rapport hijackthis a décripter!!!

Question

Bonjour,problèmes avec internet explorer qui cesse sans arret de fonctionner..???merci d'avance a celui ou celle qui pourra m'aider:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:11:52, on 09/05/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\s3trayp.exe
C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATICDE.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Windows\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe 1
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_SB824.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [siteblah] "C:\ProgramData\okay meet meet.tc66x"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\Thunk Else Show.l27vhj7"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Readereader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix: 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe

Utilisateur anonyme · Answer

Salut
tu as quoi comme antivirus et antispyware?

Sloeb88 · Answer

nico2008 tu pourraiti decripté le mien aussi stp ?

djeff-30 · Answer

je vien de vérif..je crois que c'est window defender e tout les cas lui me dis que tout va bien sur mon pc!!!alors que ce n'est pas vrai :gros problèmes avec internet explorer...??

Utilisateur anonyme · Answer

Fais analyser ton pc avec ton antivirus et spybot (télécharge-le)

jlpjlp · Answer

slt,



télécharge OTMoveIt 
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.  Ou sur  https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer. 
copie la liste qui se trouve en citation ci-dessous, 
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved. 

Citation : 

C:\ProgramData\Thunk Else Show.l27vhj7

clique sur MoveIt! pour lancer la suppression. 
le résultat apparaitra dans le cadre "Results". 
clique sur Exit pour fermer. 
poste le rapport situé dans C:\_OTMoveIt\MovedFiles. 

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes. 

__________________


Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection): 

- Va dans démarrer puis panneau de configuration 
- Double Clique sur l'icône "Comptes d'utilisateurs" 
- Clique ensuite sur désactiver et valide. 


télécharge combofix (par sUBs) ici : 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe 

et enregistre le sur le bureau. 

déconnecte toi d'internet et ferme toutes tes applications. 

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware) 


double-clique sur combofix.exe et suis les instructions 

à la fin, il va produire un rapport C:\ComboFix.txt 

réactive ton parefeu, ton antivirus, la garde de ton antispyware 

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse. 

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi. 

Tu as un tutoriel complet ici : 

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix 

_______________________


tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 

* Double-clique dessus pour lancer l'installation 
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau 
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche) 
* Patiente jusqu'à la fin du scan 
* Poste le rapport généré (C:\lopR.txt)

jlpjlp · Answer

copie/colle le rapport dans poste de travail puisC:\ComboFix.txt

djeff-30 · Answer

ok...j'avai pas les yeux ou il fallait!!
ComboFix 08-05-11.1 - jeff 2008-05-12 18:37:06.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique   6.0.6000.0.1252.1.1036.18.97 [GMT 2:00]
Endroit: C:\Users\jeff\Desktop\ComboFix.exe
 * Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((   Fichiers créés 2008-04-12 to 2008-05-12  ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-12 14:04	---------	d-----w	C:\ProgramData\Spybot - Search & Destroy
2008-05-12 12:36	---------	d-----w	C:\Program Files\Spybot - Search & Destroy
2008-05-11 21:26	---------	d-----w	C:\ProgramData\Google Updater
2008-05-11 20:16	---------	d-----w	C:\Users\jeff\AppData\Roaming\LimeWire
2008-05-10 16:10	---------	d-----w	C:\ProgramData\Messenger Plus!
2008-05-10 16:09	---------	d-----w	C:\Program Files\Messenger Plus! Live
2008-05-10 16:09	---------	d-----w	C:\Program Files\Circle Developement
2008-05-10 15:54	---------	d-----w	C:\ProgramData\WLInstaller
2008-05-09 19:03	---------	d-----w	C:\Program Files\Yahoo!
2008-05-09 19:03	---------	d-----w	C:\Program Files\CCleaner
2008-05-09 13:47	---------	d-----w	C:\Program Files\Adverts
2008-05-09 12:11	---------	d-----w	C:\Program Files\Trend Micro
2008-05-03 20:50	---------	d-----w	C:\Program Files\a-squared Free
2008-05-03 13:41	---------	d-----w	C:\ProgramData\BOONTY
2008-05-03 13:39	---------	d-----w	C:\Program Files\Common Files\BOONTY Shared
2008-05-03 11:22	---------	d-----w	C:\Program Files\LimeWire
2008-05-02 13:38	---------	d-----w	C:\Users\eilidh\AppData\Roaming\Yahoo!
2008-05-02 09:05	---------	d-----w	C:\Users\jeff\AppData\Roaming\DivX
2008-05-02 07:43	---------	d-----w	C:\Program Files\Microsoft Games
2008-04-30 15:27	---------	d-----w	C:\ProgramData\Buildwarnlog
2008-04-30 15:24	---------	d-----w	C:\ProgramData	hird lies itch ford
2008-04-30 15:02	---------	d-----w	C:\Program Files\MessengerPlus! 3
2008-04-29 16:36	---------	d-----w	C:\ProgramData\Apple Computer
2008-04-29 16:36	---------	d-----w	C:\Program Files\VistaCodecPack
2008-04-29 16:29	---------	d-----w	C:\Program Files\illiminable
2008-04-29 11:07	---------	d-----w	C:\Program Files\DivX
2008-04-29 11:06	---------	d-----w	C:\Program Files\Common Files\PX Storage Engine
2008-04-29 11:03	---------	d-----w	C:\Users\jeff\AppData\Roaming\Yahoo!
2008-04-28 08:42	---------	d-----w	C:\Users\jeff\AppData\Roaming\EPSON
2008-04-28 07:47	---------	d--h--w	C:\Program Files\InstallShield Installation Information
2008-04-28 07:33	---------	d-----w	C:\Program Files\Common Files\InstallShield
2008-04-28 07:23	---------	d-----w	C:\ProgramData\UDL
2008-04-28 07:20	---------	d-----w	C:\Program Files\epson
2008-04-28 07:13	---------	d-----w	C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-04-28 07:05	---------	d-----w	C:\Users\jeff\AppData\Roaming\InstallShield
2008-04-28 07:03	---------	d-----w	C:\ProgramData\EPSON
2008-04-26 13:26	---------	d-----w	C:\Users\jeff\AppData\Roaming\Ahead
2008-04-25 22:33	---------	d-----w	C:\Program Files\Java
2008-04-24 18:59	---------	d-----w	C:\Program Files\Common Files\Java
2008-04-23 21:27	---------	d-----w	C:\Program Files\Windows Live
2008-04-23 20:40	---------	d-----w	C:\Program Files\Micro Application
2008-04-23 20:19	---------	d-----w	C:\Program Files\Google
2008-04-23 10:05	---------	d-----w	C:\Users\jeff\AppData\Roaming\vlc
2008-04-23 10:05	---------	d-----w	C:\Program Files\VideoLAN
2008-04-23 08:04	---------	d-----w	C:\Program Files\Dofus
2008-04-23 01:14	---------	d-----w	C:\Program Files\Windows Mail
2008-04-23 01:14	---------	d-----w	C:\Program Files\Windows Defender
2008-04-23 01:14	---------	d-----w	C:\Program Files\Windows Calendar
2008-04-23 01:07	70,144	----a-w	C:\Windows\system32\drivers\pacer.sys
2008-04-23 01:07	619,008	----a-w	C:\Windows\system32\drivers\dxgkrnl.sys
2008-04-23 01:07	61,952	----a-w	C:\Windows\system32\drivers\wanarp.sys
2008-04-23 01:07	48,640	----a-w	C:\Windows\system32\drivers
dproxy.sys
2008-04-23 01:07	20,480	----a-w	C:\Windows\system32\drivers
distapi.sys
2008-04-23 01:06	28,344	----a-w	C:\Windows\system32\drivers\battc.sys
2008-04-23 01:06	258,232	----a-w	C:\Windows\system32\drivers\acpi.sys
2008-04-23 01:06	20,920	----a-w	C:\Windows\system32\drivers\compbatt.sys
2008-04-23 01:06	2,923,520	----a-w	C:\Windows\explorer.exe
2008-04-23 01:06	14,208	----a-w	C:\Windows\system32\drivers\CmBatt.sys
2008-04-23 01:05	110,080	----a-w	C:\Windows\system32\drivers\mrxdav.sys
2008-04-23 01:04	41,984	----a-w	C:\Windows\system32\drivers\monitor.sys
2008-04-23 01:04	1,060,920	----a-w	C:\Windows\system32\drivers
tfs.sys
2008-04-22 21:05	---------	d-----w	C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-22 21:00	---------	d-----w	C:\Program Files\Windows Live Toolbar
2008-04-22 21:00	---------	d-----w	C:\Program Files\Windows Live Favorites
2008-04-22 20:37	---------	dcsh--w	C:\Program Files\Common Files\WindowsLiveInstaller
2008-04-22 15:45	174	--sha-w	C:\Program Files\desktop.ini
2008-04-22 15:39	---------	d-----w	C:\Program Files\Windows Sidebar
2008-04-22 15:33	63,488	----a-w	C:\Windows\system32\drivers\mpsdrv.sys
2008-04-22 15:33	23,040	----a-w	C:\Windows\system32\drivers	unnel.sys
2008-04-22 15:33	15,360	----a-w	C:\Windows\system32\drivers\TUNMP.SYS
2008-04-22 15:32	---------	d-----w	C:\Program Files\Alwil Software
2008-04-22 15:30	45,112	----a-w	C:\Windows\system32\drivers\pciidex.sys
2008-04-22 15:30	211,000	----a-w	C:\Windows\system32\drivers\volsnap.sys
2008-04-22 15:30	21,560	----a-w	C:\Windows\system32\drivers\atapi.sys
2008-04-22 15:30	20,024	----a-w	C:\Windows\system32\drivers\viaide.sys
2008-04-22 15:30	154,624	----a-w	C:\Windows\system32\drivers
wifi.sys
2008-04-22 15:30	110,136	----a-w	C:\Windows\system32\drivers\ataport.sys
2008-04-22 15:29	73,216	----a-w	C:\Windows\system32\drivers\usbccgp.sys
2008-04-22 15:29	5,888	----a-w	C:\Windows\system32\drivers\usbd.sys
2008-04-22 15:29	38,400	----a-w	C:\Windows\system32\drivers\usbehci.sys
2008-04-22 15:29	23,040	----a-w	C:\Windows\system32\drivers\usbuhci.sys
2008-04-22 15:29	224,768	----a-w	C:\Windows\system32\drivers\usbport.sys
2008-04-22 15:29	193,536	----a-w	C:\Windows\system32\drivers\usbhub.sys
2008-04-22 15:27	803,328	----a-w	C:\Windows\system32\drivers	cpip.sys
2008-04-22 15:27	216,632	----a-w	C:\Windows\system32\drivers
etio.sys
2008-04-22 15:23	54,784	----a-w	C:\Windows\system32\drivers\i8042prt.sys
2008-04-22 15:23	495,160	----a-w	C:\Windows\system32\drivers\Wdf01000.sys
2008-04-22 15:23	35,384	----a-w	C:\Windows\system32\drivers\WdfLdr.sys
2008-04-22 15:23	35,384	----a-w	C:\Windows\system32\drivers\kbdclass.sys
2008-04-22 15:23	34,360	----a-w	C:\Windows\system32\drivers\mouclass.sys
2008-04-22 15:23	19,968	----a-w	C:\Windows\system32\drivers\sermouse.sys
2008-04-22 15:14	537,600	----a-w	C:\Windows\AppPatch\AcLayers.dll
2008-04-22 15:14	449,536	----a-w	C:\Windows\AppPatch\AcSpecfc.dll
2008-04-22 15:14	2,560	----a-w	C:\Windows\AppPatch\AcRes.dll
2008-04-22 15:14	2,144,256	----a-w	C:\Windows\AppPatch\AcGenral.dll
2008-04-22 15:14	173,056	----a-w	C:\Windows\AppPatch\AcXtrnal.dll
2008-04-22 15:11	53,760	----a-w	C:\Windows\system32\drivers\hdaudbus.sys
2008-04-22 15:10	84,992	----a-w	C:\Windows\system32\drivers\srvnet.sys
2008-04-22 15:10	58,368	----a-w	C:\Windows\system32\drivers\mrxsmb20.sys
2008-04-22 15:10	130,048	----a-w	C:\Windows\system32\drivers\srv2.sys
.

------- Sigcheck -------

.
(((((((((((((((((((((((((((((((((   Point de chargement Reg   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 14:34 2159104 C:\Windows\System32\oobefldr.dll]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-23 21:34 68856]
"EPSON Stylus DX7400 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.exe" [2007-04-12 08:00 182272]
"siteblah"="C:\ProgramData\okay meet meet.tc66x" [2008-04-30 17:15 266256]
"Itch ford four knob"="C:\ProgramData\Thunk Else Show.l27vhj7" [ ]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-04-30 17:02 190024]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-04-23 03:04 1006264]
"S3Trayp"="S3trayp.exe" [2007-03-07 12:42 176128 C:\Windows\System32\s3trayp.exe]
"HDAudDeck"="C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe" [2007-02-16 12:28 1122304]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 21:43 729088]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-10 13:14 815104]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Reader 8.0\Readereader_sl.exe [2006-10-23 01:48:20 40048]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-23 21:34:27 124400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.avis"= ff_acm.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{CFB51250-B034-47F6-9ABE-18D2C486B079}C:\program files\emule\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{6B2AEDFA-0AD0-4E9E-910D-2A5DD153BC0D}C:\program files\emule\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{B8836229-FDDC-4B78-9DF5-58B57492AF70}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F7E22B53-36A3-41F7-B314-E88DCE9185FF}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{F4EF4B8D-69B1-4570-9A8B-01B2AA647C19}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\Windows\system32\DRIVERS\fetnd5bv.sys [2006-12-20 16:00]
R3 S3GIGP;S3GIGP;C:\Windows\system32\DRIVERS\VTGKModeDX32.sys [2007-03-07 12:30]
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\Windows\system32\DRIVERS\sis163u.sys [2007-01-25 14:16]
S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [2008-05-03 15:39]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-22 21:00:27 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 18:41:16
Windows 6.0.6000  NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  HDAudDeck = C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe 1???????????????????????????????????????????????????????? 

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-12 18:43:04
ComboFix-quarantined-files.txt  2008-05-12 16:42:52

      Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
      Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

190	--- E O F ---	2008-05-06 23:46:20

jlpjlp · Answer

pour fusionner:

http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

___________________


Ferme tout tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :








File::
C:\ProgramData\Thunk Else Show.l27vhj7
C:\ProgramData\okay meet meet.tc66x

Registry::

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"=-
"siteblah"=-



Enregistre ce fichier sous le nom CFscript


Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

Remets aussi un rapport Hijackthis


Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt



________________

désactive tes protection et retelecharge lop sd qui marche sous vista et colle rapport

djeff-30 · Answer

ok...seulement: glisser/déposer c'est bien ce que tu décris ensuite??et je n'ai trouvé que lop XP pas lop SD,,c'est la meme chose??ou 2 trucs différants??

jlpjlp · Answer

c'est different! lop xp ne parche pas sous vista!


ici:

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

jlpjlp · Answer

tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

______________


 colle le rapport d'un scan en ligne 
avec un des suivants: 


bitdefender en ligne : 
http://www.bitdefender.fr/scan_fr/scan8/ie.html 

Panda en ligne : 
http://pandasoftware.fr

Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

djeff-30 · Answer

voila pour le hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:13:07, on 12/05/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\s3trayp.exe
C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
c:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe 1
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_SB824.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\Thunk Else Show.l27vhj7"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [siteblah] "C:\ProgramData\okay meet meet.tc66x"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Readereader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe

djeff-30 · Answer

j'ai eu un peu de mal...mais réussi tout de meme!!!!
lop S&D:


   -----------------------[  Lop S&D 4.2.0-8  XP/Vista  ]---------------------

   [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
   [ USER : jeff ] [ "C:\Lop SD" ] [ Selection : 1 ]
   [ 12/05/2008 | 23:32:06.03 ] [ PC : PC-DE-JEFF ]
   [ MAJ : 11-05-2008 | 18:25 ]
   [ UAC => 0 ]
 
   -------------[ Listing des dossiers dans Application Data ]------------  

   [02/05/2008|14:25] C:\Users\jeff\AppData\Roaming\Adobe\Linguistics
   [27/04/2008|17:26] C:\Users\jeff\AppData\Roaming\Adobe\Flash Player
   [22/04/2008|16:29] C:\Users\jeff\AppData\Roaming\Adobe\Acrobat

   [26/04/2008|16:03] C:\Users\jeff\AppData\Roaming\Ahead\Nero Burning ROM

   [02/05/2008|11:05] C:\Users\jeff\AppData\Roaming\DivX\DivX Codec

   [28/04/2008|10:42] C:\Users\jeff\AppData\Roaming\EPSON\Creativity Suite

   [09/05/2008|21:14] C:\Users\jeff\AppData\Roaming\Google\Local Search History
   [23/04/2008|22:23] C:\Users\jeff\AppData\Roaming\Google\GoogleEarth

   [22/04/2008|16:28] C:\Users\jeff\AppData\Roaming\Identities\{6C4D22E6-87ED-4140-8FC9-ECEAEAF16080}

   [28/04/2008|09:05] C:\Users\jeff\AppData\Roaming\InstallShield\ISEngine12.0

   [12/05/2008|22:30] C:\Users\jeff\AppData\Roaming\LimeWire\library.dat
   [12/05/2008|22:30] C:\Users\jeff\AppData\Roaming\LimeWire\spam.dat
   [12/05/2008|22:30] C:\Users\jeff\AppData\Roaming\LimeWire\questions.props
   [12/05/2008|22:30] C:\Users\jeff\AppData\Roaming\LimeWire	ables.props
   [12/05/2008|22:30] C:\Users\jeff\AppData\Roaming\LimeWire\installation.props
   [12/05/2008|22:30] C:\Users\jeff\AppData\Roaming\LimeWire\mojito.props
   [12/05/2008|22:30] C:\Users\jeff\AppData\Roaming\LimeWire\limewire.props
   [12/05/2008|22:30] C:\Users\jeff\AppData\Roaming\LimeWire\gnutella.net
   [12/05/2008|19:32] C:\Users\jeff\AppData\Roaming\LimeWire\createtimes.cache
   [12/05/2008|19:32] C:\Users\jeff\AppData\Roaming\LimeWire\fileurns.cache
   [12/05/2008|01:16] C:\Users\jeff\AppData\Roaming\LimeWire\active.mojito
   [08/05/2008|05:46] C:\Users\jeff\AppData\Roaming\LimeWire\passive.mojito
   [08/05/2008|00:07] C:\Users\jeff\AppData\Roaming\LimeWire\filters.props
   [03/05/2008|13:42] C:\Users\jeff\AppData\Roaming\LimeWire\simpp.xml
   [03/05/2008|12:44] C:\Users\jeff\AppData\Roaming\LimeWire	tree.cache
   [26/04/2008|15:05] C:\Users\jeff\AppData\Roaming\LimeWireesponses.cache
   [26/04/2008|14:12] C:\Users\jeff\AppData\Roaming\LimeWire\414splashfree.png
   [24/04/2008|21:11] C:\Users\jeff\AppData\Roaming\LimeWire\.NetworkShare
   [24/04/2008|21:11] C:\Users\jeff\AppData\Roaming\LimeWire\version.xml
   [24/04/2008|21:08] C:\Users\jeff\AppData\Roaming\LimeWire\fileurns.bak
   [24/04/2008|21:07] C:\Users\jeff\AppData\Roaming\LimeWire\.AppSpecialShare
   [24/04/2008|21:07] C:\Users\jeff\AppData\Roaming\LimeWire\xml
   [24/04/2008|21:07] C:\Users\jeff\AppData\Roaming\LimeWire	hemes

   [11/05/2008|07:44] C:\Users\jeff\AppData\Roaming\Macromedia\Flash Player

   [12/05/2008|16:21] C:\Users\jeff\AppData\Roaming\Microsoft\HTML Help
   [30/04/2008|12:43] C:\Users\jeff\AppData\Roaming\Microsoft\MSN Messenger
   [23/04/2008|23:20] C:\Users\jeff\AppData\Roaming\Microsoft\Windows
   [23/04/2008|08:44] C:\Users\jeff\AppData\Roaming\Microsoft\Internet Explorer
   [22/04/2008|23:03] C:\Users\jeff\AppData\Roaming\Microsoft\WLTB Custom Buttons
   [22/04/2008|23:03] C:\Users\jeff\AppData\Roaming\Microsoft\MSNLiveFav
   [22/04/2008|22:55] C:\Users\jeff\AppData\Roaming\Microsoft\Crypto
   [22/04/2008|22:50] C:\Users\jeff\AppData\Roaming\Microsoft\IdentityCRL
   [22/04/2008|16:29] C:\Users\jeff\AppData\Roaming\Microsoft\SystemCertificates
   [22/04/2008|16:28] C:\Users\jeff\AppData\Roaming\Microsoft\Protect
   [22/04/2008|16:28] C:\Users\jeff\AppData\Roaming\Microsoft\Credentials

   [04/05/2008|19:34] C:\Users\jeff\AppData\Roaming\Mozilla\Firefox

   [12/05/2008|12:55] C:\Users\jeff\AppData\Roaming\vlc\vlcrc
   [23/04/2008|12:05] C:\Users\jeff\AppData\Roaming\vlc\cache

   [29/04/2008|13:03] C:\Users\jeff\AppData\Roaming\Yahoo!\Companion
 
   ----------------[ Tâches planifiées dans C:\Windows	asks ]---------------

   [22/04/2008 23:00][--a------] C:\Windows	asks\V‚rifier les mises … jour de Windows Live Toolbar.job
   [12/05/2008 23:30][--ah-----] C:\Windows	asks\SA.DAT
   [12/05/2008 23:28][--a------] C:\Windows	asks\SCHEDLGU.TXT
  
   ------[ Listing des dossiers dans C:\ProgramData ]------
   
   [13/04/2007|05:24] C:\ProgramData\Adobe
   [29/04/2008|18:36] C:\ProgramData\Apple Computer
   [02/11/2006|14:59] C:\ProgramData\Application Data 
   [03/05/2008|15:41] C:\ProgramData\BOONTY
   [30/04/2008|17:27] C:\ProgramData\Buildwarnlog
   [22/04/2008|16:23] C:\ProgramData\Bureau 
   [02/11/2006|14:59] C:\ProgramData\Desktop 
   [02/11/2006|14:59] C:\ProgramData\Documents 
   [22/04/2008|16:49] C:\ProgramData\eMule
   [28/04/2008|09:03] C:\ProgramData\EPSON
   [22/04/2008|16:23] C:\ProgramData\Favoris 
   [02/11/2006|14:59] C:\ProgramData\Favorites 
   [23/04/2008|21:35] C:\ProgramData\Google
   [11/05/2008|23:26] C:\ProgramData\Google Updater
   [22/04/2008|16:23] C:\ProgramData\Menu D‚marrer 
   [10/05/2008|18:10] C:\ProgramData\Messenger Plus!
   [02/05/2008|14:16] C:\ProgramData\Microsoft
   [22/04/2008|16:23] C:\ProgramData\ModŠles 
   [12/05/2008|18:47] C:\ProgramData
tuser.pol
   [30/04/2008|17:15] C:\ProgramData\okay meet meet.5412gf
   [30/04/2008|17:15] C:\ProgramData\okay meet meet.tc66x
   [12/05/2008|16:04] C:\ProgramData\Spybot - Search & Destroy
   [02/11/2006|14:59] C:\ProgramData\Start Menu 
   [02/11/2006|14:59] C:\ProgramData\Templates 
   [30/04/2008|17:24] C:\ProgramData	hird lies itch ford
   [28/04/2008|09:23] C:\ProgramData\UDL
   [10/05/2008|17:54] C:\ProgramData\WLInstaller
 
   ---------------[ Listing des dossiers dans C:\Program Files ]--------------
 
   [28/04/2008|09:13] C:\Program Files\ABBYY FineReader 6.0 Sprint
   [13/04/2007|05:23] C:\Program Files\Adobe
   [09/05/2008|15:47] C:\Program Files\Adverts
   [22/04/2008|17:32] C:\Program Files\Alwil Software
   [03/05/2008|22:50] C:\Program Files\a-squared Free
   [09/05/2008|21:03] C:\Program Files\CCleaner
   [10/05/2008|18:09] C:\Program Files\Circle Developement
   [03/05/2008|15:39] C:\Program Files\Common Files
   [22/04/2008|17:45] C:\Program Files\desktop.ini
   [29/04/2008|13:07] C:\Program Files\DivX
   [23/04/2008|10:04] C:\Program Files\Dofus
   [22/04/2008|16:48] C:\Program Files\eMule
   [28/04/2008|09:20] C:\Program Files\epson
   [22/04/2008|16:23] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [23/04/2008|22:19] C:\Program Files\Google
   [29/04/2008|18:29] C:\Program Files\illiminable
   [28/04/2008|09:47] C:\Program Files\InstallShield Installation Information
   [22/04/2008|17:39] C:\Program Files\Internet Explorer
   [13/04/2007|05:37] C:\Program Files\InterVideo
   [26/04/2008|00:33] C:\Program Files\Java
   [03/05/2008|13:22] C:\Program Files\LimeWire
   [13/04/2007|05:30] C:\Program Files\MB application
   [10/05/2008|18:09] C:\Program Files\Messenger Plus! Live
   [30/04/2008|17:02] C:\Program Files\MessengerPlus! 3
   [23/04/2008|22:40] C:\Program Files\Micro Application
   [02/05/2008|09:43] C:\Program Files\Microsoft Games
   [22/04/2008|23:05] C:\Program Files\Microsoft SQL Server Compact Edition
   [13/04/2007|05:21] C:\Program Files\Motorola
   [02/11/2006|14:40] C:\Program Files\Movie Maker
   [01/05/2008|16:23] C:\Program Files\Mozilla Firefox
   [02/11/2006|14:35] C:\Program Files\MSBuild
   [02/11/2006|14:35] C:\Program Files\MSN
   [22/04/2008|17:07] C:\Program Files\MSXML 4.0
   [13/04/2007|05:30] C:\Program Files\Nero
   [02/11/2006|14:35] C:\Program Files\Reference Assemblies
   [12/05/2008|14:36] C:\Program Files\Spybot - Search & Destroy
   [13/04/2007|05:22] C:\Program Files\Synaptics
   [09/05/2008|14:11] C:\Program Files\Trend Micro
   [02/11/2006|14:58] C:\Program Files\Uninstall Information
   [13/04/2007|05:19] C:\Program Files\VIA
   [23/04/2008|12:05] C:\Program Files\VideoLAN
   [29/04/2008|18:36] C:\Program Files\VistaCodecPack
   [23/04/2008|03:14] C:\Program Files\Windows Calendar
   [02/11/2006|14:40] C:\Program Files\Windows Collaboration
   [23/04/2008|03:14] C:\Program Files\Windows Defender
   [23/04/2008|23:27] C:\Program Files\Windows Live
   [22/04/2008|23:00] C:\Program Files\Windows Live Favorites
   [22/04/2008|23:00] C:\Program Files\Windows Live Toolbar
   [23/04/2008|03:14] C:\Program Files\Windows Mail
   [23/04/2008|03:14] C:\Program Files\Windows Media Player
   [22/04/2008|16:23] C:\Program Files\Windows NT
   [02/11/2006|14:40] C:\Program Files\Windows Photo Gallery
   [22/04/2008|17:39] C:\Program Files\Windows Sidebar
   [09/05/2008|21:03] C:\Program Files\Yahoo!
  
   ------[ Listing des dossiers dans C:\Program Files\Common Files ]------
   
   [13/04/2007|05:23] C:\Program Files\Common Files\Adobe
   [13/04/2007|05:33] C:\Program Files\Common Files\Ahead
   [03/05/2008|15:39] C:\Program Files\Common Files\BOONTY Shared
   [13/04/2007|05:42] C:\Program Files\Common Files\Fujitsu Siemens Computers
   [28/04/2008|09:33] C:\Program Files\Common Files\InstallShield
   [13/04/2007|05:37] C:\Program Files\Common Files\InterVideo
   [24/04/2008|20:59] C:\Program Files\Common Files\Java
   [22/04/2008|22:37] C:\Program Files\Common Files\microsoft shared
   [29/04/2008|13:06] C:\Program Files\Common Files\PX Storage Engine
   [02/11/2006|13:18] C:\Program Files\Common Files\Services
   [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
   [23/04/2008|03:14] C:\Program Files\Common Files\System
   [22/04/2008|22:37] C:\Program Files\Common Files\WindowsLiveInstaller

   ---------------------------[ Process ]--------------------------

   ... 59

   iexplore.exe ~ [4008]

   ----------------------[ Recherche avec S_Lop ]---------------------

   C:\ProgramData\okay meet meet.5412gf
   C:\ProgramData\okay meet meet.tc66x
   C:\ProgramData\okay meet meet.tc66x
 
   -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

   C:\ProgramData	hird lies itch ford
   C:\ProgramData	hird lies itch ford\LOUD GLOBAL.exe
   C:\Program Files\Adverts
   C:\Program Files\Circle Developement
   C:\Program Files\Circle Developement\Uninstall.exe
 
   ----------------------[ Verification du Registre ]----------------------

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 
   ..... OK !

   --------------------[ Verification du fichier Hosts ]---------------------

   Fichier Hosts PROPRE


   ----------------[ Recherche de fichiers avec Catchme ]-----------------
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-05-12 23:33:43
   Windows 6.0.6000  NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------[ Recherche d'autres infections ]---------------------


   Aucune autre infection trouvée  !

   /!\ [Fich:20][Doss:7] C:\Users\jeff\AppData\Local\Temp
   /!\ [Fich:28][Doss:1] C:\Users\jeff\AppData\Roaming\MICROS~1\Windows\Cookies
   /!\ [Fich:110][Doss:4] C:\Users\jeff\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

   [ UAC => 1 ]

   --------------------[ Fin du rapport a 23:37:13.10  ]----------------------

bonne nuit!!!suite a quand tu le pourra??merci pour ton aide....a bientot un résultat??

djeff-30 · Answer

bonjours!
alors j'ai essayé les scans en lignes que tu me propose mais je n'arrive a en lancer aucun des 3!!!
pour bit defender ça se passe normalement au debut et ensuite il se met en echec et m'indique qu'il est impossible de scanner mon ordi..?
pour panda..a chaque fois que je le lance j'ai avast qui se met en alerte et me dit que j'ai un virus sur mon ordi qui viendrai de ..panda!!!!
ensuite kaspersky:il n'existe pas encore de version compatible avec vista!!!
voila....je vais en faire un avec trend micro...je sais que celui ci sera accepté ar mon ordi...
et je reviens poster le rapport...

jlpjlp · Answer

relance lop SD et choisi l'option 2 pour desinfécté et colle le rapport


______________

désactive avast le temps de faire un scan avec panda

Dialopa · Answer

Moi aussi j'ai le même problème avec un virus de type Raïla Odinga. il s'est créé un fichier du type zif et cahque fois lorsque je l'effacer, 3 secondes après, le fichier reappparait. Je viens d'installer HijackThis e t en voici le rapport; mais je ne sais pas l'interpreter. si qulq'un peut le faire pour pour moi et me dire que faire pour me débarasser de ce virus.
J'ai comme antivirus: McAfee Virus Scan Entreprise 8,5i
Merci de tous vos conseils.

jlpjlp · Answer

slt cré ton propre message et on t'aidera

djeff-30 · Answer

salut!!!je rentre juste!!!voila le rapport lop SD 2ème:


   -----------------------[  Lop S&D 4.2.0-8  XP/Vista  ]---------------------

   [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
   [ USER : jeff ] [ "C:\Lop SD" ] [ Selection : 2 ]
   [ 13/05/2008 | 17:53:11.37 ] [ PC : PC-DE-JEFF ]
   [ MAJ : 11-05-2008 | 18:25 ]
   [ UAC => 0 ]


   \\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

   Supprimé! - C:\ProgramData	hird lies itch ford\LOUD GLOBAL.exe
   Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
   Supprimé! - C:\ProgramData\okay meet meet.5412gf
   Supprimé! - C:\ProgramData\okay meet meet.tc66x
   Supprimé! - C:\ProgramData	hird lies itch ford
   Supprimé! - C:\Program Files\Adverts
   Supprimé! - C:\Program Files\Circle Developement
   Restauré! - Fichier Hosts
 
   //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\ 

 
   -------------[ Listing des dossiers dans Application Data ]------------  

   [02/05/2008|14:25] C:\Users\jeff\AppData\Roaming\Adobe\Linguistics
   [27/04/2008|17:26] C:\Users\jeff\AppData\Roaming\Adobe\Flash Player
   [22/04/2008|16:29] C:\Users\jeff\AppData\Roaming\Adobe\Acrobat

   [26/04/2008|16:03] C:\Users\jeff\AppData\Roaming\Ahead\Nero Burning ROM

   [02/05/2008|11:05] C:\Users\jeff\AppData\Roaming\DivX\DivX Codec

   [28/04/2008|10:42] C:\Users\jeff\AppData\Roaming\EPSON\Creativity Suite

   [13/05/2008|10:23] C:\Users\jeff\AppData\Roaming\Google\Local Search History
   [23/04/2008|22:23] C:\Users\jeff\AppData\Roaming\Google\GoogleEarth

   [22/04/2008|16:28] C:\Users\jeff\AppData\Roaming\Identities\{6C4D22E6-87ED-4140-8FC9-ECEAEAF16080}

   [28/04/2008|09:05] C:\Users\jeff\AppData\Roaming\InstallShield\ISEngine12.0

   [13/05/2008|08:51] C:\Users\jeff\AppData\Roaming\LimeWire\library.dat
   [12/05/2008|23:49] C:\Users\jeff\AppData\Roaming\LimeWire\questions.props
   [12/05/2008|23:49] C:\Users\jeff\AppData\Roaming\LimeWire	ables.props
   [12/05/2008|23:49] C:\Users\jeff\AppData\Roaming\LimeWire\installation.props
   [12/05/2008|23:49] C:\Users\jeff\AppData\Roaming\LimeWire\mojito.props
   [12/05/2008|23:49] C:\Users\jeff\AppData\Roaming\LimeWire\limewire.props
   [12/05/2008|22:30] C:\Users\jeff\AppData\Roaming\LimeWire\spam.dat
   [12/05/2008|22:30] C:\Users\jeff\AppData\Roaming\LimeWire\gnutella.net
   [12/05/2008|19:32] C:\Users\jeff\AppData\Roaming\LimeWire\createtimes.cache
   [12/05/2008|19:32] C:\Users\jeff\AppData\Roaming\LimeWire\fileurns.cache
   [12/05/2008|01:16] C:\Users\jeff\AppData\Roaming\LimeWire\active.mojito
   [08/05/2008|05:46] C:\Users\jeff\AppData\Roaming\LimeWire\passive.mojito
   [08/05/2008|00:07] C:\Users\jeff\AppData\Roaming\LimeWire\filters.props
   [03/05/2008|13:42] C:\Users\jeff\AppData\Roaming\LimeWire\simpp.xml
   [03/05/2008|12:44] C:\Users\jeff\AppData\Roaming\LimeWire	tree.cache
   [26/04/2008|15:05] C:\Users\jeff\AppData\Roaming\LimeWireesponses.cache
   [26/04/2008|14:12] C:\Users\jeff\AppData\Roaming\LimeWire\414splashfree.png
   [24/04/2008|21:11] C:\Users\jeff\AppData\Roaming\LimeWire\.NetworkShare
   [24/04/2008|21:11] C:\Users\jeff\AppData\Roaming\LimeWire\version.xml
   [24/04/2008|21:08] C:\Users\jeff\AppData\Roaming\LimeWire\fileurns.bak
   [24/04/2008|21:07] C:\Users\jeff\AppData\Roaming\LimeWire\.AppSpecialShare
   [24/04/2008|21:07] C:\Users\jeff\AppData\Roaming\LimeWire\xml
   [24/04/2008|21:07] C:\Users\jeff\AppData\Roaming\LimeWire	hemes

   [11/05/2008|07:44] C:\Users\jeff\AppData\Roaming\Macromedia\Flash Player

   [12/05/2008|16:21] C:\Users\jeff\AppData\Roaming\Microsoft\HTML Help
   [30/04/2008|12:43] C:\Users\jeff\AppData\Roaming\Microsoft\MSN Messenger
   [23/04/2008|23:20] C:\Users\jeff\AppData\Roaming\Microsoft\Windows
   [23/04/2008|08:44] C:\Users\jeff\AppData\Roaming\Microsoft\Internet Explorer
   [22/04/2008|23:03] C:\Users\jeff\AppData\Roaming\Microsoft\WLTB Custom Buttons
   [22/04/2008|23:03] C:\Users\jeff\AppData\Roaming\Microsoft\MSNLiveFav
   [22/04/2008|22:55] C:\Users\jeff\AppData\Roaming\Microsoft\Crypto
   [22/04/2008|22:50] C:\Users\jeff\AppData\Roaming\Microsoft\IdentityCRL
   [22/04/2008|16:29] C:\Users\jeff\AppData\Roaming\Microsoft\SystemCertificates
   [22/04/2008|16:28] C:\Users\jeff\AppData\Roaming\Microsoft\Protect
   [22/04/2008|16:28] C:\Users\jeff\AppData\Roaming\Microsoft\Credentials

   [04/05/2008|19:34] C:\Users\jeff\AppData\Roaming\Mozilla\Firefox

   [12/05/2008|12:55] C:\Users\jeff\AppData\Roaming\vlc\vlcrc
   [23/04/2008|12:05] C:\Users\jeff\AppData\Roaming\vlc\cache

   [29/04/2008|13:03] C:\Users\jeff\AppData\Roaming\Yahoo!\Companion
 
   ----------------[ Tâches planifiées dans C:\Windows	asks ]---------------

   [22/04/2008 23:00][--a------] C:\Windows	asks\V‚rifier les mises … jour de Windows Live Toolbar.job
   [13/05/2008 17:52][--ah-----] C:\Windows	asks\SA.DAT
   [13/05/2008 17:50][--a------] C:\Windows	asks\SCHEDLGU.TXT
  
   ------[ Listing des dossiers dans C:\ProgramData ]------
   
   [13/04/2007|05:24] C:\ProgramData\Adobe
   [29/04/2008|18:36] C:\ProgramData\Apple Computer
   [02/11/2006|14:59] C:\ProgramData\Application Data 
   [03/05/2008|15:41] C:\ProgramData\BOONTY
   [30/04/2008|17:27] C:\ProgramData\Buildwarnlog
   [22/04/2008|16:23] C:\ProgramData\Bureau 
   [02/11/2006|14:59] C:\ProgramData\Desktop 
   [02/11/2006|14:59] C:\ProgramData\Documents 
   [22/04/2008|16:49] C:\ProgramData\eMule
   [28/04/2008|09:03] C:\ProgramData\EPSON
   [22/04/2008|16:23] C:\ProgramData\Favoris 
   [02/11/2006|14:59] C:\ProgramData\Favorites 
   [23/04/2008|21:35] C:\ProgramData\Google
   [13/05/2008|00:26] C:\ProgramData\Google Updater
   [22/04/2008|16:23] C:\ProgramData\Menu D‚marrer 
   [10/05/2008|18:10] C:\ProgramData\Messenger Plus!
   [02/05/2008|14:16] C:\ProgramData\Microsoft
   [22/04/2008|16:23] C:\ProgramData\ModŠles 
   [12/05/2008|18:47] C:\ProgramData
tuser.pol
   [12/05/2008|16:04] C:\ProgramData\Spybot - Search & Destroy
   [02/11/2006|14:59] C:\ProgramData\Start Menu 
   [02/11/2006|14:59] C:\ProgramData\Templates 
   [28/04/2008|09:23] C:\ProgramData\UDL
   [10/05/2008|17:54] C:\ProgramData\WLInstaller
 
   ---------------[ Listing des dossiers dans C:\Program Files ]--------------
 
   [28/04/2008|09:13] C:\Program Files\ABBYY FineReader 6.0 Sprint
   [13/04/2007|05:23] C:\Program Files\Adobe
   [22/04/2008|17:32] C:\Program Files\Alwil Software
   [03/05/2008|22:50] C:\Program Files\a-squared Free
   [09/05/2008|21:03] C:\Program Files\CCleaner
   [03/05/2008|15:39] C:\Program Files\Common Files
   [22/04/2008|17:45] C:\Program Files\desktop.ini
   [29/04/2008|13:07] C:\Program Files\DivX
   [23/04/2008|10:04] C:\Program Files\Dofus
   [22/04/2008|16:48] C:\Program Files\eMule
   [28/04/2008|09:20] C:\Program Files\epson
   [22/04/2008|16:23] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [23/04/2008|22:19] C:\Program Files\Google
   [29/04/2008|18:29] C:\Program Files\illiminable
   [28/04/2008|09:47] C:\Program Files\InstallShield Installation Information
   [22/04/2008|17:39] C:\Program Files\Internet Explorer
   [13/04/2007|05:37] C:\Program Files\InterVideo
   [26/04/2008|00:33] C:\Program Files\Java
   [03/05/2008|13:22] C:\Program Files\LimeWire
   [13/04/2007|05:30] C:\Program Files\MB application
   [10/05/2008|18:09] C:\Program Files\Messenger Plus! Live
   [30/04/2008|17:02] C:\Program Files\MessengerPlus! 3
   [23/04/2008|22:40] C:\Program Files\Micro Application
   [02/05/2008|09:43] C:\Program Files\Microsoft Games
   [22/04/2008|23:05] C:\Program Files\Microsoft SQL Server Compact Edition
   [13/04/2007|05:21] C:\Program Files\Motorola
   [02/11/2006|14:40] C:\Program Files\Movie Maker
   [01/05/2008|16:23] C:\Program Files\Mozilla Firefox
   [02/11/2006|14:35] C:\Program Files\MSBuild
   [02/11/2006|14:35] C:\Program Files\MSN
   [22/04/2008|17:07] C:\Program Files\MSXML 4.0
   [13/04/2007|05:30] C:\Program Files\Nero
   [13/05/2008|09:29] C:\Program Files\Panda Security
   [02/11/2006|14:35] C:\Program Files\Reference Assemblies
   [12/05/2008|14:36] C:\Program Files\Spybot - Search & Destroy
   [13/04/2007|05:22] C:\Program Files\Synaptics
   [09/05/2008|14:11] C:\Program Files\Trend Micro
   [02/11/2006|14:58] C:\Program Files\Uninstall Information
   [13/04/2007|05:19] C:\Program Files\VIA
   [23/04/2008|12:05] C:\Program Files\VideoLAN
   [29/04/2008|18:36] C:\Program Files\VistaCodecPack
   [23/04/2008|03:14] C:\Program Files\Windows Calendar
   [02/11/2006|14:40] C:\Program Files\Windows Collaboration
   [23/04/2008|03:14] C:\Program Files\Windows Defender
   [23/04/2008|23:27] C:\Program Files\Windows Live
   [22/04/2008|23:00] C:\Program Files\Windows Live Favorites
   [22/04/2008|23:00] C:\Program Files\Windows Live Toolbar
   [23/04/2008|03:14] C:\Program Files\Windows Mail
   [23/04/2008|03:14] C:\Program Files\Windows Media Player
   [22/04/2008|16:23] C:\Program Files\Windows NT
   [02/11/2006|14:40] C:\Program Files\Windows Photo Gallery
   [22/04/2008|17:39] C:\Program Files\Windows Sidebar
   [09/05/2008|21:03] C:\Program Files\Yahoo!
  
   ------[ Listing des dossiers dans C:\Program Files\Common Files ]------
   
   [13/04/2007|05:23] C:\Program Files\Common Files\Adobe
   [13/04/2007|05:33] C:\Program Files\Common Files\Ahead
   [03/05/2008|15:39] C:\Program Files\Common Files\BOONTY Shared
   [13/04/2007|05:42] C:\Program Files\Common Files\Fujitsu Siemens Computers
   [28/04/2008|09:33] C:\Program Files\Common Files\InstallShield
   [13/04/2007|05:37] C:\Program Files\Common Files\InterVideo
   [24/04/2008|20:59] C:\Program Files\Common Files\Java
   [22/04/2008|22:37] C:\Program Files\Common Files\microsoft shared
   [29/04/2008|13:06] C:\Program Files\Common Files\PX Storage Engine
   [02/11/2006|13:18] C:\Program Files\Common Files\Services
   [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
   [23/04/2008|03:14] C:\Program Files\Common Files\System
   [22/04/2008|22:37] C:\Program Files\Common Files\WindowsLiveInstaller

   ---------------------------[ Process ]--------------------------

   ... 56

   ... OK !

   ----------------------[ Recherche avec S_Lop ]---------------------

   Aucun fichier / dossier Lop trouvé ! 
 
   -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

   Aucun fichier / dossier Lop trouvé ! 
 
   ----------------------[ Verification du Registre ]----------------------
 
   ..... OK !

   --------------------[ Verification du fichier Hosts ]---------------------

   Fichier Hosts PROPRE


   ----------------[ Recherche de fichiers avec Catchme ]-----------------
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-05-13 17:55:28
   Windows 6.0.6000  NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------[ Recherche d'autres infections ]---------------------


   Aucune autre infection trouvée  !

   /!\ [Fich:40][Doss:12] C:\Users\jeff\AppData\Local\Temp
   /!\ [Fich:47][Doss:1] C:\Users\jeff\AppData\Roaming\MICROS~1\Windows\Cookies
   /!\ [Fich:278][Doss:6] C:\Users\jeff\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

   [ UAC => 1 ]

   --------------------[ Fin du rapport a 17:59:39.34  ]----------------------

jlpjlp · Answer

parfait . Tu ne devrais plus avoir de pub cid . Colle un scan panda pour vérifier

djeff-30 · Answer

voila le suivant..activ scan:c'est bien panda??
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-05-13 19:38:24
PROTECTIONS: 1
MALWARE: 22
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description                                  Version                       Active    Updated
;===================================================================================================================================================================================
avast! antivirus 4.8.1169 [VPS 080513-0]     4.8.1169                      No        Yes
;===================================================================================================================================================================================
MALWARE
Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
;===================================================================================================================================================================================
00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@doubleclick[1].txt
00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           C:\Users\owen\AppData\Roaming\Microsoft\Windows\Cookies\Low\owen@doubleclick[1].txt
00139064  Cookie/Atlas DMT                   TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.atdmt.com/]
00139064  Cookie/Atlas DMT                   TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\eilidh@atdmt[2].txt
00139064  Cookie/Atlas DMT                   TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@atdmt[2].txt
00139064  Cookie/Atlas DMT                   TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.atdmt.com/]
00139535  Application/Processor              HackTools           No        0         Yes            No           C:\Lop SD\Process.exe
00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@tradedoubler[2].txt
00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.247realmedia.com/]
00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.247realmedia.com/]
00145457  Cookie/FastClick                   TrackingCookie      No        0         Yes            No           C:\Users\owen\AppData\Roaming\Microsoft\Windows\Cookies\Low\owen@fastclick[2].txt
00145731  Cookie/Tribalfusion                TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.tribalfusion.com/]
00145738  Cookie/Mediaplex                   TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@mediaplex[1].txt
00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Microsoft\Windows\Cookies\jeff@xiti[1].txt
00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Users\owen\AppData\Roaming\Microsoft\Windows\Cookies\Low\owen@xiti[1].txt
00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Microsoft\Windows\Cookies\Low\jeff@xiti[1].txt
00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.xiti.com/]
00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.xiti.com/]
00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[ad.yieldmanager.com/]
00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[ad.yieldmanager.com/]
00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[ad.yieldmanager.com/]
00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[ad.yieldmanager.com/]
00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[ad.yieldmanager.com/]
00168061  Cookie/Apmebf                      TrackingCookie      No        0         Yes            No           C:\Users\owen\AppData\Roaming\Microsoft\Windows\Cookies\Low\owen@apmebf[1].txt
00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@serving-sys[2].txt
00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.serving-sys.com/]
00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.serving-sys.com/]
00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.serving-sys.com/]
00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.serving-sys.com/]
00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.serving-sys.com/]
00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.serving-sys.com/]
00168093  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.bs.serving-sys.com/]
00168093  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@bs.serving-sys[1].txt
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Microsoft\Windows\Cookies\jeff@weborama[1].txt
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.weborama.fr/]
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@weborama[1].txt
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.weborama.fr/]
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.weborama.fr/]
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.weborama.fr/]
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.weborama.fr/]
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.weborama.fr/]
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\eilidh@weborama[2].txt
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.weborama.fr/]
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Microsoft\Windows\Cookies\Low\jeff@weborama[1].txt
00168116  Cookie/Comclick                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[fl01.ct2.comclick.com/]
00168116  Cookie/Comclick                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[fl01.ct2.comclick.com/]
00168116  Cookie/Comclick                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[fl01.ct2.comclick.com/]
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@advertising[2].txt
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.advertising.com/]
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\eilidh@advertising[2].txt
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.advertising.com/]
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.advertising.com/]
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.advertising.com/]
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.advertising.com/]
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.advertising.com/]
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.advertising.com/]
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.advertising.com/]
00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Microsoft\Windows\Cookies\jeff@ads.pointroll[2].txt
00170554  Cookie/Overture                    TrackingCookie      No        0         Yes            No           C:\Users\owen\AppData\Roaming\Microsoft\Windows\Cookies\Low\owen@overture[1].txt
00170554  Cookie/Overture                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@overture[1].txt
00170554  Cookie/Overture                    TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.overture.com/]
00173520  Cookie/Bluestreak                  TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\eilidh@bluestreak[1].txt
00173520  Cookie/Bluestreak                  TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@bluestreak[1].txt
00173520  Cookie/Bluestreak                  TrackingCookie      No        0         Yes            No           C:\Users\owen\AppData\Roaming\Microsoft\Windows\Cookies\Low\owen@bluestreak[1].txt
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.smartadserver.com/]
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Microsoft\Windows\Cookies\Low\eilidh@smartadserver[2].txt
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.smartadserver.com/]
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.smartadserver.com/]
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\owen\AppData\Roaming\Microsoft\Windows\Cookies\Low\owen@smartadserver[1].txt
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.smartadserver.com/]
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Microsoft\Windows\Cookies\Low\jeff@smartadserver[1].txt
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.smartadserver.com/]
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.smartadserver.com/]
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\eilidh\AppData\Roaming\Mozilla\Firefox\Profiles\iemn9a5j.default\cookies.txt[.smartadserver.com/]
00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zeqkb84w.default\cookies.txt[.smartadserver.com/]
01176994  Bck/VB.XB                          Virus/Trojan        No        0         No             No           C:\Users\jeff\AppData\Local\Mozilla\Firefox\Profiles\zeqkb84w.default\Cache\C2152591d01[327882R2FWJFW\NirCmdC.cfexe]
01176994  Bck/VB.XB                          Virus/Trojan        No        0         No             No           C:\Users\jeff\Desktop\ComboFix.exe[327882R2FWJFW\NirCmdC.cfexe]
01185375  Application/Psexec.A               HackTools           No        0         Yes            No           C:\Windows\PSEXESVC.EXE
;===================================================================================================================================================================================
SUSPECTS
Sent      Location                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              &#1750;@&#65533;(	
3
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id        Severity   Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                &#1750;@&#65533;(	
3
;===================================================================================================================================================================================
  184379  MEDIUM     MS08-001                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   &#1750;@&#65533;(	
3
  182048  HIGH       MS07-069                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   &#1750;@&#65533;(	
3
  176382  HIGH       MS07-057                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   &#1750;@&#65533;(	
3
  170906  HIGH       MS07-045                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   &#1750;@&#65533;(	
3
  164913  HIGH       MS07-033                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   &#1750;@&#65533;(	
3
  160623  HIGH       MS07-027                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   &#1750;@&#65533;(	
3
;===================================================================================================================================================================================


je crois bien que cette fois il y a quelques trucs pas clairs!!!non??

jlpjlp · Answer

non ca va , beaucoup de cookies!!!

___________

vire combofix et LOP SD de ton ordinateur

______________


télécharge OTMoveIt 
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.  Ou sur  https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer. 
copie la liste qui se trouve en citation ci-dessous, 
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved. 

Citation : 


C:\Users\jeff\AppData\Local\Mozilla\Firefox\Profiles\zeqkb84w.default\Cache\C2152591d01
C:\Windows\PSEXESVC.EXE 


clique sur MoveIt! pour lancer la suppression. 
le résultat apparaitra dans le cadre "Results". 
clique sur Exit pour fermer. 
poste le rapport situé dans C:\_OTMoveIt\MovedFiles. 

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes. 

_______________

vire ce qui est dans moved files en allant dans POSTE DE TRAVAIL puis C puis OTMOVIT

____________________



utilise  pour supprimer tes traces 

CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo 

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

_______________________

encore des soucis???

djeff-30 · Answer

bonsoir!!c'est fait!!je m'attendais a plus long comme rapport:j'espere que je n'ai rien oublié?

C:\Users\jeff\AppData\Local\Mozilla\Firefox\Profiles\zeqkb84w.default\Cache\C2152591d01 moved successfully.
File move failed. C:\Windows\PSEXESVC.EXE scheduled to be moved on reboot.
 
OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05132008_230547


bon  je vire OTMoveIt et je nettoie avec CCleaner(je l'ai déja!!)je revien demain dans la journée te dire si tout est ok...merci pour tout ça!!!

djeff-30 · Answer

sur vista ce n'est pas "poste de travail" mais sur "ordinateur"..comme je ne savai pas comment passer par ce chemin j'ai chercher dans "recherches" et éliminé tout ce qui avais rapport a OTMOVIT j"espère avoir bien fait??

jlpjlp · Answer

oui  sur vista c'est ordinateur et pas poste de travail (c'est pratique d'avoir changé le nom...)



encore des soucis???

Rapport hijackthis a décripter!!! - Page 2

Discussions similaires

Newsletters