:47] C:\Users\othman\AppData\Roaming\Microsoft\MSNIA
[09/05/2007|15:32] C:\Users\othman\AppData\Roaming\Microsoft\eHome
[04/05/2007|22:55] C:\Users\othman\AppData\Roaming\Microsoft\Windows
[04/05/2007|20:40] C:\Users\othman\AppData\Roaming\Microsoft\Network
[04/05/2007|20:36] C:\Users\othman\AppData\Roaming\Microsoft\CLR Security Config
[04/05/2007|20:36] C:\Users\othman\AppData\Roaming\Microsoft\SystemCertificates
[04/05/2007|20:35] C:\Users\othman\AppData\Roaming\Microsoft\Protect

[24/12/2007|12:56] C:\Users\othman\AppData\Roaming\Motive\Report.xml

[19/07/2007|21:30] C:\Users\othman\AppData\Roaming\Mozilla\Firefox

[08/05/2007|13:48] C:\Users\othman\AppData\Roaming\OFFICE One v7\OFFICE One Safety-Box v7
[04/05/2007|20:36] C:\Users\othman\AppData\Roaming\OFFICE One v7\OFFICE One Startup v7

[04/05/2007|21:11] C:\Users\othman\AppData\Roaming\OFFICEOne7\user

[10/05/2008|22:30] C:\Users\othman\AppData\Roaming\Packard Bell\Setup my PC
[28/07/2007|11:27] C:\Users\othman\AppData\Roaming\Packard Bell\PBUpdator
[24/06/2007|23:00] C:\Users\othman\AppData\Roaming\Packard Bell\InfoCentre
[20/06/2007|15:48] C:\Users\othman\AppData\Roaming\Packard Bell\Smart Restore
[04/05/2007|20:37] C:\Users\othman\AppData\Roaming\Packard Bell\Identity Card

[08/05/2008|18:35] C:\Users\othman\AppData\Roaming\PC Tools\Spyware Doctor

[02/02/2008|13:33] C:\Users\othman\AppData\Roaming\ppStream\update.ini
[02/10/2007|21:29] C:\Users\othman\AppData\Roaming\ppStream\settings.ini
[03/08/2007|10:28] C:\Users\othman\AppData\Roaming\ppStream\1.0.0.1386

[08/05/2008|17:51] C:\Users\othman\AppData\Roaming\Roxio\MediaManager9
[08/05/2007|13:46] C:\Users\othman\AppData\Roaming\Roxio\RoxioCentral
[08/05/2007|13:46] C:\Users\othman\AppData\Roaming\Roxio\RoxioCentral33

[05/08/2007|01:54] C:\Users\othman\AppData\Roaming\Sony\ACID Music Studio

[01/07/2007|19:08] C:\Users\othman\AppData\Roaming\Talkback\MozillaOrg

[08/04/2008|22:59] C:\Users\othman\AppData\Roaming\TVU Networks\TVU AutoUpgrade

[09/01/2008|17:20] C:\Users\othman\AppData\Roaming\UserTile.png\UserTile.png

[10/05/2008|19:34] C:\Users\othman\AppData\Roaming\vlc\vlcrc
[13/11/2007|13:26] C:\Users\othman\AppData\Roaming\vlc\cache

[03/05/2008|09:14] C:\Users\othman\AppData\Roaming\Winamp\studio.xnf
[03/05/2008|09:14] C:\Users\othman\AppData\Roaming\Winamp\winamp.ini
[03/05/2008|09:14] C:\Users\othman\AppData\Roaming\Winamp\winamp.m3u
[03/05/2008|09:14] C:\Users\othman\AppData\Roaming\Winamp\Winamp.m3u8
[30/04/2008|15:10] C:\Users\othman\AppData\Roaming\Winamp\Winamp.bm
[05/04/2008|20:47] C:\Users\othman\AppData\Roaming\Winamp\Plugins
[17/02/2008|22:25] C:\Users\othman\AppData\Roaming\Winamp\Winamp.q1
[14/09/2005|21:17] C:\Users\othman\AppData\Roaming\Winamp\demo.mp3

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[07/02/2008 22:53][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08/05/2007 13:45][--a------] C:\Windows\tasks\HDReg.job
[09/05/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - othman.job
[10/05/2008 22:44][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{8872FB24-A449-4011-9D31-616F20C400DB}.job
[10/05/2008 22:45][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{2E61C77D-B1DC-456A-9664-B0071F64BAE4}.job
[10/05/2008 22:30][--a------] C:\Windows\tasks\Extension de garantie.job
[10/05/2008 22:30][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[18/06/2007 23:00][--a------] C:\Windows\tasks\PBRegbk.job
[11/05/2007 21:30][--a------] C:\Windows\tasks\PBReg.job
[10/05/2008 20:26][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 20:25][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[02/04/2008|19:34] C:\ProgramData\Adobe
[10/05/2008|19:32] C:\ProgramData\AOL
[02/11/2006|15:02] C:\ProgramData\Application Data
[04/05/2007|20:21] C:\ProgramData\Bureau
[04/04/2007|11:51] C:\ProgramData\Ciel
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[23/11/2007|19:07] C:\ProgramData\eMule
[04/05/2007|20:21] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[10/05/2008|07:51] C:\ProgramData\Google
[10/05/2008|20:35] C:\ProgramData\Google Updater
[04/04/2007|11:44] C:\ProgramData\InstallShield
[17/02/2008|12:46] C:\ProgramData\Kiwee Toolbar2
[04/05/2007|20:21] C:\ProgramData\Menu D‚marrer
[11/07/2007|23:11] C:\ProgramData\Messenger Plus!
[27/07/2007|21:32] C:\ProgramData\Microsoft
[04/05/2007|20:21] C:\ProgramData\ModŠles
[18/06/2007|15:17] C:\ProgramData\Motive
[01/07/2007|19:08] C:\ProgramData\Mozilla
[04/05/2008|09:38] C:\ProgramData\Name 01 Find
[04/04/2007|11:59] C:\ProgramData\OFFICE One v7
[17/02/2008|22:24] C:\ProgramData\OrbNetworks
[31/03/2008|23:22] C:\ProgramData\Roxio
[10/05/2008|20:04] C:\ProgramData\Skype
[08/05/2007|13:46] C:\ProgramData\Sonic
[10/05/2008|07:47] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[08/05/2008|19:10] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[08/04/2008|22:59] C:\ProgramData\TVU Networks
[04/04/2007|11:40] C:\ProgramData\Viewpoint
[14/04/2008|17:38] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[02/04/2008|19:33] C:\Program Files\Adobe
[02/08/2007|21:18] C:\Program Files\Alwil Software
[18/12/2007|13:25] C:\Program Files\Ankama Games
[10/05/2008|19:27] C:\Program Files\AOL
[04/04/2007|11:38] C:\Program Files\ATI Technologies
[11/07/2007|23:47] C:\Program Files\BoontyGames
[04/04/2007|11:51] C:\Program Files\Ciel
[24/12/2007|12:38] C:\Program Files\Club-Internet
[10/05/2008|20:04] C:\Program Files\Common Files
[31/08/2007|20:50] C:\Program Files\desktop.ini
[13/11/2007|13:26] C:\Program Files\Disc2Phone
[29/10/2007|21:47] C:\Program Files\DivX
[14/04/2008|12:24] C:\Program Files\DMV
[14/04/2008|15:03] C:\Program Files\Dofus
[23/11/2007|19:06] C:\Program Files\eMule
[28/11/2007|20:53] C:\Program Files\EPSON
[04/05/2007|20:21] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[27/02/2008|21:27] C:\Program Files\Five A Side Football
[10/05/2008|20:14] C:\Program Files\Google
[08/05/2008|11:34] C:\Program Files\GRISOFT
[04/04/2007|11:38] C:\Program Files\HDReg
[26/10/2007|19:08] C:\Program Files\InstallShield Installation Information
[11/04/2008|00:04] C:\Program Files\Internet Explorer
[04/04/2007|11:56] C:\Program Files\ISSENDIS
[15/08/2007|22:59] C:\Program Files\Jeskola Buzz
[26/10/2007|18:49] C:\Program Files\KONAMI
[10/05/2008|19:47] C:\Program Files\LimeWire
[10/02/2008|16:24] C:\Program Files\Matchball Tennis
[14/04/2008|17:39] C:\Program Files\Messenger Plus! Live
[07/07/2007|07:46] C:\Program Files\MessengerPlus! 3
[10/02/2008|16:03] C:\Program Files\Micro Application
[07/02/2008|22:33] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[07/02/2008|22:48] C:\Program Files\Microsoft SQL Server Compact Edition
[11/02/2008|09:28] C:\Program Files\Mini Golf
[17/02/2008|21:16] C:\Program Files\MiniKuGoo
[04/04/2007|21:20] C:\Program Files\Movie Maker
[07/05/2008|21:24] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[07/06/2007|13:36] C:\Program Files\MSN
[29/06/2007|09:59] C:\Program Files\MSXML 4.0
[10/05/2008|20:27] C:\Program Files\Navilog1
[04/04/2007|11:59] C:\Program Files\OFFICE ONE 7.0
[04/04/2007|11:59] C:\Program Files\OFFICE One v7
[04/04/2007|12:00] C:\Program Files\Packard Bell
[17/02/2008|12:47] C:\Program Files\PPLive TV
[17/02/2008|12:45] C:\Program Files\ppStream
[09/08/2007|00:29] C:\Program Files\Project64 1.6
[04/04/2007|11:37] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[04/04/2007|11:44] C:\Program Files\Roxio
[10/05/2008|20:04] C:\Program Files\Skype
[05/08/2007|01:47] C:\Program Files\Sony Setup
[12/04/2008|17:45] C:\Program Files\SopCast
[09/05/2008|16:27] C:\Program Files\Spybot - Search & Destroy
[08/05/2008|19:00] C:\Program Files\Spyware Doctor
[20/07/2007|18:31] C:\Program Files\SystemRequirementsLab
[08/05/2008|14:03] C:\Program Files\Trend Micro
[08/04/2008|23:02] C:\Program Files\tvants
[08/04/2008|22:58] C:\Program Files\TVUPlayer
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[29/06/2007|18:00] C:\Program Files\VideoLAN
[04/04/2007|11:40] C:\Program Files\Viewpoint
[30/04/2008|15:00] C:\Program Files\Winamp
[17/02/2008|22:24] C:\Program Files\Winamp Remote
[30/08/2007|08:33] C:\Program Files\Windows Calendar
[04/04/2007|21:20] C:\Program Files\Windows Collaboration
[29/06/2007|10:08] C:\Program Files\Windows Defender
[04/04/2007|21:20] C:\Program Files\Windows Journal
[28/02/2008|09:09] C:\Program Files\Windows Live
[07/02/2008|22:53] C:\Program Files\Windows Live Favorites
[07/02/2008|22:53] C:\Program Files\Windows Live Toolbar
[11/04/2008|00:04] C:\Program Files\Windows Mail
[11/10/2007|23:28] C:\Program Files\Windows Media Player
[04/05/2007|20:21] C:\Program Files\Windows NT
[04/04/2007|21:20] C:\Program Files\Windows Photo Gallery
[10/01/2008|10:42] C:\Program Files\Windows Sidebar

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[02/04/2008|19:35] C:\Program Files\Common Files\Adobe
[10/05/2008|19:32] C:\Program Files\Common Files\aol
[04/04/2007|11:51] C:\Program Files\Common Files\Ciel
[04/04/2007|11:43] C:\Program Files\Common Files\InstallShield
[07/02/2008|22:00] C:\Program Files\Common Files\microsoft shared
[24/12/2007|12:38] C:\Program Files\Common Files\Motive
[04/04/2007|11:51] C:\Program Files\Common Files\MSSoap
[04/04/2007|11:40] C:\Program Files\Common Files\Nullsoft
[04/04/2007|11:44] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[04/04/2007|11:44] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[04/04/2007|11:44] C:\Program Files\Common Files\SureThing Shared
[10/05/2008|20:14] C:\Program Files\Common Files\Symantec Shared
[02/10/2007|21:20] C:\Program Files\Common Files\Synacast
[29/06/2007|10:08] C:\Program Files\Common Files\System
[07/02/2008|21:51] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 63

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-10 22:47:17
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Users\othman\AppData\Roaming\Microsoft\Windows\Cookies\Low\othman@www.crackmuzik[1].txt
=> C:\Users\othman\Documents\Mes fichiers re‡us\Pc Game - Pro Evolution Soccer 2008 - PES - Crack No Cd + Serial.rar
=> C:\Users\othman\Documents\Mes fichiers re‡us\Pc Game - Pro Evolution Soccer 2008 - PES - Crack No Cd + Serial.zip
=> C:\Users\othman\Downloads\eMule\Incoming\Kanye.WEST.-.Late.Registration\Kanye_West-Late_Registration-2005-RNS\08-kanye_west-crack_music_(feat_the_game).mp3

/!\ [Fich:1][Doss:2] C:\Users\othman\AppData\Local\Temp
/!\ [Fich:2175][Doss:1] C:\Users\othman\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:5167][Doss:19] C:\Users\othman\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 22:47:47,88 ]----------------------

Réponse 68 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
10 mai 2008 à 22:51

et voici donc le rapor hijack this :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:50:28, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2filovemessenger%2fmars2005%2fbetty_boop.png%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sgcobyeqva] c:\users\dora\appdata\local\microsoft\sgcobyeqva.exe sgcobyeqva
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\nurb software body.zei7y"
O4 - HKCU\..\Run: [Win Download] "C:\ProgramData\Army window window.lhu1ye2"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell BV - C:\Program Files\Packard bell\SAXO27\HIDSERVICE.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Réponse 69 / 87

Utilisateur anonyme
10 mai 2008 à 22:53

decidement ton systeme est trés infecter !!

bon courage a vous !

Réponse 70 / 87

Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
10 mai 2008 à 22:54

Re

Télécharge OTMoveIt2 de Old_Timer sur ton Bureau. http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

Clique droit sur OTMoveIt.exe et "Exécuter en tant qu'administrateur"
Copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche (de couleur bleu) de OTMoveIt :
Paste standard List of Files/Folders to be moved.

C:\Users\othman\Documents\Mes fichiers re‡us\Pc Game - Pro Evolution Soccer 2008 - PES
C:\Users\othman\Downloads\eMule\Incoming\Kanye.WEST.-.Late.Registration
c:\users\dora\appdata\local\microsoft\sgcobyeqva.exe

Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaîtra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de faire redémarrer le PC pour achever la suppression.
si c'est le cas accepte par Yes.

--> Poste le rapport d'OTMoveIt situé dans C:\_OTMoveIt\MovedFiles (contenu du fichier C:\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date et l'heure) et un nouveau rapport Hijackthis.

@ suivre.

Réponse 71 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
11 mai 2008 à 21:44

bonsoir le sioux: j'ai deux probleme pour ta nouvelle manipulation.
Tout d'abord losque j'execute le programme en tant que administrateur il y a un message d'erreur disant"une referance a été renvoyé par le serveur". Surprit j'ai ouvert le programme normalement sans l'ouvrir en tant qu'administrateur. Mais ensuite tu parle d'une fenetre appelé Paste standard List of Files/Folders to be moved encadré de BLEU. Moi je n'est rien de tout cela :( , moi c'est jaune. Par peur de faire une betise j'aten tes conseille. merci d'avance et desolé pour le retard de la reponse.

Réponse 72 / 87

Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
11 mai 2008 à 22:23

Re

Colle dans la fenêtre de gauche, il se peut que je me sois trompé de couleur ...

Réponse 73 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
11 mai 2008 à 22:57

ok lol

Réponse 74 / 87

Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
11 mai 2008 à 23:05

Re

Regarde ici "comment fixer/corriger des lignes via HijackThis http://pageperso.aol.fr/balltrap34/demohijack.htm

1) Lance HijackThis.

Je te conseille d'enregistrer toutes les lignes a fixer puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procédure correctement.

Lance Hijackthis en faisant un clic droit sur son raccourci sur le Bureau puis "Exécuter en tant qu'administrateur"
Clique sur Scan Only et coche les lignes suivantes :

O4 - HKLM\..\Run: [sgcobyeqva] c:\users\dora\appdata\local\microsoft\sgcobyeqva.exe sgcobyeqva
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\nurb software body.zei7y"
O4 - HKCU\..\Run: [Win Download] "C:\ProgramData\Army window window.lhu1ye2"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - Global Startup: OFFICE One Startup v7.lnk = ?

Ferme toutes les autres fenêtres, tous les autres programmes. Pas de connections Internet.

Clique sur Fix Checked puis clique sur OK
Puis ferme HijackThis.

Si certaines lignes sont absentes, signale les en fin de procédure

2) Rapport

Fais redémarrer ton PC et poste un nouveau rapport HijackThis

@ suivre

Réponse 75 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
11 mai 2008 à 23:17

ok merci je regarde bien sa demin matin je sui crever la . merci

Réponse 76 / 87

Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
11 mai 2008 à 23:21

Re

OK a demain

Réponse 77 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
12 mai 2008 à 11:50

re
alor voici le rapor hikack this suite a OTMoveIt2 de Old_Timer:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:08, on 12/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2filovemessenger%2fmars2005%2fbetty_boop.png%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sgcobyeqva] c:\users\dora\appdata\local\microsoft\sgcobyeqva.exe sgcobyeqva
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\nurb software body.zei7y"
O4 - HKCU\..\Run: [Win Download] "C:\ProgramData\Army window window.lhu1ye2"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell BV - C:\Program Files\Packard bell\SAXO27\HIDSERVICE.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Réponse 78 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
12 mai 2008 à 12:07

re voici le raport aprer "comment fixer/corriger des lignes via HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:05:01, on 12/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\msfeedssync.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2filovemessenger%2fmars2005%2fbetty_boop.png%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell BV - C:\Program Files\Packard bell\SAXO27\HIDSERVICE.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Réponse 79 / 87

Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
12 mai 2008 à 21:05

Re

Ton rapport HijackThis semble clean, ton PC refonctionne mieux et sans pubs ;) c'est tout bon cela !

J affinerai bien le nettoyage en deux temps ;)

1er temps :

1) Télécharge

-- CCleaner
https://www.ccleaner.com/ccleaner/download
Choisi de préférence la version SLIM-No Toolbar.
Installe-le en prenant soin de décocher les diverses options dont la barre Yahoo et la mise à jour.
Lance CCleaner puis Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Pour les autres paramètres, laisse-le avec ses réglages par défaut.
Ferme le programme pour l’instant.

-- Télécharge et installe Malwarebyte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK
Laisse les Mises à jour se télécharger
Ferme le programme pour l’instant.
Tuto https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm

2) Scan avec Malwarebyte's Anti-Malware

Lance Malwarebyte's Anti-Malware en faisant un clic droit puis "Exécuter en tant qu'administrateur"
Onglet "Recherche" >>> coche Executer un exame complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
Suppression des éléments détectés >>>> clique sur Supprimer la sélection
S'il t'es demandé de redémarrer >>> clique sur "Yes"
--> Un rapport de scan s'ouvre, enregistre sur ton Bureau.
Puis ferme Malwarebyte's Anti-Malware

3) Suppression de fichiers inutiles avec CCleaner

Lance CCleaner en double-cliquant sur son raccourci sur le bureau.
Puis dans le menu Nettoyeur
Clique sur Analyse (laisser travailler cela peut durer longtemps la 1ere fois)
Clique sur le bouton Lancer le nettoyage.
Clique une seconde fois sur le bouton Lancer le nettoyage puis ferme CCleaner.

4) Rapports

Poste en réponse :
* Un nouveau rapport HijackThis
* Le rapport de Malwarebyte's Anti-Malware que tu as sauvegardé sur ton Bureau.

Bon courage

@ bientôt pour le "2nd temps" ;)

Réponse 80 / 87

Pharrel Williams Messages postés 66 Date d'inscription jeudi 8 mai 2008 Statut Membre Dernière intervention 4 octobre 2009
15 mai 2008 à 16:39

desolé du retard de la reponse. merci beaucoup je vais voir tout cela se soir ;p

Discussions similaires

Récupérer un résultat selon la date d'aujourd'hui

Applications loto Autriche, Bulgarie et Azerbaïdjan.

Bonjour,j'ai besoin des résultats d'aujourd'hui vendredi 29 octobre 2021 de 17h

generer toutes les combinaisons du loto premier bet 5/90 et 4/52 .

generateur de combinaison du loto 5/90