Pubs Intempestives CID
Charmiiz
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
J'ai télécharger Messenger Plus, et depuis j'ai beaucoup de epubs intempestives qui apparaissent et je ne peux les enleve. J'ai déjà regardé un sujet là dessus, j'ai donc télécharger Hitjakthis et voici le SCAN. Merci de m'aider le plus rapidement possible, si possible !
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:13, on 09/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Controle Parental\bin\OPTGui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\WINDOWS\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Movie Maker\MOVIEMK.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
O4 - HKLM\..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet-DMGP\SessionManager\SessionManager.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [locks bind] "C:\ProgramData\datawarnwarn.031bc"
O4 - HKCU\..\Run: [vc log bows face] "C:\ProgramData\Start four atom.4etvi0"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Sommaire de OneNote.onetoc2
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
J'ai télécharger Messenger Plus, et depuis j'ai beaucoup de epubs intempestives qui apparaissent et je ne peux les enleve. J'ai déjà regardé un sujet là dessus, j'ai donc télécharger Hitjakthis et voici le SCAN. Merci de m'aider le plus rapidement possible, si possible !
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:13, on 09/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Controle Parental\bin\OPTGui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\WINDOWS\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Movie Maker\MOVIEMK.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
O4 - HKLM\..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet-DMGP\SessionManager\SessionManager.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [locks bind] "C:\ProgramData\datawarnwarn.031bc"
O4 - HKCU\..\Run: [vc log bows face] "C:\ProgramData\Start four atom.4etvi0"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Sommaire de OneNote.onetoc2
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
A voir également:
- Pubs Intempestives CID
- Bloquer les pubs youtube - Accueil - Streaming
- Supprimer les pubs - Guide
- Mon téléphone lance des pubs tout seul ✓ - Forum Samsung
- Pourquoi j'ai des pubs de site de rencontre ✓ - Forum Virus
- Comment couper le son des pubs dans les jeux - Forum Enceintes / HiFi
14 réponses
slt
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O4 - HKCU\..\Run: [locks bind] "C:\ProgramData\datawarnwarn.031bc"
O4 - HKCU\..\Run: [vc log bows face] "C:\ProgramData\Start four atom.4etvi0"
______________
télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\ProgramData\datawarnwarn.031bc
C:\ProgramData\Start four atom.4etvi0
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
dans DEMARRER puis PANNEAU DE CONFIGURATION puis AJOUT /SUPPRESSION DE PROGRAMME
cherche quelque chose comme CID et msn plus et desinstalle les
si tu doit réinstaller msn plus fait le sans les sponsor surtout
_____________
encore des pubs??
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O4 - HKCU\..\Run: [locks bind] "C:\ProgramData\datawarnwarn.031bc"
O4 - HKCU\..\Run: [vc log bows face] "C:\ProgramData\Start four atom.4etvi0"
______________
télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\ProgramData\datawarnwarn.031bc
C:\ProgramData\Start four atom.4etvi0
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
dans DEMARRER puis PANNEAU DE CONFIGURATION puis AJOUT /SUPPRESSION DE PROGRAMME
cherche quelque chose comme CID et msn plus et desinstalle les
si tu doit réinstaller msn plus fait le sans les sponsor surtout
_____________
encore des pubs??
Re-bonjour.
J'ai relancé HijackThis comme indiqué. Ensuite j'ai téléchargé OTMoveIt. J'ai copié ta citation dans le cadre.
Par contre j'ai pas compris après ce qu'il fallait faire. C'est à dire "Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
? Je poste quel rapport ?
Et sinon, je ne peux pas supprimer CID ou Mesenger Plus dans ajout/suppression de programmes, car je l'avais déjà fais il y a longtemps.
Merci d'avance de m'expliquer.
J'ai relancé HijackThis comme indiqué. Ensuite j'ai téléchargé OTMoveIt. J'ai copié ta citation dans le cadre.
Par contre j'ai pas compris après ce qu'il fallait faire. C'est à dire "Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
? Je poste quel rapport ?
Et sinon, je ne peux pas supprimer CID ou Mesenger Plus dans ajout/suppression de programmes, car je l'avais déjà fais il y a longtemps.
Merci d'avance de m'expliquer.
tu post le rapport otmovit
tu trouve le rapport en allant dans poste de travail puis C:\_OTMoveIt\MovedFiles.
______________
puis dis moi si
encore des pubs??
tu trouve le rapport en allant dans poste de travail puis C:\_OTMoveIt\MovedFiles.
______________
puis dis moi si
encore des pubs??
Quand j'ouvre C:\_OTMoveIt\MovedFiles j'ai plusieurs fichiers dedans :
Deux dossiers de fichiers vides nommés : 05092008_205719 et l'autre 05092008_210229
Ensuite encore dessous il y a un fichier RES encore une fois nommé : 05092008_205719.res
et enfin dessous un document texte nommé : 05092008_205719.log
Je ne peux pas ouvrir le fichier RES
et, dans le document de texte, si je l'ouvre il y a écrit :
C:\ProgramData\datawarnwarn.031bc moved successfully.
C:\ProgramData\Start four atom.4etvi0 moved successfully.
OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05092008_205719
Je suis vraiment désolée, mais je suis nulle en informatique et je suis mineur.
Deux dossiers de fichiers vides nommés : 05092008_205719 et l'autre 05092008_210229
Ensuite encore dessous il y a un fichier RES encore une fois nommé : 05092008_205719.res
et enfin dessous un document texte nommé : 05092008_205719.log
Je ne peux pas ouvrir le fichier RES
et, dans le document de texte, si je l'ouvre il y a écrit :
C:\ProgramData\datawarnwarn.031bc moved successfully.
C:\ProgramData\Start four atom.4etvi0 moved successfully.
OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05092008_205719
Je suis vraiment désolée, mais je suis nulle en informatique et je suis mineur.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
=D Merci beaucoup pour les conseils que tu m'as donné, ça fait un bout de temps qu'aucune pub n'est apparue, donc j'espère que ça va continuer, si ce n'est pas le cas, je reposterai =) Mais pour l'instant aucune puib Cid d'affichée !
Je suis super contente ^^
Je suis super contente ^^
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
j'peux pas. J'ai Widows Vista Edition Familial Premium Et il me faut XP pour pouvoir le télécharger ...
Okay, pardon.
voilà le rapport.
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : marieanne ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 10/05/2008 | 20:59:20,89 ] [ PC : PC-DE-MARIEANNE ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Application Data ]------------
[09/05/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Adobe\PatcherLogs
[05/04/2008|09:19] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Plugins
[20/03/2008|19:46] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Bridge CS3
[05/03/2008|15:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Workflow
[05/03/2008|15:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\CameraRaw
[03/03/2008|20:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Adobe Photoshop CS3
[18/02/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Color
[18/02/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Adobe PDF
[18/02/2008|11:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Stock Photos CS3
[18/02/2008|00:18] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Updater5
[17/02/2008|22:56] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Linguistics
[10/02/2008|13:35] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Flash Player
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Acrobat
[20/01/2008|17:13] C:\Users\MARIEA~1\AppData\Roaming\CyberLink\PowerCinema
[20/01/2008|17:13] C:\Users\MARIEA~1\AppData\Roaming\CyberLink\PowerDVD
[15/04/2008|23:46] C:\Users\MARIEA~1\AppData\Roaming\eMule\config
[18/02/2008|19:16] C:\Users\MARIEA~1\AppData\Roaming\F-Secure\System Control
[17/01/2008|19:24] C:\Users\MARIEA~1\AppData\Roaming\F-Secure\Spam Control
[29/02/2008|18:09] C:\Users\MARIEA~1\AppData\Roaming\gtk-2.0\gtkfilechooser.ini
[17/01/2008|14:31] C:\Users\MARIEA~1\AppData\Roaming\Hewlett-Packard\HP Software UI
[20/01/2008|17:12] C:\Users\MARIEA~1\AppData\Roaming\HP\QuickPlay
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Identities\{7D2950D7-B297-4B7A-9D04-F81906E77648}
[17/04/2008|14:34] C:\Users\MARIEA~1\AppData\Roaming\InstallShield\ISEngine12.0
[20/04/2008|20:46] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\library.dat
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\filters.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\questions.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\tables.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\installation.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\mojito.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\limewire.props
[20/04/2008|12:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\fileurns.cache
[20/04/2008|12:48] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\createtimes.cache
[15/04/2008|17:12] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\version.xml
[15/04/2008|16:59] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\simpp.xml
[15/04/2008|16:59] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\.AppSpecialShare
[25/03/2008|14:15] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\spam.dat
[24/02/2008|20:55] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\xml
[24/02/2008|20:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\fileurns.bak
[24/02/2008|20:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\themes
[17/01/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Macromedia\Flash Player
[27/04/2008|21:00] C:\Users\MARIEA~1\AppData\Roaming\Megaupload\Mega Manager
[10/05/2008|20:00] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[08/05/2008|11:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Templates
[05/05/2008|20:09] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Word
[18/04/2008|15:48] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Office
[09/04/2008|19:16] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\CLView
[01/03/2008|14:21] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows Media Encoder
[21/02/2008|11:29] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Excel
[19/02/2008|19:14] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\MSN Messenger
[14/02/2008|21:05] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\IdentityCRL
[05/02/2008|20:39] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Internet Explorer
[05/02/2008|17:11] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Proof
[31/01/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Document Building Blocks
[31/01/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\AddIns
[27/01/2008|17:47] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\eHome
[23/01/2008|19:47] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\HTML Help
[23/01/2008|15:11] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\UProof
[21/01/2008|18:35] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\OneNote
[21/01/2008|18:33] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Network
[21/01/2008|18:30] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\MMC
[18/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows
[18/01/2008|14:25] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\preuve
[17/01/2008|19:03] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Crypto
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Protect
[17/01/2008|14:39] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\SystemCertificates
[17/01/2008|14:31] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\CLR Security Config
[17/01/2008|14:29] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Credentials
[10/05/2008|20:59] C:\Users\MARIEA~1\AppData\Roaming\nvModes.001\nvModes.001
[08/05/2008|22:50] C:\Users\MARIEA~1\AppData\Roaming\nvModes.dat\nvModes.dat
[25/02/2008|17:54] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Data
[25/02/2008|15:14] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Player Orange.log
[13/02/2008|13:23] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedDataBase.xml
[13/02/2008|13:23] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedDataBase.bak
[13/02/2008|13:20] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\DatacommandResponseTmp.xml
[10/02/2008|20:17] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Poster
[10/02/2008|20:13] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedVideos
[10/02/2008|20:13] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Temp
[22/02/2008|19:28] C:\Users\MARIEA~1\AppData\Roaming\QuickZip45.ini\QuickZip45.ini
[31/01/2008|19:33] C:\Users\MARIEA~1\AppData\Roaming\Roxio\MediaManager9
[31/01/2008|19:33] C:\Users\MARIEA~1\AppData\Roaming\Roxio\Dragon
[18/02/2005|00:07] C:\Users\MARIEA~1\AppData\Roaming\Template\Normal.wpt
[03/02/2008|20:02] C:\Users\MARIEA~1\AppData\Roaming\UserTile.png\UserTile.png
[18/04/2008|15:48] C:\Users\MARIEA~1\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[10/05/2008 20:59][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 20:57][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[21/08/2007|23:49] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[03/03/2008|20:36] C:\ProgramData\Adobe
[18/01/2008|20:35] C:\ProgramData\Alexandra Ledermann 8
[17/01/2008|14:17] C:\ProgramData\Application Data
[17/01/2008|14:17] C:\ProgramData\Bureau
[09/05/2008|19:13] C:\ProgramData\CakeByteMail
[05/04/2008|09:34] C:\ProgramData\CyberLink
[09/05/2008|19:12] C:\ProgramData\datawarnwarn.gnn6p
[20/03/2008|20:26] C:\ProgramData\datawarnwarn.py54zb
[09/05/2008|21:03] C:\ProgramData\datawarnwarn.s6jntm5
[17/01/2008|14:17] C:\ProgramData\Documents
[17/04/2008|15:44] C:\ProgramData\eMule
[17/01/2008|14:17] C:\ProgramData\Favoris
[18/02/2008|11:26] C:\ProgramData\FLEXnet
[05/02/2008|12:53] C:\ProgramData\F-Secure
[05/02/2008|12:52] C:\ProgramData\fssg
[20/04/2008|12:43] C:\ProgramData\Google
[22/08/2007|00:31] C:\ProgramData\Hewlett-Packard
[20/01/2008|17:12] C:\ProgramData\HP
[22/08/2007|00:00] C:\ProgramData\hpzinstall.log
[09/05/2008|19:13] C:\ProgramData\Memo Drive Vc Log
[17/01/2008|14:17] C:\ProgramData\Menu D‚marrer
[23/01/2008|19:47] C:\ProgramData\Microsoft
[03/05/2008|21:32] C:\ProgramData\Microsoft Help
[17/01/2008|14:17] C:\ProgramData\ModŠles
[21/08/2007|23:28] C:\ProgramData\Roxio
[31/01/2008|19:33] C:\ProgramData\Sonic
[17/01/2008|18:19] C:\ProgramData\Symantec
[21/02/2008|21:33] C:\ProgramData\WLInstaller
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[21/08/2007|23:49] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[05/03/2008|15:15] C:\Program Files\Adobe
[09/05/2008|17:05] C:\Program Files\Atari
[03/03/2008|20:36] C:\Program Files\Bonjour
[01/05/2008|12:30] C:\Program Files\CardDetector
[04/04/2008|21:25] C:\Program Files\Circle Developement
[09/05/2008|17:04] C:\Program Files\Common Files
[21/08/2007|22:54] C:\Program Files\CONEXANT
[22/02/2008|22:38] C:\Program Files\Controle Parental
[18/01/2008|14:18] C:\Program Files\desktop.ini
[22/08/2007|00:02] C:\Program Files\EasyBits
[17/01/2008|14:17] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[21/04/2008|09:59] C:\Program Files\Google
[22/08/2007|00:26] C:\Program Files\Hewlett-Packard
[22/08/2007|00:26] C:\Program Files\HP
[22/08/2007|00:11] C:\Program Files\HPQ
[09/05/2008|17:05] C:\Program Files\InstallShield Installation Information
[10/04/2008|08:08] C:\Program Files\Internet Explorer
[03/05/2008|21:11] C:\Program Files\Java
[24/02/2008|20:50] C:\Program Files\LimeWire
[09/05/2008|21:17] C:\Program Files\Lopxp
[17/04/2008|14:35] C:\Program Files\Megaupload
[05/02/2008|14:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[21/08/2007|23:48] C:\Program Files\Microsoft Office
[21/08/2007|23:48] C:\Program Files\Microsoft Works
[21/08/2007|23:47] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[18/01/2008|10:07] C:\Program Files\MSXML 4.0
[22/08/2007|00:06] C:\Program Files\muvee Technologies
[01/05/2008|12:36] C:\Program Files\Orange
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[21/08/2007|23:29] C:\Program Files\Roxio
[22/08/2007|00:03] C:\Program Files\Services en ligne
[21/08/2007|22:52] C:\Program Files\Synaptics
[09/05/2008|20:02] C:\Program Files\Trend Micro
[03/03/2008|19:03] C:\Program Files\UBISOFT
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[18/01/2008|10:28] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[21/08/2007|23:36] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[20/04/2008|12:42] C:\Program Files\Windows Live
[10/04/2008|08:08] C:\Program Files\Windows Mail
[18/01/2008|10:28] C:\Program Files\Windows Media Player
[17/01/2008|14:17] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[18/01/2008|10:28] C:\Program Files\Windows Sidebar
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[03/03/2008|20:35] C:\Program Files\Common Files\Adobe
[21/08/2007|23:48] C:\Program Files\Common Files\DESIGNER
[01/05/2008|12:35] C:\Program Files\Common Files\France Telecom
[22/08/2007|00:00] C:\Program Files\Common Files\HP
[22/08/2007|00:09] C:\Program Files\Common Files\InstallShield
[22/08/2007|00:30] C:\Program Files\Common Files\Java
[22/08/2007|00:11] C:\Program Files\Common Files\LightScribe
[03/03/2008|20:17] C:\Program Files\Common Files\Macrovision Shared
[03/05/2008|21:27] C:\Program Files\Common Files\microsoft shared
[22/08/2007|00:06] C:\Program Files\Common Files\muvee Technologies
[21/08/2007|23:28] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[21/08/2007|23:28] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/08/2007|23:29] C:\Program Files\Common Files\SureThing Shared
[17/01/2008|18:19] C:\Program Files\Common Files\Symantec Shared
[18/01/2008|10:28] C:\Program Files\Common Files\System
[21/02/2008|21:39] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 51
iexplore.exe ~ [2092]
iexplore.exe ~ [2144]
----------------------[ Recherche avec S_Lop ]---------------------
C:\Users\MARIEA~1\AppData\Local\Temp\bis2DB6.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\ProgramData\Memo Drive Vc Log
C:\ProgramData\Memo Drive Vc Log\Win Draw.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.0xe
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-10 20:59:51
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
/!\ [Fich:8105][Doss:1086] C:\Users\MARIEA~1\AppData\Local\Temp
/!\ [Fich:633][Doss:1] C:\Users\MARIEA~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:5891][Doss:11] C:\Users\MARIEA~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[ UAC => 1 ]
--------------------[ Fin du rapport a 21:03:37,33 ]----------------------
voilà le rapport.
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : marieanne ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 10/05/2008 | 20:59:20,89 ] [ PC : PC-DE-MARIEANNE ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Application Data ]------------
[09/05/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Adobe\PatcherLogs
[05/04/2008|09:19] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Plugins
[20/03/2008|19:46] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Bridge CS3
[05/03/2008|15:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Workflow
[05/03/2008|15:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\CameraRaw
[03/03/2008|20:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Adobe Photoshop CS3
[18/02/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Color
[18/02/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Adobe PDF
[18/02/2008|11:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Stock Photos CS3
[18/02/2008|00:18] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Updater5
[17/02/2008|22:56] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Linguistics
[10/02/2008|13:35] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Flash Player
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Acrobat
[20/01/2008|17:13] C:\Users\MARIEA~1\AppData\Roaming\CyberLink\PowerCinema
[20/01/2008|17:13] C:\Users\MARIEA~1\AppData\Roaming\CyberLink\PowerDVD
[15/04/2008|23:46] C:\Users\MARIEA~1\AppData\Roaming\eMule\config
[18/02/2008|19:16] C:\Users\MARIEA~1\AppData\Roaming\F-Secure\System Control
[17/01/2008|19:24] C:\Users\MARIEA~1\AppData\Roaming\F-Secure\Spam Control
[29/02/2008|18:09] C:\Users\MARIEA~1\AppData\Roaming\gtk-2.0\gtkfilechooser.ini
[17/01/2008|14:31] C:\Users\MARIEA~1\AppData\Roaming\Hewlett-Packard\HP Software UI
[20/01/2008|17:12] C:\Users\MARIEA~1\AppData\Roaming\HP\QuickPlay
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Identities\{7D2950D7-B297-4B7A-9D04-F81906E77648}
[17/04/2008|14:34] C:\Users\MARIEA~1\AppData\Roaming\InstallShield\ISEngine12.0
[20/04/2008|20:46] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\library.dat
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\filters.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\questions.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\tables.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\installation.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\mojito.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\limewire.props
[20/04/2008|12:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\fileurns.cache
[20/04/2008|12:48] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\createtimes.cache
[15/04/2008|17:12] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\version.xml
[15/04/2008|16:59] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\simpp.xml
[15/04/2008|16:59] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\.AppSpecialShare
[25/03/2008|14:15] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\spam.dat
[24/02/2008|20:55] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\xml
[24/02/2008|20:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\fileurns.bak
[24/02/2008|20:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\themes
[17/01/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Macromedia\Flash Player
[27/04/2008|21:00] C:\Users\MARIEA~1\AppData\Roaming\Megaupload\Mega Manager
[10/05/2008|20:00] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[08/05/2008|11:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Templates
[05/05/2008|20:09] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Word
[18/04/2008|15:48] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Office
[09/04/2008|19:16] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\CLView
[01/03/2008|14:21] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows Media Encoder
[21/02/2008|11:29] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Excel
[19/02/2008|19:14] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\MSN Messenger
[14/02/2008|21:05] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\IdentityCRL
[05/02/2008|20:39] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Internet Explorer
[05/02/2008|17:11] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Proof
[31/01/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Document Building Blocks
[31/01/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\AddIns
[27/01/2008|17:47] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\eHome
[23/01/2008|19:47] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\HTML Help
[23/01/2008|15:11] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\UProof
[21/01/2008|18:35] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\OneNote
[21/01/2008|18:33] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Network
[21/01/2008|18:30] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\MMC
[18/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows
[18/01/2008|14:25] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\preuve
[17/01/2008|19:03] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Crypto
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Protect
[17/01/2008|14:39] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\SystemCertificates
[17/01/2008|14:31] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\CLR Security Config
[17/01/2008|14:29] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Credentials
[10/05/2008|20:59] C:\Users\MARIEA~1\AppData\Roaming\nvModes.001\nvModes.001
[08/05/2008|22:50] C:\Users\MARIEA~1\AppData\Roaming\nvModes.dat\nvModes.dat
[25/02/2008|17:54] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Data
[25/02/2008|15:14] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Player Orange.log
[13/02/2008|13:23] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedDataBase.xml
[13/02/2008|13:23] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedDataBase.bak
[13/02/2008|13:20] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\DatacommandResponseTmp.xml
[10/02/2008|20:17] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Poster
[10/02/2008|20:13] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedVideos
[10/02/2008|20:13] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Temp
[22/02/2008|19:28] C:\Users\MARIEA~1\AppData\Roaming\QuickZip45.ini\QuickZip45.ini
[31/01/2008|19:33] C:\Users\MARIEA~1\AppData\Roaming\Roxio\MediaManager9
[31/01/2008|19:33] C:\Users\MARIEA~1\AppData\Roaming\Roxio\Dragon
[18/02/2005|00:07] C:\Users\MARIEA~1\AppData\Roaming\Template\Normal.wpt
[03/02/2008|20:02] C:\Users\MARIEA~1\AppData\Roaming\UserTile.png\UserTile.png
[18/04/2008|15:48] C:\Users\MARIEA~1\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[10/05/2008 20:59][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 20:57][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[21/08/2007|23:49] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[03/03/2008|20:36] C:\ProgramData\Adobe
[18/01/2008|20:35] C:\ProgramData\Alexandra Ledermann 8
[17/01/2008|14:17] C:\ProgramData\Application Data
[17/01/2008|14:17] C:\ProgramData\Bureau
[09/05/2008|19:13] C:\ProgramData\CakeByteMail
[05/04/2008|09:34] C:\ProgramData\CyberLink
[09/05/2008|19:12] C:\ProgramData\datawarnwarn.gnn6p
[20/03/2008|20:26] C:\ProgramData\datawarnwarn.py54zb
[09/05/2008|21:03] C:\ProgramData\datawarnwarn.s6jntm5
[17/01/2008|14:17] C:\ProgramData\Documents
[17/04/2008|15:44] C:\ProgramData\eMule
[17/01/2008|14:17] C:\ProgramData\Favoris
[18/02/2008|11:26] C:\ProgramData\FLEXnet
[05/02/2008|12:53] C:\ProgramData\F-Secure
[05/02/2008|12:52] C:\ProgramData\fssg
[20/04/2008|12:43] C:\ProgramData\Google
[22/08/2007|00:31] C:\ProgramData\Hewlett-Packard
[20/01/2008|17:12] C:\ProgramData\HP
[22/08/2007|00:00] C:\ProgramData\hpzinstall.log
[09/05/2008|19:13] C:\ProgramData\Memo Drive Vc Log
[17/01/2008|14:17] C:\ProgramData\Menu D‚marrer
[23/01/2008|19:47] C:\ProgramData\Microsoft
[03/05/2008|21:32] C:\ProgramData\Microsoft Help
[17/01/2008|14:17] C:\ProgramData\ModŠles
[21/08/2007|23:28] C:\ProgramData\Roxio
[31/01/2008|19:33] C:\ProgramData\Sonic
[17/01/2008|18:19] C:\ProgramData\Symantec
[21/02/2008|21:33] C:\ProgramData\WLInstaller
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[21/08/2007|23:49] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[05/03/2008|15:15] C:\Program Files\Adobe
[09/05/2008|17:05] C:\Program Files\Atari
[03/03/2008|20:36] C:\Program Files\Bonjour
[01/05/2008|12:30] C:\Program Files\CardDetector
[04/04/2008|21:25] C:\Program Files\Circle Developement
[09/05/2008|17:04] C:\Program Files\Common Files
[21/08/2007|22:54] C:\Program Files\CONEXANT
[22/02/2008|22:38] C:\Program Files\Controle Parental
[18/01/2008|14:18] C:\Program Files\desktop.ini
[22/08/2007|00:02] C:\Program Files\EasyBits
[17/01/2008|14:17] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[21/04/2008|09:59] C:\Program Files\Google
[22/08/2007|00:26] C:\Program Files\Hewlett-Packard
[22/08/2007|00:26] C:\Program Files\HP
[22/08/2007|00:11] C:\Program Files\HPQ
[09/05/2008|17:05] C:\Program Files\InstallShield Installation Information
[10/04/2008|08:08] C:\Program Files\Internet Explorer
[03/05/2008|21:11] C:\Program Files\Java
[24/02/2008|20:50] C:\Program Files\LimeWire
[09/05/2008|21:17] C:\Program Files\Lopxp
[17/04/2008|14:35] C:\Program Files\Megaupload
[05/02/2008|14:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[21/08/2007|23:48] C:\Program Files\Microsoft Office
[21/08/2007|23:48] C:\Program Files\Microsoft Works
[21/08/2007|23:47] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[18/01/2008|10:07] C:\Program Files\MSXML 4.0
[22/08/2007|00:06] C:\Program Files\muvee Technologies
[01/05/2008|12:36] C:\Program Files\Orange
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[21/08/2007|23:29] C:\Program Files\Roxio
[22/08/2007|00:03] C:\Program Files\Services en ligne
[21/08/2007|22:52] C:\Program Files\Synaptics
[09/05/2008|20:02] C:\Program Files\Trend Micro
[03/03/2008|19:03] C:\Program Files\UBISOFT
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[18/01/2008|10:28] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[21/08/2007|23:36] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[20/04/2008|12:42] C:\Program Files\Windows Live
[10/04/2008|08:08] C:\Program Files\Windows Mail
[18/01/2008|10:28] C:\Program Files\Windows Media Player
[17/01/2008|14:17] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[18/01/2008|10:28] C:\Program Files\Windows Sidebar
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[03/03/2008|20:35] C:\Program Files\Common Files\Adobe
[21/08/2007|23:48] C:\Program Files\Common Files\DESIGNER
[01/05/2008|12:35] C:\Program Files\Common Files\France Telecom
[22/08/2007|00:00] C:\Program Files\Common Files\HP
[22/08/2007|00:09] C:\Program Files\Common Files\InstallShield
[22/08/2007|00:30] C:\Program Files\Common Files\Java
[22/08/2007|00:11] C:\Program Files\Common Files\LightScribe
[03/03/2008|20:17] C:\Program Files\Common Files\Macrovision Shared
[03/05/2008|21:27] C:\Program Files\Common Files\microsoft shared
[22/08/2007|00:06] C:\Program Files\Common Files\muvee Technologies
[21/08/2007|23:28] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[21/08/2007|23:28] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/08/2007|23:29] C:\Program Files\Common Files\SureThing Shared
[17/01/2008|18:19] C:\Program Files\Common Files\Symantec Shared
[18/01/2008|10:28] C:\Program Files\Common Files\System
[21/02/2008|21:39] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 51
iexplore.exe ~ [2092]
iexplore.exe ~ [2144]
----------------------[ Recherche avec S_Lop ]---------------------
C:\Users\MARIEA~1\AppData\Local\Temp\bis2DB6.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\ProgramData\Memo Drive Vc Log
C:\ProgramData\Memo Drive Vc Log\Win Draw.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.0xe
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-10 20:59:51
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
/!\ [Fich:8105][Doss:1086] C:\Users\MARIEA~1\AppData\Local\Temp
/!\ [Fich:633][Doss:1] C:\Users\MARIEA~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:5891][Doss:11] C:\Users\MARIEA~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[ UAC => 1 ]
--------------------[ Fin du rapport a 21:03:37,33 ]----------------------
ok
vire tes cracks:
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
___________________
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
______________
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
_____________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
vire tes cracks:
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip
=> C:\Users\marieanne\AppData\Local\Temp\Temp1_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp2_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
=> C:\Users\marieanne\AppData\Local\Temp\Temp3_Crack et Keygen.zip\Crack Activation Photoshop CS2 Fr.exe
___________________
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
______________
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
_____________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
J'ai viré mes cracks, et voilà le rapport
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : marieanne ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 11/05/2008 | 8:59:34,49 ] [ PC : PC-DE-MARIEANNE ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\ProgramData\Memo Drive Vc Log\Win Draw.exe
Supprimé! - C:\Program Files\Circle Developement\Uninstall.0xe
Supprimé! - C:\Users\MARIEA~1\AppData\Local\Temp\bis2DB6.exe
Supprimé! - C:\ProgramData\Memo Drive Vc Log
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[09/05/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Adobe\PatcherLogs
[05/04/2008|09:19] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Plugins
[20/03/2008|19:46] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Bridge CS3
[05/03/2008|15:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Workflow
[05/03/2008|15:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\CameraRaw
[03/03/2008|20:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Adobe Photoshop CS3
[18/02/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Color
[18/02/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Adobe PDF
[18/02/2008|11:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Stock Photos CS3
[18/02/2008|00:18] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Updater5
[17/02/2008|22:56] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Linguistics
[10/02/2008|13:35] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Flash Player
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Acrobat
[20/01/2008|17:13] C:\Users\MARIEA~1\AppData\Roaming\CyberLink\PowerCinema
[20/01/2008|17:13] C:\Users\MARIEA~1\AppData\Roaming\CyberLink\PowerDVD
[15/04/2008|23:46] C:\Users\MARIEA~1\AppData\Roaming\eMule\config
[18/02/2008|19:16] C:\Users\MARIEA~1\AppData\Roaming\F-Secure\System Control
[17/01/2008|19:24] C:\Users\MARIEA~1\AppData\Roaming\F-Secure\Spam Control
[29/02/2008|18:09] C:\Users\MARIEA~1\AppData\Roaming\gtk-2.0\gtkfilechooser.ini
[17/01/2008|14:31] C:\Users\MARIEA~1\AppData\Roaming\Hewlett-Packard\HP Software UI
[20/01/2008|17:12] C:\Users\MARIEA~1\AppData\Roaming\HP\QuickPlay
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Identities\{7D2950D7-B297-4B7A-9D04-F81906E77648}
[17/04/2008|14:34] C:\Users\MARIEA~1\AppData\Roaming\InstallShield\ISEngine12.0
[20/04/2008|20:46] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\library.dat
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\filters.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\questions.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\tables.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\installation.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\mojito.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\limewire.props
[20/04/2008|12:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\fileurns.cache
[20/04/2008|12:48] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\createtimes.cache
[15/04/2008|17:12] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\version.xml
[15/04/2008|16:59] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\simpp.xml
[15/04/2008|16:59] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\.AppSpecialShare
[25/03/2008|14:15] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\spam.dat
[24/02/2008|20:55] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\xml
[24/02/2008|20:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\fileurns.bak
[24/02/2008|20:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\themes
[17/01/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Macromedia\Flash Player
[27/04/2008|21:00] C:\Users\MARIEA~1\AppData\Roaming\Megaupload\Mega Manager
[10/05/2008|20:00] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[08/05/2008|11:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Templates
[05/05/2008|20:09] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Word
[18/04/2008|15:48] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Office
[09/04/2008|19:16] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\CLView
[01/03/2008|14:21] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows Media Encoder
[21/02/2008|11:29] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Excel
[19/02/2008|19:14] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\MSN Messenger
[14/02/2008|21:05] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\IdentityCRL
[05/02/2008|20:39] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Internet Explorer
[05/02/2008|17:11] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Proof
[31/01/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Document Building Blocks
[31/01/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\AddIns
[27/01/2008|17:47] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\eHome
[23/01/2008|19:47] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\HTML Help
[23/01/2008|15:11] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\UProof
[21/01/2008|18:35] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\OneNote
[21/01/2008|18:33] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Network
[21/01/2008|18:30] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\MMC
[18/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows
[18/01/2008|14:25] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\preuve
[17/01/2008|19:03] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Crypto
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Protect
[17/01/2008|14:39] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\SystemCertificates
[17/01/2008|14:31] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\CLR Security Config
[17/01/2008|14:29] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Credentials
[11/05/2008|08:01] C:\Users\MARIEA~1\AppData\Roaming\nvModes.001\nvModes.001
[08/05/2008|22:50] C:\Users\MARIEA~1\AppData\Roaming\nvModes.dat\nvModes.dat
[25/02/2008|17:54] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Data
[25/02/2008|15:14] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Player Orange.log
[13/02/2008|13:23] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedDataBase.xml
[13/02/2008|13:23] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedDataBase.bak
[13/02/2008|13:20] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\DatacommandResponseTmp.xml
[10/02/2008|20:17] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Poster
[10/02/2008|20:13] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedVideos
[10/02/2008|20:13] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Temp
[22/02/2008|19:28] C:\Users\MARIEA~1\AppData\Roaming\QuickZip45.ini\QuickZip45.ini
[31/01/2008|19:33] C:\Users\MARIEA~1\AppData\Roaming\Roxio\MediaManager9
[31/01/2008|19:33] C:\Users\MARIEA~1\AppData\Roaming\Roxio\Dragon
[18/02/2005|00:07] C:\Users\MARIEA~1\AppData\Roaming\Template\Normal.wpt
[03/02/2008|20:02] C:\Users\MARIEA~1\AppData\Roaming\UserTile.png\UserTile.png
[18/04/2008|15:48] C:\Users\MARIEA~1\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[11/05/2008 08:59][--ah-----] C:\Windows\tasks\SA.DAT
[11/05/2008 08:58][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[21/08/2007|23:49] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[03/03/2008|20:36] C:\ProgramData\Adobe
[18/01/2008|20:35] C:\ProgramData\Alexandra Ledermann 8
[17/01/2008|14:17] C:\ProgramData\Application Data
[17/01/2008|14:17] C:\ProgramData\Bureau
[09/05/2008|19:13] C:\ProgramData\CakeByteMail
[05/04/2008|09:34] C:\ProgramData\CyberLink
[09/05/2008|19:12] C:\ProgramData\datawarnwarn.gnn6p
[20/03/2008|20:26] C:\ProgramData\datawarnwarn.py54zb
[09/05/2008|21:03] C:\ProgramData\datawarnwarn.s6jntm5
[17/01/2008|14:17] C:\ProgramData\Documents
[17/04/2008|15:44] C:\ProgramData\eMule
[17/01/2008|14:17] C:\ProgramData\Favoris
[18/02/2008|11:26] C:\ProgramData\FLEXnet
[05/02/2008|12:53] C:\ProgramData\F-Secure
[05/02/2008|12:52] C:\ProgramData\fssg
[20/04/2008|12:43] C:\ProgramData\Google
[22/08/2007|00:31] C:\ProgramData\Hewlett-Packard
[20/01/2008|17:12] C:\ProgramData\HP
[22/08/2007|00:00] C:\ProgramData\hpzinstall.log
[17/01/2008|14:17] C:\ProgramData\Menu D‚marrer
[23/01/2008|19:47] C:\ProgramData\Microsoft
[03/05/2008|21:32] C:\ProgramData\Microsoft Help
[17/01/2008|14:17] C:\ProgramData\ModŠles
[21/08/2007|23:28] C:\ProgramData\Roxio
[31/01/2008|19:33] C:\ProgramData\Sonic
[17/01/2008|18:19] C:\ProgramData\Symantec
[21/02/2008|21:33] C:\ProgramData\WLInstaller
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[21/08/2007|23:49] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[05/03/2008|15:15] C:\Program Files\Adobe
[09/05/2008|17:05] C:\Program Files\Atari
[03/03/2008|20:36] C:\Program Files\Bonjour
[01/05/2008|12:30] C:\Program Files\CardDetector
[09/05/2008|17:04] C:\Program Files\Common Files
[21/08/2007|22:54] C:\Program Files\CONEXANT
[22/02/2008|22:38] C:\Program Files\Controle Parental
[18/01/2008|14:18] C:\Program Files\desktop.ini
[22/08/2007|00:02] C:\Program Files\EasyBits
[17/01/2008|14:17] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[21/04/2008|09:59] C:\Program Files\Google
[22/08/2007|00:26] C:\Program Files\Hewlett-Packard
[22/08/2007|00:26] C:\Program Files\HP
[22/08/2007|00:11] C:\Program Files\HPQ
[09/05/2008|17:05] C:\Program Files\InstallShield Installation Information
[10/04/2008|08:08] C:\Program Files\Internet Explorer
[03/05/2008|21:11] C:\Program Files\Java
[24/02/2008|20:50] C:\Program Files\LimeWire
[09/05/2008|21:17] C:\Program Files\Lopxp
[17/04/2008|14:35] C:\Program Files\Megaupload
[05/02/2008|14:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[21/08/2007|23:48] C:\Program Files\Microsoft Office
[21/08/2007|23:48] C:\Program Files\Microsoft Works
[21/08/2007|23:47] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[18/01/2008|10:07] C:\Program Files\MSXML 4.0
[22/08/2007|00:06] C:\Program Files\muvee Technologies
[01/05/2008|12:36] C:\Program Files\Orange
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[21/08/2007|23:29] C:\Program Files\Roxio
[22/08/2007|00:03] C:\Program Files\Services en ligne
[21/08/2007|22:52] C:\Program Files\Synaptics
[09/05/2008|20:02] C:\Program Files\Trend Micro
[03/03/2008|19:03] C:\Program Files\UBISOFT
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[18/01/2008|10:28] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[21/08/2007|23:36] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[20/04/2008|12:42] C:\Program Files\Windows Live
[10/04/2008|08:08] C:\Program Files\Windows Mail
[18/01/2008|10:28] C:\Program Files\Windows Media Player
[17/01/2008|14:17] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[18/01/2008|10:28] C:\Program Files\Windows Sidebar
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[03/03/2008|20:35] C:\Program Files\Common Files\Adobe
[21/08/2007|23:48] C:\Program Files\Common Files\DESIGNER
[01/05/2008|12:35] C:\Program Files\Common Files\France Telecom
[22/08/2007|00:00] C:\Program Files\Common Files\HP
[22/08/2007|00:09] C:\Program Files\Common Files\InstallShield
[22/08/2007|00:30] C:\Program Files\Common Files\Java
[22/08/2007|00:11] C:\Program Files\Common Files\LightScribe
[03/03/2008|20:17] C:\Program Files\Common Files\Macrovision Shared
[03/05/2008|21:27] C:\Program Files\Common Files\microsoft shared
[22/08/2007|00:06] C:\Program Files\Common Files\muvee Technologies
[21/08/2007|23:28] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[21/08/2007|23:28] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/08/2007|23:29] C:\Program Files\Common Files\SureThing Shared
[17/01/2008|18:19] C:\Program Files\Common Files\Symantec Shared
[18/01/2008|10:28] C:\Program Files\Common Files\System
[21/02/2008|21:39] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 51
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-11 09:00:12
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:8101][Doss:1083] C:\Users\MARIEA~1\AppData\Local\Temp
/!\ [Fich:648][Doss:1] C:\Users\MARIEA~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:180][Doss:11] C:\Users\MARIEA~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[ UAC => 1 ]
--------------------[ Fin du rapport a 9:03:15,95 ]----------------------
Le rapport du scan en ligne viendra après ;)
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : marieanne ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 11/05/2008 | 8:59:34,49 ] [ PC : PC-DE-MARIEANNE ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\ProgramData\Memo Drive Vc Log\Win Draw.exe
Supprimé! - C:\Program Files\Circle Developement\Uninstall.0xe
Supprimé! - C:\Users\MARIEA~1\AppData\Local\Temp\bis2DB6.exe
Supprimé! - C:\ProgramData\Memo Drive Vc Log
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[09/05/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Adobe\PatcherLogs
[05/04/2008|09:19] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Plugins
[20/03/2008|19:46] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Bridge CS3
[05/03/2008|15:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Workflow
[05/03/2008|15:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\CameraRaw
[03/03/2008|20:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Adobe Photoshop CS3
[18/02/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Color
[18/02/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Adobe PDF
[18/02/2008|11:29] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Stock Photos CS3
[18/02/2008|00:18] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Updater5
[17/02/2008|22:56] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Linguistics
[10/02/2008|13:35] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Flash Player
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Adobe\Acrobat
[20/01/2008|17:13] C:\Users\MARIEA~1\AppData\Roaming\CyberLink\PowerCinema
[20/01/2008|17:13] C:\Users\MARIEA~1\AppData\Roaming\CyberLink\PowerDVD
[15/04/2008|23:46] C:\Users\MARIEA~1\AppData\Roaming\eMule\config
[18/02/2008|19:16] C:\Users\MARIEA~1\AppData\Roaming\F-Secure\System Control
[17/01/2008|19:24] C:\Users\MARIEA~1\AppData\Roaming\F-Secure\Spam Control
[29/02/2008|18:09] C:\Users\MARIEA~1\AppData\Roaming\gtk-2.0\gtkfilechooser.ini
[17/01/2008|14:31] C:\Users\MARIEA~1\AppData\Roaming\Hewlett-Packard\HP Software UI
[20/01/2008|17:12] C:\Users\MARIEA~1\AppData\Roaming\HP\QuickPlay
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Identities\{7D2950D7-B297-4B7A-9D04-F81906E77648}
[17/04/2008|14:34] C:\Users\MARIEA~1\AppData\Roaming\InstallShield\ISEngine12.0
[20/04/2008|20:46] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\library.dat
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\filters.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\questions.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\tables.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\installation.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\mojito.props
[20/04/2008|12:52] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\limewire.props
[20/04/2008|12:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\fileurns.cache
[20/04/2008|12:48] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\createtimes.cache
[15/04/2008|17:12] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\version.xml
[15/04/2008|16:59] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\simpp.xml
[15/04/2008|16:59] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\.AppSpecialShare
[25/03/2008|14:15] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\spam.dat
[24/02/2008|20:55] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\xml
[24/02/2008|20:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\fileurns.bak
[24/02/2008|20:50] C:\Users\MARIEA~1\AppData\Roaming\LimeWire\themes
[17/01/2008|14:37] C:\Users\MARIEA~1\AppData\Roaming\Macromedia\Flash Player
[27/04/2008|21:00] C:\Users\MARIEA~1\AppData\Roaming\Megaupload\Mega Manager
[10/05/2008|20:00] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[08/05/2008|11:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Templates
[05/05/2008|20:09] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Word
[18/04/2008|15:48] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Office
[09/04/2008|19:16] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\CLView
[01/03/2008|14:21] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows Media Encoder
[21/02/2008|11:29] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Excel
[19/02/2008|19:14] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\MSN Messenger
[14/02/2008|21:05] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\IdentityCRL
[05/02/2008|20:39] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Internet Explorer
[05/02/2008|17:11] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Proof
[31/01/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Document Building Blocks
[31/01/2008|17:01] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\AddIns
[27/01/2008|17:47] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\eHome
[23/01/2008|19:47] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\HTML Help
[23/01/2008|15:11] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\UProof
[21/01/2008|18:35] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\OneNote
[21/01/2008|18:33] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Network
[21/01/2008|18:30] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\MMC
[18/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Windows
[18/01/2008|14:25] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\preuve
[17/01/2008|19:03] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Crypto
[17/01/2008|14:42] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Protect
[17/01/2008|14:39] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\SystemCertificates
[17/01/2008|14:31] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\CLR Security Config
[17/01/2008|14:29] C:\Users\MARIEA~1\AppData\Roaming\Microsoft\Credentials
[11/05/2008|08:01] C:\Users\MARIEA~1\AppData\Roaming\nvModes.001\nvModes.001
[08/05/2008|22:50] C:\Users\MARIEA~1\AppData\Roaming\nvModes.dat\nvModes.dat
[25/02/2008|17:54] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Data
[25/02/2008|15:14] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Player Orange.log
[13/02/2008|13:23] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedDataBase.xml
[13/02/2008|13:23] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedDataBase.bak
[13/02/2008|13:20] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\DatacommandResponseTmp.xml
[10/02/2008|20:17] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Poster
[10/02/2008|20:13] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\RentedVideos
[10/02/2008|20:13] C:\Users\MARIEA~1\AppData\Roaming\Player Orange\Temp
[22/02/2008|19:28] C:\Users\MARIEA~1\AppData\Roaming\QuickZip45.ini\QuickZip45.ini
[31/01/2008|19:33] C:\Users\MARIEA~1\AppData\Roaming\Roxio\MediaManager9
[31/01/2008|19:33] C:\Users\MARIEA~1\AppData\Roaming\Roxio\Dragon
[18/02/2005|00:07] C:\Users\MARIEA~1\AppData\Roaming\Template\Normal.wpt
[03/02/2008|20:02] C:\Users\MARIEA~1\AppData\Roaming\UserTile.png\UserTile.png
[18/04/2008|15:48] C:\Users\MARIEA~1\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[11/05/2008 08:59][--ah-----] C:\Windows\tasks\SA.DAT
[11/05/2008 08:58][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[21/08/2007|23:49] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[03/03/2008|20:36] C:\ProgramData\Adobe
[18/01/2008|20:35] C:\ProgramData\Alexandra Ledermann 8
[17/01/2008|14:17] C:\ProgramData\Application Data
[17/01/2008|14:17] C:\ProgramData\Bureau
[09/05/2008|19:13] C:\ProgramData\CakeByteMail
[05/04/2008|09:34] C:\ProgramData\CyberLink
[09/05/2008|19:12] C:\ProgramData\datawarnwarn.gnn6p
[20/03/2008|20:26] C:\ProgramData\datawarnwarn.py54zb
[09/05/2008|21:03] C:\ProgramData\datawarnwarn.s6jntm5
[17/01/2008|14:17] C:\ProgramData\Documents
[17/04/2008|15:44] C:\ProgramData\eMule
[17/01/2008|14:17] C:\ProgramData\Favoris
[18/02/2008|11:26] C:\ProgramData\FLEXnet
[05/02/2008|12:53] C:\ProgramData\F-Secure
[05/02/2008|12:52] C:\ProgramData\fssg
[20/04/2008|12:43] C:\ProgramData\Google
[22/08/2007|00:31] C:\ProgramData\Hewlett-Packard
[20/01/2008|17:12] C:\ProgramData\HP
[22/08/2007|00:00] C:\ProgramData\hpzinstall.log
[17/01/2008|14:17] C:\ProgramData\Menu D‚marrer
[23/01/2008|19:47] C:\ProgramData\Microsoft
[03/05/2008|21:32] C:\ProgramData\Microsoft Help
[17/01/2008|14:17] C:\ProgramData\ModŠles
[21/08/2007|23:28] C:\ProgramData\Roxio
[31/01/2008|19:33] C:\ProgramData\Sonic
[17/01/2008|18:19] C:\ProgramData\Symantec
[21/02/2008|21:33] C:\ProgramData\WLInstaller
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[21/08/2007|23:49] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[05/03/2008|15:15] C:\Program Files\Adobe
[09/05/2008|17:05] C:\Program Files\Atari
[03/03/2008|20:36] C:\Program Files\Bonjour
[01/05/2008|12:30] C:\Program Files\CardDetector
[09/05/2008|17:04] C:\Program Files\Common Files
[21/08/2007|22:54] C:\Program Files\CONEXANT
[22/02/2008|22:38] C:\Program Files\Controle Parental
[18/01/2008|14:18] C:\Program Files\desktop.ini
[22/08/2007|00:02] C:\Program Files\EasyBits
[17/01/2008|14:17] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[21/04/2008|09:59] C:\Program Files\Google
[22/08/2007|00:26] C:\Program Files\Hewlett-Packard
[22/08/2007|00:26] C:\Program Files\HP
[22/08/2007|00:11] C:\Program Files\HPQ
[09/05/2008|17:05] C:\Program Files\InstallShield Installation Information
[10/04/2008|08:08] C:\Program Files\Internet Explorer
[03/05/2008|21:11] C:\Program Files\Java
[24/02/2008|20:50] C:\Program Files\LimeWire
[09/05/2008|21:17] C:\Program Files\Lopxp
[17/04/2008|14:35] C:\Program Files\Megaupload
[05/02/2008|14:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[21/08/2007|23:48] C:\Program Files\Microsoft Office
[21/08/2007|23:48] C:\Program Files\Microsoft Works
[21/08/2007|23:47] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[18/01/2008|10:07] C:\Program Files\MSXML 4.0
[22/08/2007|00:06] C:\Program Files\muvee Technologies
[01/05/2008|12:36] C:\Program Files\Orange
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[21/08/2007|23:29] C:\Program Files\Roxio
[22/08/2007|00:03] C:\Program Files\Services en ligne
[21/08/2007|22:52] C:\Program Files\Synaptics
[09/05/2008|20:02] C:\Program Files\Trend Micro
[03/03/2008|19:03] C:\Program Files\UBISOFT
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[18/01/2008|10:28] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[21/08/2007|23:36] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[20/04/2008|12:42] C:\Program Files\Windows Live
[10/04/2008|08:08] C:\Program Files\Windows Mail
[18/01/2008|10:28] C:\Program Files\Windows Media Player
[17/01/2008|14:17] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[18/01/2008|10:28] C:\Program Files\Windows Sidebar
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[03/03/2008|20:35] C:\Program Files\Common Files\Adobe
[21/08/2007|23:48] C:\Program Files\Common Files\DESIGNER
[01/05/2008|12:35] C:\Program Files\Common Files\France Telecom
[22/08/2007|00:00] C:\Program Files\Common Files\HP
[22/08/2007|00:09] C:\Program Files\Common Files\InstallShield
[22/08/2007|00:30] C:\Program Files\Common Files\Java
[22/08/2007|00:11] C:\Program Files\Common Files\LightScribe
[03/03/2008|20:17] C:\Program Files\Common Files\Macrovision Shared
[03/05/2008|21:27] C:\Program Files\Common Files\microsoft shared
[22/08/2007|00:06] C:\Program Files\Common Files\muvee Technologies
[21/08/2007|23:28] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[21/08/2007|23:28] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/08/2007|23:29] C:\Program Files\Common Files\SureThing Shared
[17/01/2008|18:19] C:\Program Files\Common Files\Symantec Shared
[18/01/2008|10:28] C:\Program Files\Common Files\System
[21/02/2008|21:39] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 51
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-11 09:00:12
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:8101][Doss:1083] C:\Users\MARIEA~1\AppData\Local\Temp
/!\ [Fich:648][Doss:1] C:\Users\MARIEA~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:180][Doss:11] C:\Users\MARIEA~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[ UAC => 1 ]
--------------------[ Fin du rapport a 9:03:15,95 ]----------------------
Le rapport du scan en ligne viendra après ;)
