Rapport hijackthis

jumanji46 -  
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour, j'ai des probl avec mon pc, voila mon rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:45:34, on 15.05.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon\tbmyBa.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon\tbmyBa.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon\tbmyBa.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [liveburn] "C:\ProgramData\defy lies lies.f95n30"
O4 - HKLM\..\Run: [Frag Ooze Cash Scr] "C:\ProgramData\phone idle skip.r6pja"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Translate with ABBYY &Lingvo... - res://C:\Program Files\ABBYY Lingvo 12\Lingvo.exe/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{8796450D-90B6-4671-B331-E12472D8EFB4}: NameServer = 80.10.246.2,80.10.246.129
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe

--
End of file - 7389 bytes

merci
Configuration: Windows Vista
Internet Explorer 7.0

5 réponses

  1. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonsoir,

    TéléchargeLop S&D ici :
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    Double-clique dessus pour lancer l'installation
    Puis double-clique [b]sur le raccourci Lop S&D[/b] présent sur ton bureau
    Séléctionne la langue souhaitée , puis choisis [b]l'Option 1[/b] ( Recherche )
    Patiente jusqu'à la fin du scan
    Poste le rapport généré ( C:\lopR.txt )

    ( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

    0
  2. jumanji46
     
    voila le rapport :
    -----------------------[ Lop S&D 4.2.0-8 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
    [ USER : arsene ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 16.05.2008 | 0:52:35,16 ] [ PC : PC-DE-ARSENE ]
    [ MAJ : 11-05-2008 | 18:25 ]
    [ UAC => 0 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [11.03.2008|00:22] C:\Users\arsene\AppData\Roaming\Adobe\Flash Player
    [20.11.2007|22:11] C:\Users\arsene\AppData\Roaming\Adobe\Linguistics
    [28.10.2007|12:39] C:\Users\arsene\AppData\Roaming\Adobe\Acrobat

    [15.05.2008|22:08] C:\Users\arsene\AppData\Roaming\Apple Computer\iTunes

    [28.10.2007|12:39] C:\Users\arsene\AppData\Roaming\ATI\ACE

    [06.05.2008|22:48] C:\Users\arsene\AppData\Roaming\Google\Local Search History

    [28.10.2007|12:39] C:\Users\arsene\AppData\Roaming\Identities\{45987D6C-C1A2-425C-AAD2-0D6832DB886B}

    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\library.dat
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\spam.dat
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\questions.props
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\tables.props
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\installation.props
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\mojito.props
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\limewire.props
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\gnutella.net
    [15.05.2008|09:09] C:\Users\arsene\AppData\Roaming\LimeWire\createtimes.cache
    [15.05.2008|09:09] C:\Users\arsene\AppData\Roaming\LimeWire\fileurns.cache
    [14.05.2008|22:17] C:\Users\arsene\AppData\Roaming\LimeWire\filters.props
    [14.05.2008|19:47] C:\Users\arsene\AppData\Roaming\LimeWire\ttrees.cache
    [14.05.2008|19:47] C:\Users\arsene\AppData\Roaming\LimeWire\ttroot.cache
    [14.05.2008|19:46] C:\Users\arsene\AppData\Roaming\LimeWire\version.xml
    [13.04.2008|23:15] C:\Users\arsene\AppData\Roaming\LimeWire\simpp.xml
    [22.02.2008|17:00] C:\Users\arsene\AppData\Roaming\LimeWire\ttree.cache
    [15.02.2008|13:06] C:\Users\arsene\AppData\Roaming\LimeWire\.NetworkShare
    [11.11.2007|23:20] C:\Users\arsene\AppData\Roaming\LimeWire\responses.cache
    [06.11.2007|00:25] C:\Users\arsene\AppData\Roaming\LimeWire\414splashfree.png
    [05.11.2007|22:41] C:\Users\arsene\AppData\Roaming\LimeWire\fileurns.bak
    [05.11.2007|22:39] C:\Users\arsene\AppData\Roaming\LimeWire\.AppSpecialShare
    [05.11.2007|22:39] C:\Users\arsene\AppData\Roaming\LimeWire\xml
    [05.11.2007|22:39] C:\Users\arsene\AppData\Roaming\LimeWire\themes

    [11.03.2008|00:22] C:\Users\arsene\AppData\Roaming\Macromedia\Flash Player

    [15.05.2008|13:09] C:\Users\arsene\AppData\Roaming\Media Player Classic\default.mpcpl

    [14.05.2008|20:25] C:\Users\arsene\AppData\Roaming\Microsoft\MSN Messenger
    [21.04.2008|17:11] C:\Users\arsene\AppData\Roaming\Microsoft\Installer
    [22.03.2008|01:18] C:\Users\arsene\AppData\Roaming\Microsoft\Ime
    [10.01.2008|05:24] C:\Users\arsene\AppData\Roaming\Microsoft\eHome
    [14.12.2007|20:35] C:\Users\arsene\AppData\Roaming\Microsoft\MMC
    [04.12.2007|16:29] C:\Users\arsene\AppData\Roaming\Microsoft\Windows
    [01.12.2007|14:20] C:\Users\arsene\AppData\Roaming\Microsoft\WLTB Custom Buttons
    [26.11.2007|22:45] C:\Users\arsene\AppData\Roaming\Microsoft\HTML Help
    [20.11.2007|02:17] C:\Users\arsene\AppData\Roaming\Microsoft\IdentityCRL
    [05.11.2007|23:32] C:\Users\arsene\AppData\Roaming\Microsoft\Internet Explorer
    [05.11.2007|22:42] C:\Users\arsene\AppData\Roaming\Microsoft\Credentials
    [29.10.2007|23:02] C:\Users\arsene\AppData\Roaming\Microsoft\Crypto
    [28.10.2007|12:39] C:\Users\arsene\AppData\Roaming\Microsoft\SystemCertificates
    [28.10.2007|12:39] C:\Users\arsene\AppData\Roaming\Microsoft\Protect

    [14.05.2008|19:02] C:\Users\arsene\AppData\Roaming\Shareaza\Collections
    [14.05.2008|19:02] C:\Users\arsene\AppData\Roaming\Shareaza\Torrents
    [12.05.2008|22:04] C:\Users\arsene\AppData\Roaming\Shareaza\Data

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [25.04.2008 15:01][--a------] C:\Windows\tasks\Norton Security Scan.job
    [16.05.2008 00:14][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [18.04.2008 19:59][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - arsene.job
    [16.05.2008 00:52][--ah-----] C:\Windows\tasks\SA.DAT
    [16.05.2008 00:51][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [26.11.2007|22:18] C:\ProgramData\ABBYY
    [07.11.2007|23:16] C:\ProgramData\addr_file.html
    [12.03.2008|02:04] C:\ProgramData\Adobe
    [06.11.2007|19:25] C:\ProgramData\Apple
    [06.11.2007|19:27] C:\ProgramData\Apple Computer
    [02.11.2006|15:02] C:\ProgramData\Application Data
    [05.11.2007|22:26] C:\ProgramData\Avira
    [28.10.2007|12:35] C:\ProgramData\Bureau
    [15.05.2008|12:11] C:\ProgramData\close poke frag ooze
    [15.05.2008|12:10] C:\ProgramData\defy lies lies.0rrep3
    [15.05.2008|22:09] C:\ProgramData\defy lies lies.158251q
    [15.05.2008|21:03] C:\ProgramData\defy lies lies.2ya1ou
    [15.05.2008|12:09] C:\ProgramData\defy lies lies.7bxh3kw
    [15.05.2008|12:33] C:\ProgramData\defy lies lies.7o4tv
    [15.05.2008|13:17] C:\ProgramData\defy lies lies.8ewws
    [15.05.2008|18:08] C:\ProgramData\defy lies lies.9mf800
    [15.05.2008|17:03] C:\ProgramData\defy lies lies.9xtjt
    [16.05.2008|00:20] C:\ProgramData\defy lies lies.a71xh
    [15.05.2008|22:52] C:\ProgramData\defy lies lies.axnpzn
    [15.05.2008|23:58] C:\ProgramData\defy lies lies.c7h1m
    [15.05.2008|18:52] C:\ProgramData\defy lies lies.dfp7isk
    [15.05.2008|16:28] C:\ProgramData\defy lies lies.e8tvn9l
    [15.05.2008|17:25] C:\ProgramData\defy lies lies.eefpma1
    [15.05.2008|15:01] C:\ProgramData\defy lies lies.f0chy
    [15.05.2008|23:36] C:\ProgramData\defy lies lies.f95n30
    [15.05.2008|21:47] C:\ProgramData\defy lies lies.fqyhvg
    [15.05.2008|13:38] C:\ProgramData\defy lies lies.g0abtup
    [15.05.2008|21:25] C:\ProgramData\defy lies lies.gosma9
    [15.05.2008|12:10] C:\ProgramData\defy lies lies.hdtzz1
    [15.05.2008|20:41] C:\ProgramData\defy lies lies.hhumz
    [15.05.2008|19:36] C:\ProgramData\defy lies lies.hlxuz
    [15.05.2008|19:14] C:\ProgramData\defy lies lies.i9xmc
    [15.05.2008|15:22] C:\ProgramData\defy lies lies.jcl0v
    [16.05.2008|00:42] C:\ProgramData\defy lies lies.k1ffbf
    [15.05.2008|20:20] C:\ProgramData\defy lies lies.lfkd8up
    [15.05.2008|14:39] C:\ProgramData\defy lies lies.lkuanvg
    [15.05.2008|14:17] C:\ProgramData\defy lies lies.mptel
    [15.05.2008|16:06] C:\ProgramData\defy lies lies.qeg21
    [15.05.2008|23:14] C:\ProgramData\defy lies lies.thpc6m
    [15.05.2008|22:31] C:\ProgramData\defy lies lies.u1mle
    [15.05.2008|19:58] C:\ProgramData\defy lies lies.v0sgdw
    [15.05.2008|12:55] C:\ProgramData\defy lies lies.ve0f7sk
    [15.05.2008|15:44] C:\ProgramData\defy lies lies.vnaoa
    [15.05.2008|18:30] C:\ProgramData\defy lies lies.xnt2ky
    [15.05.2008|17:47] C:\ProgramData\defy lies lies.zd8i2
    [02.11.2006|15:02] C:\ProgramData\Desktop
    [02.11.2006|15:02] C:\ProgramData\Documents
    [10.11.2007|03:08] C:\ProgramData\eMule
    [28.10.2007|12:35] C:\ProgramData\Favoris
    [02.11.2006|15:02] C:\ProgramData\Favorites
    [17.01.2008|16:47] C:\ProgramData\Google
    [15.05.2008|12:11] C:\ProgramData\grim each
    [28.10.2007|12:35] C:\ProgramData\Menu D‚marrer
    [15.05.2008|12:12] C:\ProgramData\Messenger Plus!
    [26.11.2007|22:45] C:\ProgramData\Microsoft
    [28.10.2007|12:35] C:\ProgramData\ModŠles
    [11.03.2008|19:28] C:\ProgramData\ntuser.pol
    [15.05.2008|12:11] C:\ProgramData\phone idle skip.r6pja
    [24.03.2007|00:25] C:\ProgramData\Pinnacle
    [02.11.2006|15:02] C:\ProgramData\Start Menu
    [11.03.2008|10:52] C:\ProgramData\Symantec
    [02.11.2006|15:02] C:\ProgramData\Templates
    [30.12.2007|20:53] C:\ProgramData\WLInstaller

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [27.04.2008|20:30] C:\Program Files\ABBYY Lingvo 12
    [12.03.2008|02:04] C:\Program Files\Adobe
    [06.11.2007|19:26] C:\Program Files\Apple Software Update
    [24.03.2007|00:22] C:\Program Files\ATI
    [24.03.2007|00:22] C:\Program Files\ATI Technologies
    [26.11.2007|23:24] C:\Program Files\Audacity
    [27.11.2007|18:46] C:\Program Files\AV Vcs 6.0 DIAMOND
    [05.11.2007|22:26] C:\Program Files\Avira
    [15.05.2008|12:09] C:\Program Files\Circle Developement
    [19.04.2008|11:51] C:\Program Files\Common Files
    [27.04.2008|19:26] C:\Program Files\Conduit
    [25.04.2008|20:43] C:\Program Files\Cyber Snipa S.W.A.T. Mouse
    [02.11.2006|14:50] C:\Program Files\desktop.ini
    [11.03.2008|01:38] C:\Program Files\Doctor Spyware Cleaner
    [10.11.2007|03:07] C:\Program Files\eMule
    [28.10.2007|12:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [19.01.2008|05:26] C:\Program Files\Google
    [15.05.2008|12:10] C:\Program Files\grim each
    [10.04.2008|13:13] C:\Program Files\Internet Explorer
    [06.11.2007|19:28] C:\Program Files\iPod
    [06.11.2007|19:28] C:\Program Files\iTunes
    [17.01.2008|16:47] C:\Program Files\Java
    [19.01.2008|15:44] C:\Program Files\K-Lite Codec Pack
    [14.11.2007|01:30] C:\Program Files\Lecteur Freeware
    [24.02.2008|03:47] C:\Program Files\LimeWire
    [28.10.2007|12:40] C:\Program Files\MB application
    [15.05.2008|12:10] C:\Program Files\Messenger Plus! Live
    [02.11.2006|14:37] C:\Program Files\Microsoft Games
    [30.12.2007|21:00] C:\Program Files\Microsoft SQL Server Compact Edition
    [02.11.2006|14:42] C:\Program Files\Movie Maker
    [02.11.2006|14:37] C:\Program Files\MSBuild
    [02.11.2006|14:37] C:\Program Files\MSN
    [23.11.2007|21:14] C:\Program Files\MSN Reaper
    [28.11.2007|04:01] C:\Program Files\MSXML 4.0
    [27.04.2008|19:26] C:\Program Files\myBabylon
    [15.05.2008|16:41] C:\Program Files\Navilog1
    [24.03.2007|00:30] C:\Program Files\Nero
    [25.04.2008|15:00] C:\Program Files\Norton Security Scan
    [24.03.2007|00:25] C:\Program Files\Pinnacle
    [06.11.2007|19:27] C:\Program Files\QuickTime
    [02.11.2006|14:37] C:\Program Files\Reference Assemblies
    [17.04.2008|21:44] C:\Program Files\Shareaza
    [29.04.2008|02:12] C:\Program Files\Steam
    [12.11.2007|01:16] C:\Program Files\Translator
    [11.03.2008|10:05] C:\Program Files\Trend Micro
    [02.11.2006|15:01] C:\Program Files\Uninstall Information
    [02.11.2006|14:42] C:\Program Files\Windows Calendar
    [02.11.2006|14:42] C:\Program Files\Windows Collaboration
    [02.11.2006|14:42] C:\Program Files\Windows Defender
    [02.11.2006|14:42] C:\Program Files\Windows Journal
    [28.02.2008|04:01] C:\Program Files\Windows Live
    [01.12.2007|14:16] C:\Program Files\Windows Live Toolbar
    [06.11.2007|11:48] C:\Program Files\Windows Mail
    [06.11.2007|11:48] C:\Program Files\Windows Media Player
    [28.10.2007|12:35] C:\Program Files\Windows NT
    [02.11.2006|14:42] C:\Program Files\Windows Photo Gallery
    [10.01.2008|05:27] C:\Program Files\Windows Sidebar

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [12.03.2008|02:04] C:\Program Files\Common Files\Adobe
    [24.03.2007|00:31] C:\Program Files\Common Files\Ahead
    [06.11.2007|19:25] C:\Program Files\Common Files\Apple
    [24.03.2007|00:40] C:\Program Files\Common Files\Fujitsu Siemens Computers
    [05.11.2007|22:36] C:\Program Files\Common Files\Java
    [26.11.2007|22:19] C:\Program Files\Common Files\microsoft shared
    [02.11.2006|13:18] C:\Program Files\Common Files\Services
    [02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [19.04.2008|11:51] C:\Program Files\Common Files\Steam
    [11.03.2008|10:54] C:\Program Files\Common Files\Symantec Shared
    [06.11.2007|11:48] C:\Program Files\Common Files\System
    [30.12.2007|20:56] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 46

    iexplore.exe ~ [2176]
    iexplore.exe ~ [2560]

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\ProgramData\defy lies lies.0rrep3
    C:\ProgramData\defy lies lies.158251q
    C:\ProgramData\defy lies lies.2ya1ou
    C:\ProgramData\defy lies lies.7bxh3kw
    C:\ProgramData\defy lies lies.7o4tv
    C:\ProgramData\defy lies lies.8ewws
    C:\ProgramData\defy lies lies.9mf800
    C:\ProgramData\defy lies lies.9xtjt
    C:\ProgramData\defy lies lies.a71xh
    C:\ProgramData\defy lies lies.axnpzn
    C:\ProgramData\defy lies lies.c7h1m
    C:\ProgramData\defy lies lies.dfp7isk
    C:\ProgramData\defy lies lies.e8tvn9l
    C:\ProgramData\defy lies lies.eefpma1
    C:\ProgramData\defy lies lies.f0chy
    C:\ProgramData\defy lies lies.f95n30
    C:\ProgramData\defy lies lies.fqyhvg
    C:\ProgramData\defy lies lies.g0abtup
    C:\ProgramData\defy lies lies.gosma9
    C:\ProgramData\defy lies lies.hdtzz1
    C:\ProgramData\defy lies lies.hhumz
    C:\ProgramData\defy lies lies.hlxuz
    C:\ProgramData\defy lies lies.i9xmc
    C:\ProgramData\defy lies lies.jcl0v
    C:\ProgramData\defy lies lies.k1ffbf
    C:\ProgramData\defy lies lies.lfkd8up
    C:\ProgramData\defy lies lies.lkuanvg
    C:\ProgramData\defy lies lies.mptel
    C:\ProgramData\defy lies lies.qeg21
    C:\ProgramData\defy lies lies.thpc6m
    C:\ProgramData\defy lies lies.u1mle
    C:\ProgramData\defy lies lies.v0sgdw
    C:\ProgramData\defy lies lies.ve0f7sk
    C:\ProgramData\defy lies lies.vnaoa
    C:\ProgramData\defy lies lies.xnt2ky
    C:\ProgramData\defy lies lies.zd8i2
    C:\ProgramData\phone idle skip.r6pja
    C:\ProgramData\defy lies lies.0rrep3
    C:\ProgramData\defy lies lies.2ya1ou
    C:\ProgramData\defy lies lies.7bxh3kw
    C:\ProgramData\defy lies lies.8ewws
    C:\ProgramData\defy lies lies.9mf800
    C:\ProgramData\defy lies lies.9xtjt
    C:\ProgramData\defy lies lies.a71xh
    C:\ProgramData\defy lies lies.axnpzn
    C:\ProgramData\defy lies lies.c7h1m
    C:\ProgramData\defy lies lies.dfp7isk
    C:\ProgramData\defy lies lies.e8tvn9l
    C:\ProgramData\defy lies lies.eefpma1
    C:\ProgramData\defy lies lies.f95n30
    C:\ProgramData\defy lies lies.fqyhvg
    C:\ProgramData\defy lies lies.g0abtup
    C:\ProgramData\defy lies lies.gosma9
    C:\ProgramData\defy lies lies.hdtzz1
    C:\ProgramData\defy lies lies.i9xmc
    C:\ProgramData\defy lies lies.k1ffbf
    C:\ProgramData\defy lies lies.qeg21
    C:\ProgramData\defy lies lies.thpc6m
    C:\ProgramData\defy lies lies.u1mle
    C:\ProgramData\defy lies lies.v0sgdw
    C:\ProgramData\defy lies lies.ve0f7sk
    C:\ProgramData\defy lies lies.vnaoa
    C:\ProgramData\defy lies lies.xnt2ky
    C:\ProgramData\defy lies lies.zd8i2
    C:\ProgramData\phone idle skip.r6pja

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\ProgramData\close poke frag ooze
    C:\ProgramData\close poke frag ooze\Gpl Idol.exe
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-16 00:53:11
    Windows 6.0.6000 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:50][Doss:11] C:\Users\arsene\AppData\Local\Temp
    /!\ [Fich:2370][Doss:1] C:\Users\arsene\AppData\Roaming\MICROS~1\Windows\Cookies
    /!\ [Fich:6130][Doss:78] C:\Users\arsene\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 0:54:00,68 ]----------------------
    merci
    0
  3. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    a) Relance Lop S&D

    Choisis cette fois ci l'Option 2 ( Suppression )

    Ne ferme pas la fenêtre lors de la suppression !

    Poste le rapport généré ( C:\lopR.txt )

    ( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,

    Nouvelle tâche, tape explorer.exe et valide )

    b) Tu tiens à myBabylon toolbar ?

    c) remets un rapport Hijackthis.
    0
  4. jumanji46
     
    Bonjour, voila le rapport :

    -----------------------[ Lop S&D 4.2.0-8 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
    [ USER : arsene ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 16.05.2008 | 9:30:49,26 ] [ PC : PC-DE-ARSENE ]
    [ MAJ : 11-05-2008 | 18:25 ]
    [ UAC => 0 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\ProgramData\close poke frag ooze\Gpl Idol.exe
    Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprimé! - C:\ProgramData\defy lies lies.0rrep3
    Supprimé! - C:\ProgramData\defy lies lies.158251q
    Supprimé! - C:\ProgramData\defy lies lies.2ya1ou
    Supprimé! - C:\ProgramData\defy lies lies.7bxh3kw
    Supprimé! - C:\ProgramData\defy lies lies.7o4tv
    Supprimé! - C:\ProgramData\defy lies lies.8ewws
    Supprimé! - C:\ProgramData\defy lies lies.9mf800
    Supprimé! - C:\ProgramData\defy lies lies.9xtjt
    Supprimé! - C:\ProgramData\defy lies lies.a71xh
    Supprimé! - C:\ProgramData\defy lies lies.axnpzn
    Supprimé! - C:\ProgramData\defy lies lies.c7h1m
    Supprimé! - C:\ProgramData\defy lies lies.dfp7isk
    Supprimé! - C:\ProgramData\defy lies lies.e8tvn9l
    Supprimé! - C:\ProgramData\defy lies lies.eefpma1
    Supprimé! - C:\ProgramData\defy lies lies.f0chy
    Supprimé! - C:\ProgramData\defy lies lies.f95n30
    Supprimé! - C:\ProgramData\defy lies lies.fqyhvg
    Supprimé! - C:\ProgramData\defy lies lies.g0abtup
    Supprimé! - C:\ProgramData\defy lies lies.gosma9
    Supprimé! - C:\ProgramData\defy lies lies.hdtzz1
    Supprimé! - C:\ProgramData\defy lies lies.hhumz
    Supprimé! - C:\ProgramData\defy lies lies.hlxuz
    Supprimé! - C:\ProgramData\defy lies lies.i9xmc
    Supprimé! - C:\ProgramData\defy lies lies.jcl0v
    Supprimé! - C:\ProgramData\defy lies lies.k1ffbf
    Supprimé! - C:\ProgramData\defy lies lies.lfkd8up
    Supprimé! - C:\ProgramData\defy lies lies.lkuanvg
    Supprimé! - C:\ProgramData\defy lies lies.mptel
    Supprimé! - C:\ProgramData\defy lies lies.qeg21
    Supprimé! - C:\ProgramData\defy lies lies.thpc6m
    Supprimé! - C:\ProgramData\defy lies lies.u1mle
    Supprimé! - C:\ProgramData\defy lies lies.v0sgdw
    Supprimé! - C:\ProgramData\defy lies lies.ve0f7sk
    Supprimé! - C:\ProgramData\defy lies lies.vnaoa
    Supprimé! - C:\ProgramData\defy lies lies.xnt2ky
    Supprimé! - C:\ProgramData\defy lies lies.zd8i2
    Supprimé! - C:\ProgramData\phone idle skip.r6pja
    Supprimé! - C:\ProgramData\close poke frag ooze
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    -------------[ Listing des dossiers dans Application Data ]------------

    [11.03.2008|00:22] C:\Users\arsene\AppData\Roaming\Adobe\Flash Player
    [20.11.2007|22:11] C:\Users\arsene\AppData\Roaming\Adobe\Linguistics
    [28.10.2007|12:39] C:\Users\arsene\AppData\Roaming\Adobe\Acrobat

    [15.05.2008|22:08] C:\Users\arsene\AppData\Roaming\Apple Computer\iTunes

    [28.10.2007|12:39] C:\Users\arsene\AppData\Roaming\ATI\ACE

    [06.05.2008|22:48] C:\Users\arsene\AppData\Roaming\Google\Local Search History

    [28.10.2007|12:39] C:\Users\arsene\AppData\Roaming\Identities\{45987D6C-C1A2-425C-AAD2-0D6832DB886B}

    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\library.dat
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\spam.dat
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\questions.props
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\tables.props
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\installation.props
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\mojito.props
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\limewire.props
    [15.05.2008|13:10] C:\Users\arsene\AppData\Roaming\LimeWire\gnutella.net
    [15.05.2008|09:09] C:\Users\arsene\AppData\Roaming\LimeWire\createtimes.cache
    [15.05.2008|09:09] C:\Users\arsene\AppData\Roaming\LimeWire\fileurns.cache
    [14.05.2008|22:17] C:\Users\arsene\AppData\Roaming\LimeWire\filters.props
    [14.05.2008|19:47] C:\Users\arsene\AppData\Roaming\LimeWire\ttrees.cache
    [14.05.2008|19:47] C:\Users\arsene\AppData\Roaming\LimeWire\ttroot.cache
    [14.05.2008|19:46] C:\Users\arsene\AppData\Roaming\LimeWire\version.xml
    [13.04.2008|23:15] C:\Users\arsene\AppData\Roaming\LimeWire\simpp.xml
    [22.02.2008|17:00] C:\Users\arsene\AppData\Roaming\LimeWire\ttree.cache
    [15.02.2008|13:06] C:\Users\arsene\AppData\Roaming\LimeWire\.NetworkShare
    [11.11.2007|23:20] C:\Users\arsene\AppData\Roaming\LimeWire\responses.cache
    [06.11.2007|00:25] C:\Users\arsene\AppData\Roaming\LimeWire\414splashfree.png
    [05.11.2007|22:41] C:\Users\arsene\AppData\Roaming\LimeWire\fileurns.bak
    [05.11.2007|22:39] C:\Users\arsene\AppData\Roaming\LimeWire\.AppSpecialShare
    [05.11.2007|22:39] C:\Users\arsene\AppData\Roaming\LimeWire\xml
    [05.11.2007|22:39] C:\Users\arsene\AppData\Roaming\LimeWire\themes

    [11.03.2008|00:22] C:\Users\arsene\AppData\Roaming\Macromedia\Flash Player

    [15.05.2008|13:09] C:\Users\arsene\AppData\Roaming\Media Player Classic\default.mpcpl

    [14.05.2008|20:25] C:\Users\arsene\AppData\Roaming\Microsoft\MSN Messenger
    [21.04.2008|17:11] C:\Users\arsene\AppData\Roaming\Microsoft\Installer
    [22.03.2008|01:18] C:\Users\arsene\AppData\Roaming\Microsoft\Ime
    [10.01.2008|05:24] C:\Users\arsene\AppData\Roaming\Microsoft\eHome
    [14.12.2007|20:35] C:\Users\arsene\AppData\Roaming\Microsoft\MMC
    [04.12.2007|16:29] C:\Users\arsene\AppData\Roaming\Microsoft\Windows
    [01.12.2007|14:20] C:\Users\arsene\AppData\Roaming\Microsoft\WLTB Custom Buttons
    [26.11.2007|22:45] C:\Users\arsene\AppData\Roaming\Microsoft\HTML Help
    [20.11.2007|02:17] C:\Users\arsene\AppData\Roaming\Microsoft\IdentityCRL
    [05.11.2007|23:32] C:\Users\arsene\AppData\Roaming\Microsoft\Internet Explorer
    [05.11.2007|22:42] C:\Users\arsene\AppData\Roaming\Microsoft\Credentials
    [29.10.2007|23:02] C:\Users\arsene\AppData\Roaming\Microsoft\Crypto
    [28.10.2007|12:39] C:\Users\arsene\AppData\Roaming\Microsoft\SystemCertificates
    [28.10.2007|12:39] C:\Users\arsene\AppData\Roaming\Microsoft\Protect

    [14.05.2008|19:02] C:\Users\arsene\AppData\Roaming\Shareaza\Collections
    [14.05.2008|19:02] C:\Users\arsene\AppData\Roaming\Shareaza\Torrents
    [12.05.2008|22:04] C:\Users\arsene\AppData\Roaming\Shareaza\Data

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [25.04.2008 15:01][--a------] C:\Windows\tasks\Norton Security Scan.job
    [16.05.2008 09:14][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [18.04.2008 19:59][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - arsene.job
    [16.05.2008 09:30][--ah-----] C:\Windows\tasks\SA.DAT
    [16.05.2008 09:29][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [26.11.2007|22:18] C:\ProgramData\ABBYY
    [07.11.2007|23:16] C:\ProgramData\addr_file.html
    [12.03.2008|02:04] C:\ProgramData\Adobe
    [06.11.2007|19:25] C:\ProgramData\Apple
    [06.11.2007|19:27] C:\ProgramData\Apple Computer
    [02.11.2006|15:02] C:\ProgramData\Application Data
    [05.11.2007|22:26] C:\ProgramData\Avira
    [28.10.2007|12:35] C:\ProgramData\Bureau
    [16.05.2008|09:28] C:\ProgramData\defy lies lies.7qp13sf
    [16.05.2008|01:14] C:\ProgramData\defy lies lies.ah4jxlk
    [02.11.2006|15:02] C:\ProgramData\Desktop
    [02.11.2006|15:02] C:\ProgramData\Documents
    [10.11.2007|03:08] C:\ProgramData\eMule
    [28.10.2007|12:35] C:\ProgramData\Favoris
    [02.11.2006|15:02] C:\ProgramData\Favorites
    [17.01.2008|16:47] C:\ProgramData\Google
    [15.05.2008|12:11] C:\ProgramData\grim each
    [28.10.2007|12:35] C:\ProgramData\Menu D‚marrer
    [15.05.2008|12:12] C:\ProgramData\Messenger Plus!
    [26.11.2007|22:45] C:\ProgramData\Microsoft
    [28.10.2007|12:35] C:\ProgramData\ModŠles
    [11.03.2008|19:28] C:\ProgramData\ntuser.pol
    [24.03.2007|00:25] C:\ProgramData\Pinnacle
    [02.11.2006|15:02] C:\ProgramData\Start Menu
    [11.03.2008|10:52] C:\ProgramData\Symantec
    [02.11.2006|15:02] C:\ProgramData\Templates
    [30.12.2007|20:53] C:\ProgramData\WLInstaller

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [27.04.2008|20:30] C:\Program Files\ABBYY Lingvo 12
    [12.03.2008|02:04] C:\Program Files\Adobe
    [06.11.2007|19:26] C:\Program Files\Apple Software Update
    [24.03.2007|00:22] C:\Program Files\ATI
    [24.03.2007|00:22] C:\Program Files\ATI Technologies
    [26.11.2007|23:24] C:\Program Files\Audacity
    [27.11.2007|18:46] C:\Program Files\AV Vcs 6.0 DIAMOND
    [05.11.2007|22:26] C:\Program Files\Avira
    [19.04.2008|11:51] C:\Program Files\Common Files
    [27.04.2008|19:26] C:\Program Files\Conduit
    [25.04.2008|20:43] C:\Program Files\Cyber Snipa S.W.A.T. Mouse
    [02.11.2006|14:50] C:\Program Files\desktop.ini
    [11.03.2008|01:38] C:\Program Files\Doctor Spyware Cleaner
    [10.11.2007|03:07] C:\Program Files\eMule
    [28.10.2007|12:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [19.01.2008|05:26] C:\Program Files\Google
    [15.05.2008|12:10] C:\Program Files\grim each
    [10.04.2008|13:13] C:\Program Files\Internet Explorer
    [06.11.2007|19:28] C:\Program Files\iPod
    [06.11.2007|19:28] C:\Program Files\iTunes
    [17.01.2008|16:47] C:\Program Files\Java
    [19.01.2008|15:44] C:\Program Files\K-Lite Codec Pack
    [14.11.2007|01:30] C:\Program Files\Lecteur Freeware
    [24.02.2008|03:47] C:\Program Files\LimeWire
    [28.10.2007|12:40] C:\Program Files\MB application
    [15.05.2008|12:10] C:\Program Files\Messenger Plus! Live
    [02.11.2006|14:37] C:\Program Files\Microsoft Games
    [30.12.2007|21:00] C:\Program Files\Microsoft SQL Server Compact Edition
    [02.11.2006|14:42] C:\Program Files\Movie Maker
    [02.11.2006|14:37] C:\Program Files\MSBuild
    [02.11.2006|14:37] C:\Program Files\MSN
    [23.11.2007|21:14] C:\Program Files\MSN Reaper
    [28.11.2007|04:01] C:\Program Files\MSXML 4.0
    [27.04.2008|19:26] C:\Program Files\myBabylon
    [15.05.2008|16:41] C:\Program Files\Navilog1
    [24.03.2007|00:30] C:\Program Files\Nero
    [25.04.2008|15:00] C:\Program Files\Norton Security Scan
    [24.03.2007|00:25] C:\Program Files\Pinnacle
    [06.11.2007|19:27] C:\Program Files\QuickTime
    [02.11.2006|14:37] C:\Program Files\Reference Assemblies
    [17.04.2008|21:44] C:\Program Files\Shareaza
    [29.04.2008|02:12] C:\Program Files\Steam
    [12.11.2007|01:16] C:\Program Files\Translator
    [11.03.2008|10:05] C:\Program Files\Trend Micro
    [02.11.2006|15:01] C:\Program Files\Uninstall Information
    [02.11.2006|14:42] C:\Program Files\Windows Calendar
    [02.11.2006|14:42] C:\Program Files\Windows Collaboration
    [02.11.2006|14:42] C:\Program Files\Windows Defender
    [02.11.2006|14:42] C:\Program Files\Windows Journal
    [28.02.2008|04:01] C:\Program Files\Windows Live
    [01.12.2007|14:16] C:\Program Files\Windows Live Toolbar
    [06.11.2007|11:48] C:\Program Files\Windows Mail
    [06.11.2007|11:48] C:\Program Files\Windows Media Player
    [28.10.2007|12:35] C:\Program Files\Windows NT
    [02.11.2006|14:42] C:\Program Files\Windows Photo Gallery
    [10.01.2008|05:27] C:\Program Files\Windows Sidebar

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [12.03.2008|02:04] C:\Program Files\Common Files\Adobe
    [24.03.2007|00:31] C:\Program Files\Common Files\Ahead
    [06.11.2007|19:25] C:\Program Files\Common Files\Apple
    [24.03.2007|00:40] C:\Program Files\Common Files\Fujitsu Siemens Computers
    [05.11.2007|22:36] C:\Program Files\Common Files\Java
    [26.11.2007|22:19] C:\Program Files\Common Files\microsoft shared
    [02.11.2006|13:18] C:\Program Files\Common Files\Services
    [02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [19.04.2008|11:51] C:\Program Files\Common Files\Steam
    [11.03.2008|10:54] C:\Program Files\Common Files\Symantec Shared
    [06.11.2007|11:48] C:\Program Files\Common Files\System
    [30.12.2007|20:56] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 43

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\ProgramData\defy lies lies.7qp13sf
    C:\ProgramData\defy lies lies.ah4jxlk
    C:\ProgramData\defy lies lies.7qp13sf
    C:\ProgramData\defy lies lies.ah4jxlk

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-16 09:31:38
    Windows 6.0.6000 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:52][Doss:11] C:\Users\arsene\AppData\Local\Temp
    /!\ [Fich:2374][Doss:1] C:\Users\arsene\AppData\Roaming\MICROS~1\Windows\Cookies
    /!\ [Fich:6535][Doss:78] C:\Users\arsene\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 9:33:08,59 ]----------------------

    merci
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    je voudrais que tu fasses comme ça (enchaîner analyse et nettoyage) :

    Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau

    Séléctionne la langue souhaitée , puis choisisl'Option 1 ( Recherche )

    Patiente jusqu'à la fin du scan

    ( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier ,
    Nouvelle tâche , tape explorer.exe et valide )

    ______________

    Relance Lop S&D

    Choisis cette fois ci l'Option 2 ( Suppression )

    Ne ferme pas la fenêtre lors de la suppression !

    Poste le rapport généré ( C:\lopR.txt )

    ( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,

    Nouvelle tâche, tape explorer.exe et valide )
    0