Sujet Précédent Sujet Suivant

Probleme CID (+ rapport HiJackThis)

Résolu
mam'z3ll Messages postés 15 Statut Membre -  
mam'z3ll Messages postés 15 Statut Membre -
Bonjour,

J'ai depuis quelque temps des pubs "cid" qui s'affichent toutes les 5 minutes quand je suis sur le net. J'ai lu sur plusieurs autres topics qu'il fallait faire un rappor HijackThis que voici, si quelqu'un aurait l'amabilité de jeter un coup d'oeil et de me dire comment faire pour me debarasser de ces pubs, se serait vraiment genial.

Merc beaucoup d'avance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:55:19, on 20/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Users\sa\AppData\Local\xhzku.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Windows\System32\wsqmcons.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.skyrock.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [1 eq] "C:\ProgramData\warn default default.ogfvj1"
O4 - HKLM\..\Run: [warn default inter for] "C:\ProgramData\Ante vc the.v3fsi"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [xhzku] c:\users\sa\appdata\local\xhzku.exe xhzku
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/WebfettiInitialSetup1.0.1.0.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

3 réponses

Réponse 1 / 3
Utilisateur anonyme
 
*Téléchargez lopS&D.exe sur votre bureau (Clique-droit sur le lien > Enregistrer la cible du lien sous)
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
*Désactivez votre antivirus au cas où (vous pourrez le réactiver après la fin du scan)
*Double-clique sur lopS&D pour lancer l'installation
*Une fois installé, double-clique sur Lop S&D
*Sélectionne la langue en appuyant sur la touche F, puis choisissez l'option 1 (Recherche)
*Si lopS&D vous demande de redémarrer acceptez et attendez la fin du scan.).
0
mam'z3ll Messages postés 15 Statut Membre
 
Voila j'ai fait ce que vous m'avez demander, merci d'avoir repondu je fais quoi maintenant ?


-----------------------[ Lop S&D 4.2.1-6 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : sa ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 20/06/2008 | 22:35:58,61 ] [ PC : PC-DE-SANDY ]
[ MAJ : 16-06-2008 | 23:01 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------


[10/04/2008|15:21] C:\Users\sa\AppData\Roaming\Adobe\Flash Player
[24/08/2007|00:52] C:\Users\sa\AppData\Roaming\Adobe\Linguistics
[16/08/2007|23:51] C:\Users\sa\AppData\Roaming\Adobe\Acrobat

[07/06/2008|21:49] C:\Users\sa\AppData\Roaming\Apple Computer\iTunes

[20/08/2007|23:53] C:\Users\sa\AppData\Roaming\CyberLink\PowerCinema
[20/08/2007|23:53] C:\Users\sa\AppData\Roaming\CyberLink\PowerDVD


[23/08/2007|11:49] C:\Users\sa\AppData\Roaming\DivX\DivX Codec

[13/06/2008|22:04] C:\Users\sa\AppData\Roaming\dvdcss\SUPERBAD-2007122818511077-3c1dd3a3a9

[01/02/2008|18:34] C:\Users\sa\AppData\Roaming\FastStone\FSIV


[18/06/2008|19:00] C:\Users\sa\AppData\Roaming\Google\Local Search History
[03/09/2007|16:20] C:\Users\sa\AppData\Roaming\Google\GoogleEarth


[16/08/2007|23:20] C:\Users\sa\AppData\Roaming\Hewlett-Packard\HP Software UI

[17/08/2007|00:31] C:\Users\sa\AppData\Roaming\HP\QuickPlay

[16/08/2007|23:50] C:\Users\sa\AppData\Roaming\Identities\{80C424AD-4C3E-4B39-B8E4-9FCD204F4AAB}

[17/05/2008|21:51] C:\Users\sa\AppData\Roaming\InstallShield\ISEngine12.0

[22/04/2008|21:17] C:\Users\sa\AppData\Roaming\LimeWire\.AppSpecialShare
[23/02/2008|16:17] C:\Users\sa\AppData\Roaming\LimeWire\.NetworkShare
[17/08/2007|00:36] C:\Users\sa\AppData\Roaming\LimeWire\xml
[17/08/2007|00:36] C:\Users\sa\AppData\Roaming\LimeWire\themes

[14/01/2008|20:44] C:\Users\sa\AppData\Roaming\ma-config.com\Logs

[16/08/2007|23:21] C:\Users\sa\AppData\Roaming\Macromedia\Flash Player


[18/06/2008|19:48] C:\Users\sa\AppData\Roaming\MessengerSkinner\Userdata

[04/06/2008|21:31] C:\Users\sa\AppData\Roaming\Microsoft\Windows Photo Gallery
[16/05/2008|16:32] C:\Users\sa\AppData\Roaming\Microsoft\Internet Explorer
[16/05/2008|15:45] C:\Users\sa\AppData\Roaming\Microsoft\Templates
[25/04/2008|22:24] C:\Users\sa\AppData\Roaming\Microsoft\MSN Messenger
[15/04/2008|17:56] C:\Users\sa\AppData\Roaming\Microsoft\Windows Live Call
[15/04/2008|17:56] C:\Users\sa\AppData\Roaming\Microsoft\IdentityCRL
[08/04/2008|18:26] C:\Users\sa\AppData\Roaming\Microsoft\Office
[08/04/2008|11:08] C:\Users\sa\AppData\Roaming\Microsoft\eHome
[04/03/2008|19:28] C:\Users\sa\AppData\Roaming\Microsoft\Word
[26/02/2008|22:19] C:\Users\sa\AppData\Roaming\Microsoft\Installer
[04/12/2007|19:18] C:\Users\sa\AppData\Roaming\Microsoft\OneNote
[20/11/2007|19:43] C:\Users\sa\AppData\Roaming\Microsoft\Media Player
[31/10/2007|15:10] C:\Users\sa\AppData\Roaming\Microsoft\Crypto
[04/10/2007|19:42] C:\Users\sa\AppData\Roaming\Microsoft\preuve
[23/09/2007|11:40] C:\Users\sa\AppData\Roaming\Microsoft\Speech
[28/08/2007|23:54] C:\Users\sa\AppData\Roaming\Microsoft\Clip Organizer
[28/08/2007|23:53] C:\Users\sa\AppData\Roaming\Microsoft\UProof
[20/08/2007|22:36] C:\Users\sa\AppData\Roaming\Microsoft\QuickStyles
[20/08/2007|22:30] C:\Users\sa\AppData\Roaming\Microsoft\Proof
[20/08/2007|22:30] C:\Users\sa\AppData\Roaming\Microsoft\Document Building Blocks
[20/08/2007|22:30] C:\Users\sa\AppData\Roaming\Microsoft\AddIns
[17/08/2007|12:49] C:\Users\sa\AppData\Roaming\Microsoft\MMC
[17/08/2007|00:26] C:\Users\sa\AppData\Roaming\Microsoft\Windows
[16/08/2007|23:54] C:\Users\sa\AppData\Roaming\Microsoft\HTML Help
[16/08/2007|23:50] C:\Users\sa\AppData\Roaming\Microsoft\Protect
[16/08/2007|23:49] C:\Users\sa\AppData\Roaming\Microsoft\SystemCertificates
[16/08/2007|23:20] C:\Users\sa\AppData\Roaming\Microsoft\CLR Security Config
[16/08/2007|23:18] C:\Users\sa\AppData\Roaming\Microsoft\Credentials

[07/09/2007|19:25] C:\Users\sa\AppData\Roaming\Mozilla\Plugins
[19/08/2007|22:49] C:\Users\sa\AppData\Roaming\Mozilla\Firefox

[19/01/2008|14:07] C:\Users\sa\AppData\Roaming\Nero\Nero8

[07/09/2007|19:25] C:\Users\sa\AppData\Roaming\Netscape\Plugins



[29/04/2008|18:19] C:\Users\sa\AppData\Roaming\OpenOffice.org2\user

[23/08/2007|17:35] C:\Users\sa\AppData\Roaming\Photodex\Proshow Producer

[20/06/2008|13:39] C:\Users\sa\AppData\Roaming\Real\RealMediaSDK

[19/08/2007|22:49] C:\Users\sa\AppData\Roaming\Talkback\MozillaOrg



[03/12/2007|11:45] C:\Users\sa\AppData\Roaming\Ulead Systems\Ulead PhotoImpact


[05/09/2007|14:59] C:\Users\sa\AppData\Roaming\vlc\cache

[28/12/2007|15:46] C:\Users\sa\AppData\Roaming\Winamp\Plugins



----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[19/02/2008 11:03][--a------] C:\Windows\tasks\Norton Security Scan.job
[20/06/2008 22:35][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A576EDAD-D526-40F1-AC3F-91A9C8B864F4}.job
[20/06/2008 22:34][--ah-----] C:\Windows\tasks\SA.DAT
[20/06/2008 22:33][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[18/05/2007|03:47] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[09/09/2007|19:39] C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[27/10/2007|22:46] C:\ProgramData\addr_file.html
[25/05/2008|19:34] C:\ProgramData\Adobe
[18/06/2008|23:11] C:\ProgramData\Ante vc the.v3fsi
[17/08/2007|11:45] C:\ProgramData\Apple
[27/08/2007|15:49] C:\ProgramData\Apple Computer
[16/08/2007|23:15] C:\ProgramData\Application Data
[18/05/2008|09:17] C:\ProgramData\Avira
[16/08/2007|23:15] C:\ProgramData\Bureau
[18/10/2007|17:36] C:\ProgramData\CheckPoint
[25/11/2007|19:30] C:\ProgramData\CyberLink
[16/08/2007|23:15] C:\ProgramData\Documents
[05/11/2007|10:45] C:\ProgramData\eMule
[16/08/2007|23:15] C:\ProgramData\Favoris
[09/02/2008|22:16] C:\ProgramData\Google
[20/06/2008|13:13] C:\ProgramData\Google Updater
[18/05/2007|04:23] C:\ProgramData\Hewlett-Packard
[17/08/2007|00:31] C:\ProgramData\HP
[18/05/2007|03:57] C:\ProgramData\hpzinstall.log
[18/06/2008|23:11] C:\ProgramData\Knob Memo Locks
[19/01/2008|14:07] C:\ProgramData\LightScribe
[27/04/2008|22:08] C:\ProgramData\Logishrd
[05/10/2007|16:55] C:\ProgramData\Logitech
[28/10/2007|21:12] C:\ProgramData\LUUnInstall.LiveUpdate
[16/08/2007|23:15] C:\ProgramData\Menu D‚marrer
[19/06/2008|17:33] C:\ProgramData\Messenger Plus!
[18/12/2007|21:25] C:\ProgramData\Microsoft
[08/01/2008|19:32] C:\ProgramData\Microsoft Help
[16/08/2007|23:15] C:\ProgramData\ModŠles
[19/08/2007|22:48] C:\ProgramData\Mozilla
[19/01/2008|13:45] C:\ProgramData\Nero
[18/05/2007|03:28] C:\ProgramData\Roxio
[27/08/2007|15:53] C:\ProgramData\Sonic
[28/10/2007|21:15] C:\ProgramData\Symantec
[18/06/2008|23:11] C:\ProgramData\Time Dead Warn Default
[03/12/2007|11:28] C:\ProgramData\Ulead Systems
[18/06/2008|23:33] C:\ProgramData\warn default default.0rhiu
[18/06/2008|23:55] C:\ProgramData\warn default default.1sh2r
[20/06/2008|15:17] C:\ProgramData\warn default default.1u5xo
[19/06/2008|16:42] C:\ProgramData\warn default default.6ghecaz
[19/06/2008|14:20] C:\ProgramData\warn default default.8lyarz
[20/06/2008|14:11] C:\ProgramData\warn default default.8ninnl
[20/06/2008|17:48] C:\ProgramData\warn default default.8sa45f
[19/06/2008|15:26] C:\ProgramData\warn default default.9sojkx
[18/06/2008|23:11] C:\ProgramData\warn default default.aagy0
[19/06/2008|16:10] C:\ProgramData\warn default default.dusou
[19/06/2008|18:11] C:\ProgramData\warn default default.f9c83
[19/06/2008|00:17] C:\ProgramData\warn default default.ga4xp
[20/06/2008|13:28] C:\ProgramData\warn default default.gcpvw7
[19/06/2008|17:04] C:\ProgramData\warn default default.irt9hys
[20/06/2008|13:49] C:\ProgramData\warn default default.ivbbjjg
[20/06/2008|14:33] C:\ProgramData\warn default default.k1wcpp
[19/06/2008|13:58] C:\ProgramData\warn default default.mha8nx
[19/06/2008|14:42] C:\ProgramData\warn default default.mlhmr
[20/06/2008|14:55] C:\ProgramData\warn default default.mtr1j0
[20/06/2008|16:01] C:\ProgramData\warn default default.o676ve
[20/06/2008|21:33] C:\ProgramData\warn default default.ogfvj1
[20/06/2008|22:17] C:\ProgramData\warn default default.puk2tb
[19/06/2008|15:48] C:\ProgramData\warn default default.td7n7
[18/06/2008|23:11] C:\ProgramData\warn default default.te6ss
[19/06/2008|15:04] C:\ProgramData\warn default default.ttms5er
[20/06/2008|21:55] C:\ProgramData\warn default default.ug6d7i
[19/06/2008|17:35] C:\ProgramData\warn default default.z7c885h

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[18/05/2007|03:47] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[25/05/2008|19:34] C:\Program Files\Adobe
[17/08/2007|12:01] C:\Program Files\Apple Software Update
[20/06/2008|13:24] C:\Program Files\AskTBar
[18/05/2008|09:17] C:\Program Files\Avira
[04/11/2007|23:28] C:\Program Files\Axon Data
[16/08/2007|23:49] C:\Program Files\Bioscrypt
[25/05/2008|19:34] C:\Program Files\Common Files
[18/06/2008|23:03] C:\Program Files\desktop.ini
[02/09/2007|11:39] C:\Program Files\DivX
[19/09/2007|15:52] C:\Program Files\EA GAMES
[18/05/2007|03:59] C:\Program Files\EasyBits
[05/11/2007|10:44] C:\Program Files\eMule
[13/10/2007|16:46] C:\Program Files\EPSON
[01/02/2008|18:31] C:\Program Files\FastStone Image Viewer
[16/08/2007|23:15] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[16/08/2007|23:49] C:\Program Files\Fingerprint Sensor
[19/01/2008|22:44] C:\Program Files\FunWebProducts
[08/01/2008|18:56] C:\Program Files\GIMP-2.0
[12/02/2008|12:07] C:\Program Files\Google
[15/06/2008|23:31] C:\Program Files\GoPets Ltd
[18/05/2007|04:17] C:\Program Files\Hewlett-Packard
[17/05/2008|22:15] C:\Program Files\HP
[18/05/2007|04:06] C:\Program Files\HPQ
[27/08/2007|15:48] C:\Program Files\illiminable
[19/01/2008|14:22] C:\Program Files\Illustrate
[17/05/2008|22:15] C:\Program Files\InstallShield Installation Information
[18/05/2007|03:09] C:\Program Files\Intel
[18/06/2008|22:48] C:\Program Files\Internet Explorer
[17/08/2007|12:03] C:\Program Files\iPod
[17/08/2007|12:03] C:\Program Files\iTunes
[09/02/2008|22:16] C:\Program Files\Java
[10/04/2008|22:05] C:\Program Files\KSS
[05/11/2007|10:40] C:\Program Files\LimeWire
[27/04/2008|22:08] C:\Program Files\Logitech
[14/01/2008|20:44] C:\Program Files\ma-config.com
[13/12/2007|20:41] C:\Program Files\Macrogaming
[20/06/2008|13:10] C:\Program Files\Messenger Plus! Live
[18/06/2008|19:46] C:\Program Files\MessengerSkinner
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[08/01/2008|19:22] C:\Program Files\Microsoft Office
[08/01/2008|19:24] C:\Program Files\Microsoft Visual Studio
[18/05/2007|03:46] C:\Program Files\Microsoft Works
[18/05/2007|03:45] C:\Program Files\Microsoft.NET
[18/05/2007|02:48] C:\Program Files\Motorola
[18/06/2008|22:48] C:\Program Files\Movie Maker
[06/01/2008|12:45] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[19/06/2008|16:29] C:\Program Files\MSN Adder
[19/06/2008|17:24] C:\Program Files\MSN Messenger
[19/08/2007|01:31] C:\Program Files\MSXML 4.0
[11/03/2008|18:53] C:\Program Files\MyWebSearch
[19/01/2008|13:45] C:\Program Files\Nero
[19/02/2008|11:03] C:\Program Files\Norton Security Scan
[22/04/2008|22:24] C:\Program Files\OpenOffice.org 2.4
[23/08/2007|17:35] C:\Program Files\Photodex
[20/04/2008|22:00] C:\Program Files\Picasa2
[17/08/2007|11:48] C:\Program Files\QuickTime
[18/05/2007|04:04] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/05/2007|03:28] C:\Program Files\Roxio
[18/05/2007|04:00] C:\Program Files\Services en ligne
[19/06/2008|16:16] C:\Program Files\Spyware Doctor
[28/10/2007|21:11] C:\Program Files\Symantec
[18/05/2007|02:54] C:\Program Files\Synaptics
[20/06/2008|21:54] C:\Program Files\Trend Micro
[26/02/2008|22:19] C:\Program Files\Tronics
[08/01/2008|18:55] C:\Program Files\TuxPaint
[03/12/2007|11:28] C:\Program Files\Ulead Systems
[18/01/2008|22:21] C:\Program Files\UnFREEz
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/09/2007|11:42] C:\Program Files\VideoLAN
[27/08/2007|15:49] C:\Program Files\VistaCodecPack
[08/01/2008|18:53] C:\Program Files\Winamp
[18/06/2008|22:48] C:\Program Files\Windows Calendar
[18/06/2008|22:48] C:\Program Files\Windows Collaboration
[18/06/2008|22:48] C:\Program Files\Windows Defender
[18/06/2008|22:48] C:\Program Files\Windows Journal
[19/06/2008|17:24] C:\Program Files\Windows Live
[18/06/2008|22:48] C:\Program Files\Windows Mail
[18/06/2008|22:48] C:\Program Files\Windows Media Player
[16/08/2007|23:15] C:\Program Files\Windows NT
[18/06/2008|22:48] C:\Program Files\Windows Photo Gallery
[18/06/2008|22:48] C:\Program Files\Windows Sidebar
[19/09/2007|15:34] C:\Program Files\WinRAR
[18/10/2007|17:36] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[25/05/2008|19:34] C:\Program Files\Common Files\Adobe
[17/08/2007|11:45] C:\Program Files\Common Files\Apple
[18/05/2007|03:45] C:\Program Files\Common Files\DESIGNER
[18/05/2007|03:57] C:\Program Files\Common Files\HP
[17/05/2008|22:15] C:\Program Files\Common Files\InstallShield
[18/05/2007|04:22] C:\Program Files\Common Files\Java
[18/05/2007|04:06] C:\Program Files\Common Files\LightScribe
[27/04/2008|22:09] C:\Program Files\Common Files\logishrd
[08/01/2008|19:21] C:\Program Files\Common Files\microsoft shared
[19/01/2008|13:48] C:\Program Files\Common Files\Nero
[23/08/2007|11:31] C:\Program Files\Common Files\PX Storage Engine
[18/05/2007|03:27] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[18/05/2007|03:27] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/05/2007|03:28] C:\Program Files\Common Files\SureThing Shared
[28/10/2007|21:15] C:\Program Files\Common Files\Symantec Shared
[18/06/2008|22:48] C:\Program Files\Common Files\System
[03/12/2007|11:28] C:\Program Files\Common Files\Ulead Systems

---------------------------[ Process ]--------------------------

... 85

iexplore.exe ~ [232]
iexplore.exe ~ [3728]

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\Ante vc the.v3fsi
C:\ProgramData\warn default default.0rhiu
C:\ProgramData\warn default default.1sh2r
C:\ProgramData\warn default default.1u5xo
C:\ProgramData\warn default default.6ghecaz
C:\ProgramData\warn default default.8lyarz
C:\ProgramData\warn default default.8ninnl
C:\ProgramData\warn default default.8sa45f
C:\ProgramData\warn default default.9sojkx
C:\ProgramData\warn default default.aagy0
C:\ProgramData\warn default default.dusou
C:\ProgramData\warn default default.f9c83
C:\ProgramData\warn default default.ga4xp
C:\ProgramData\warn default default.gcpvw7
C:\ProgramData\warn default default.irt9hys
C:\ProgramData\warn default default.ivbbjjg
C:\ProgramData\warn default default.k1wcpp
C:\ProgramData\warn default default.mha8nx
C:\ProgramData\warn default default.mlhmr
C:\ProgramData\warn default default.mtr1j0
C:\ProgramData\warn default default.o676ve
C:\ProgramData\warn default default.ogfvj1
C:\ProgramData\warn default default.puk2tb
C:\ProgramData\warn default default.td7n7
C:\ProgramData\warn default default.te6ss
C:\ProgramData\warn default default.ttms5er
C:\ProgramData\warn default default.ug6d7i
C:\ProgramData\warn default default.z7c885h
C:\ProgramData\Ante vc the.v3fsi
C:\ProgramData\warn default default.1sh2r
C:\ProgramData\warn default default.1u5xo
C:\ProgramData\warn default default.6ghecaz
C:\ProgramData\warn default default.8ninnl
C:\ProgramData\warn default default.8sa45f
C:\ProgramData\warn default default.9sojkx
C:\ProgramData\warn default default.dusou
C:\ProgramData\warn default default.f9c83
C:\ProgramData\warn default default.irt9hys
C:\ProgramData\warn default default.ivbbjjg
C:\ProgramData\warn default default.k1wcpp
C:\ProgramData\warn default default.mha8nx
C:\ProgramData\warn default default.mlhmr
C:\ProgramData\warn default default.mtr1j0
C:\ProgramData\warn default default.o676ve
C:\ProgramData\warn default default.ogfvj1
C:\ProgramData\warn default default.td7n7
C:\ProgramData\warn default default.te6ss
C:\ProgramData\warn default default.ttms5er
C:\ProgramData\warn default default.ug6d7i
C:\ProgramData\warn default default.z7c885h
C:\Users\sa\AppData\Local\Temp\bisFA17.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\ProgramData\Time Dead Warn Default
C:\ProgramData\Time Dead Warn Default\User readme.exe
C:\Users\sa\AppData\Roaming\MICROS~1\Windows\Cookies\sa@www.adserver5[2].txt
C:\Users\sa\AppData\Roaming\MICROS~1\Windows\Cookies\sa@adopt.euroclick[2].txt
C:\Users\sa\AppData\Roaming\MICROS~1\Windows\Cookies\sa@32vegas[2].txt
C:\Users\sa\AppData\Roaming\MICROS~1\Windows\Cookies\sa@banner.32vegas[2].txt

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"warn default inter for"="\"C:\\ProgramData\\Ante vc the.v3fsi\""
"1 eq"="\"C:\\ProgramData\\warn default default.puk2tb\""

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-20 22:39:02
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\Windows\System32\WDI\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{dbda0f6d-d87a-4350-a996-f5200f9a119a}
C:\Windows\System32\WDI\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{150c057f-f6b1-4866-a4c7-34643c58a3a0}
C:\Windows\System32\WDI\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{27a184da-d8a3-4ffb-aeac-06db4418392d}
scan completed successfully
hidden processes: 0
hidden files: 3

--------------------[ Recherche d'autres infections ]---------------------

C:\Windows\system32\nvs2.inf
C:\Users\sa\AppData\Local\xhzku_navps.dat
C:\Users\sa\AppData\Local\xhzku.exe
C:\Users\sa\AppData\Local\xhzku.dat
C:\Users\sa\AppData\Local\xhzku_nav.dat
[b]! EGDACCESS !/b

=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11Z0TTQG\crackjtm.20080504195008[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11Z0TTQG\crackjtm.20080504195154[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11Z0TTQG\crackjtm.20080504200414[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11Z0TTQG\crackjtm.20080504203620[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DWYFCF3Q\crackjtm.20080504195058[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DWYFCF3Q\crackjtm.20080504195141[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DWYFCF3Q\crackjtm.20080504200235[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DWYFCF3Q\crackjtm.20080504200414[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M2RC9WU2\crackjtm.20080504194954[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M2RC9WU2\crackjtm.20080504200614[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M2RC9WU2\crackjtm.20080504202641[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M2RC9WU2\crackjtm.20080504203620[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VXUMFKKG\crackjtm.20080504195036[1].jpg


[F:3591][D:130]-> C:\Users\sa\AppData\Local\Temp
[F:362][D:1]-> C:\Users\sa\AppData\Roaming\MICROS~1\Windows\Cookies
[F:2687][D:6]-> C:\Users\sa\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> C:\$Recycle.Bin

[ UAC => 1 ]

--------------------[ Fin du rapport a 22:45:25,55 ]----------------------
0
Utilisateur anonyme > mam'z3ll Messages postés 15 Statut Membre
 
*Relance Lop S&D
· Choisis cette fois ci l'option 2 ( Suppression )
· Ne ferme pas la fenêtre lors de la suppression !
· Poste le rapport généré ( C:\lopR.txt )

*( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide).
0
Réponse 2 / 3
mam'z3ll Messages postés 15 Statut Membre
 
Voila rapport :

-----------------------[ Lop S&D 4.2.1-6 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : sa ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 20/06/2008 | 23:02:11,54 ] [ PC : PC-DE-SANDY ]
[ MAJ : 16-06-2008 | 23:01 ]
[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\Users\sa\AppData\Roaming\MICROS~1\Windows\Cookies\sa@www.adserver5[2].txt
Supprimé! - C:\Users\sa\AppData\Roaming\MICROS~1\Windows\Cookies\sa@adopt.euroclick[2].txt
Supprimé! - C:\Users\sa\AppData\Roaming\MICROS~1\Windows\Cookies\sa@32vegas[2].txt
Supprimé! - C:\Users\sa\AppData\Roaming\MICROS~1\Windows\Cookies\sa@banner.32vegas[2].txt
Supprimé! - C:\ProgramData\warn default default.0rhiu
Supprimé! - C:\ProgramData\warn default default.1sh2r
Supprimé! - C:\ProgramData\warn default default.1u5xo
Supprimé! - C:\ProgramData\warn default default.6ghecaz
Supprimé! - C:\ProgramData\warn default default.8lyarz
Supprimé! - C:\ProgramData\warn default default.8ninnl
Supprimé! - C:\ProgramData\warn default default.8sa45f
Supprimé! - C:\ProgramData\warn default default.9sojkx
Supprimé! - C:\ProgramData\warn default default.aagy0
Supprimé! - C:\ProgramData\warn default default.dusou
Supprimé! - C:\ProgramData\warn default default.f9c83
Supprimé! - C:\ProgramData\warn default default.ga4xp
Supprimé! - C:\ProgramData\warn default default.gcpvw7
Supprimé! - C:\ProgramData\warn default default.irt9hys
Supprimé! - C:\ProgramData\warn default default.ivbbjjg
Supprimé! - C:\ProgramData\warn default default.k1wcpp
Supprimé! - C:\ProgramData\warn default default.mha8nx
Supprimé! - C:\ProgramData\warn default default.mlhmr
Supprimé! - C:\ProgramData\warn default default.mtr1j0
Supprimé! - C:\ProgramData\warn default default.o676ve
Supprimé! - C:\ProgramData\warn default default.ogfvj1
Supprimé! - C:\ProgramData\warn default default.td7n7
Supprimé! - C:\ProgramData\warn default default.te6ss
Supprimé! - C:\ProgramData\warn default default.ttms5er
Supprimé! - C:\ProgramData\warn default default.ug6d7i
Supprimé! - C:\ProgramData\warn default default.z7c885h
Supprimé! - C:\Users\sa\AppData\Local\Temp\bisFA17.exe
Echec ! - C:\ProgramData\Time Dead Warn Default
Restauré! - Fichier Hosts

\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

Supprimé! - C:\ProgramData\Time Dead Warn Default

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprimé! - C:\Program Files\MyWebSearch

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

[10/04/2008|15:21] C:\Users\sa\AppData\Roaming\Adobe\Flash Player
[24/08/2007|00:52] C:\Users\sa\AppData\Roaming\Adobe\Linguistics
[16/08/2007|23:51] C:\Users\sa\AppData\Roaming\Adobe\Acrobat

[07/06/2008|21:49] C:\Users\sa\AppData\Roaming\Apple Computer\iTunes

[20/08/2007|23:53] C:\Users\sa\AppData\Roaming\CyberLink\PowerCinema
[20/08/2007|23:53] C:\Users\sa\AppData\Roaming\CyberLink\PowerDVD

[23/08/2007|11:49] C:\Users\sa\AppData\Roaming\DivX\DivX Codec

[13/06/2008|22:04] C:\Users\sa\AppData\Roaming\dvdcss\SUPERBAD-2007122818511077-3c1dd3a3a9

[01/02/2008|18:34] C:\Users\sa\AppData\Roaming\FastStone\FSIV

[18/06/2008|19:00] C:\Users\sa\AppData\Roaming\Google\Local Search History
[03/09/2007|16:20] C:\Users\sa\AppData\Roaming\Google\GoogleEarth

[16/08/2007|23:20] C:\Users\sa\AppData\Roaming\Hewlett-Packard\HP Software UI

[17/08/2007|00:31] C:\Users\sa\AppData\Roaming\HP\QuickPlay

[16/08/2007|23:50] C:\Users\sa\AppData\Roaming\Identities\{80C424AD-4C3E-4B39-B8E4-9FCD204F4AAB}

[17/05/2008|21:51] C:\Users\sa\AppData\Roaming\InstallShield\ISEngine12.0

[22/04/2008|21:17] C:\Users\sa\AppData\Roaming\LimeWire\.AppSpecialShare
[23/02/2008|16:17] C:\Users\sa\AppData\Roaming\LimeWire\.NetworkShare
[17/08/2007|00:36] C:\Users\sa\AppData\Roaming\LimeWire\xml
[17/08/2007|00:36] C:\Users\sa\AppData\Roaming\LimeWire\themes

[14/01/2008|20:44] C:\Users\sa\AppData\Roaming\ma-config.com\Logs

[16/08/2007|23:21] C:\Users\sa\AppData\Roaming\Macromedia\Flash Player

[18/06/2008|19:48] C:\Users\sa\AppData\Roaming\MessengerSkinner\Userdata

[04/06/2008|21:31] C:\Users\sa\AppData\Roaming\Microsoft\Windows Photo Gallery
[16/05/2008|16:32] C:\Users\sa\AppData\Roaming\Microsoft\Internet Explorer
[16/05/2008|15:45] C:\Users\sa\AppData\Roaming\Microsoft\Templates
[25/04/2008|22:24] C:\Users\sa\AppData\Roaming\Microsoft\MSN Messenger
[15/04/2008|17:56] C:\Users\sa\AppData\Roaming\Microsoft\Windows Live Call
[15/04/2008|17:56] C:\Users\sa\AppData\Roaming\Microsoft\IdentityCRL
[08/04/2008|18:26] C:\Users\sa\AppData\Roaming\Microsoft\Office
[08/04/2008|11:08] C:\Users\sa\AppData\Roaming\Microsoft\eHome
[04/03/2008|19:28] C:\Users\sa\AppData\Roaming\Microsoft\Word
[26/02/2008|22:19] C:\Users\sa\AppData\Roaming\Microsoft\Installer
[04/12/2007|19:18] C:\Users\sa\AppData\Roaming\Microsoft\OneNote
[20/11/2007|19:43] C:\Users\sa\AppData\Roaming\Microsoft\Media Player
[31/10/2007|15:10] C:\Users\sa\AppData\Roaming\Microsoft\Crypto
[04/10/2007|19:42] C:\Users\sa\AppData\Roaming\Microsoft\preuve
[23/09/2007|11:40] C:\Users\sa\AppData\Roaming\Microsoft\Speech
[28/08/2007|23:54] C:\Users\sa\AppData\Roaming\Microsoft\Clip Organizer
[28/08/2007|23:53] C:\Users\sa\AppData\Roaming\Microsoft\UProof
[20/08/2007|22:36] C:\Users\sa\AppData\Roaming\Microsoft\QuickStyles
[20/08/2007|22:30] C:\Users\sa\AppData\Roaming\Microsoft\Proof
[20/08/2007|22:30] C:\Users\sa\AppData\Roaming\Microsoft\Document Building Blocks
[20/08/2007|22:30] C:\Users\sa\AppData\Roaming\Microsoft\AddIns
[17/08/2007|12:49] C:\Users\sa\AppData\Roaming\Microsoft\MMC
[17/08/2007|00:26] C:\Users\sa\AppData\Roaming\Microsoft\Windows
[16/08/2007|23:54] C:\Users\sa\AppData\Roaming\Microsoft\HTML Help
[16/08/2007|23:50] C:\Users\sa\AppData\Roaming\Microsoft\Protect
[16/08/2007|23:49] C:\Users\sa\AppData\Roaming\Microsoft\SystemCertificates
[16/08/2007|23:20] C:\Users\sa\AppData\Roaming\Microsoft\CLR Security Config
[16/08/2007|23:18] C:\Users\sa\AppData\Roaming\Microsoft\Credentials

[07/09/2007|19:25] C:\Users\sa\AppData\Roaming\Mozilla\Plugins
[19/08/2007|22:49] C:\Users\sa\AppData\Roaming\Mozilla\Firefox

[19/01/2008|14:07] C:\Users\sa\AppData\Roaming\Nero\Nero8

[07/09/2007|19:25] C:\Users\sa\AppData\Roaming\Netscape\Plugins

[29/04/2008|18:19] C:\Users\sa\AppData\Roaming\OpenOffice.org2\user

[23/08/2007|17:35] C:\Users\sa\AppData\Roaming\Photodex\Proshow Producer

[20/06/2008|13:39] C:\Users\sa\AppData\Roaming\Real\RealMediaSDK

[19/08/2007|22:49] C:\Users\sa\AppData\Roaming\Talkback\MozillaOrg

[03/12/2007|11:45] C:\Users\sa\AppData\Roaming\Ulead Systems\Ulead PhotoImpact

[05/09/2007|14:59] C:\Users\sa\AppData\Roaming\vlc\cache

[28/12/2007|15:46] C:\Users\sa\AppData\Roaming\Winamp\Plugins

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[19/02/2008 11:03][--a------] C:\Windows\tasks\Norton Security Scan.job
[20/06/2008 22:55][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A576EDAD-D526-40F1-AC3F-91A9C8B864F4}.job
[20/06/2008 23:00][--ah-----] C:\Windows\tasks\SA.DAT
[20/06/2008 22:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[18/05/2007|03:47] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[09/09/2007|19:39] C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[27/10/2007|22:46] C:\ProgramData\addr_file.html
[25/05/2008|19:34] C:\ProgramData\Adobe
[17/08/2007|11:45] C:\ProgramData\Apple
[27/08/2007|15:49] C:\ProgramData\Apple Computer
[16/08/2007|23:15] C:\ProgramData\Application Data
[18/05/2008|09:17] C:\ProgramData\Avira
[20/06/2008|22:43] C:\ProgramData\axis gram boob.70lw3
[16/08/2007|23:15] C:\ProgramData\Bureau
[18/10/2007|17:36] C:\ProgramData\CheckPoint
[25/11/2007|19:30] C:\ProgramData\CyberLink
[16/08/2007|23:15] C:\ProgramData\Documents
[05/11/2007|10:45] C:\ProgramData\eMule
[16/08/2007|23:15] C:\ProgramData\Favoris
[09/02/2008|22:16] C:\ProgramData\Google
[20/06/2008|13:13] C:\ProgramData\Google Updater
[18/05/2007|04:23] C:\ProgramData\Hewlett-Packard
[17/08/2007|00:31] C:\ProgramData\HP
[18/05/2007|03:57] C:\ProgramData\hpzinstall.log
[20/06/2008|22:43] C:\ProgramData\Knob Memo Locks
[19/01/2008|14:07] C:\ProgramData\LightScribe
[27/04/2008|22:08] C:\ProgramData\Logishrd
[05/10/2007|16:55] C:\ProgramData\Logitech
[28/10/2007|21:12] C:\ProgramData\LUUnInstall.LiveUpdate
[16/08/2007|23:15] C:\ProgramData\Menu D‚marrer
[19/06/2008|17:33] C:\ProgramData\Messenger Plus!
[18/12/2007|21:25] C:\ProgramData\Microsoft
[08/01/2008|19:32] C:\ProgramData\Microsoft Help
[16/08/2007|23:15] C:\ProgramData\ModŠles
[19/08/2007|22:48] C:\ProgramData\Mozilla
[19/01/2008|13:45] C:\ProgramData\Nero
[18/05/2007|03:28] C:\ProgramData\Roxio
[27/08/2007|15:53] C:\ProgramData\Sonic
[28/10/2007|21:15] C:\ProgramData\Symantec
[03/12/2007|11:28] C:\ProgramData\Ulead Systems
[20/06/2008|22:42] C:\ProgramData\warn default default.nms70n1
[20/06/2008|22:42] C:\ProgramData\warn default default.odg3fk

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[18/05/2007|03:47] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[25/05/2008|19:34] C:\Program Files\Adobe
[17/08/2007|12:01] C:\Program Files\Apple Software Update
[20/06/2008|13:24] C:\Program Files\AskTBar
[18/05/2008|09:17] C:\Program Files\Avira
[04/11/2007|23:28] C:\Program Files\Axon Data
[16/08/2007|23:49] C:\Program Files\Bioscrypt
[25/05/2008|19:34] C:\Program Files\Common Files
[18/06/2008|23:03] C:\Program Files\desktop.ini
[02/09/2007|11:39] C:\Program Files\DivX
[19/09/2007|15:52] C:\Program Files\EA GAMES
[18/05/2007|03:59] C:\Program Files\EasyBits
[05/11/2007|10:44] C:\Program Files\eMule
[13/10/2007|16:46] C:\Program Files\EPSON
[01/02/2008|18:31] C:\Program Files\FastStone Image Viewer
[16/08/2007|23:15] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[16/08/2007|23:49] C:\Program Files\Fingerprint Sensor
[19/01/2008|22:44] C:\Program Files\FunWebProducts
[08/01/2008|18:56] C:\Program Files\GIMP-2.0
[12/02/2008|12:07] C:\Program Files\Google
[15/06/2008|23:31] C:\Program Files\GoPets Ltd
[18/05/2007|04:17] C:\Program Files\Hewlett-Packard
[17/05/2008|22:15] C:\Program Files\HP
[18/05/2007|04:06] C:\Program Files\HPQ
[27/08/2007|15:48] C:\Program Files\illiminable
[19/01/2008|14:22] C:\Program Files\Illustrate
[17/05/2008|22:15] C:\Program Files\InstallShield Installation Information
[18/05/2007|03:09] C:\Program Files\Intel
[18/06/2008|22:48] C:\Program Files\Internet Explorer
[17/08/2007|12:03] C:\Program Files\iPod
[17/08/2007|12:03] C:\Program Files\iTunes
[09/02/2008|22:16] C:\Program Files\Java
[20/06/2008|22:42] C:\Program Files\Knob Memo Locks
[10/04/2008|22:05] C:\Program Files\KSS
[05/11/2007|10:40] C:\Program Files\LimeWire
[27/04/2008|22:08] C:\Program Files\Logitech
[14/01/2008|20:44] C:\Program Files\ma-config.com
[13/12/2007|20:41] C:\Program Files\Macrogaming
[20/06/2008|13:10] C:\Program Files\Messenger Plus! Live
[18/06/2008|19:46] C:\Program Files\MessengerSkinner
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[08/01/2008|19:22] C:\Program Files\Microsoft Office
[08/01/2008|19:24] C:\Program Files\Microsoft Visual Studio
[18/05/2007|03:46] C:\Program Files\Microsoft Works
[18/05/2007|03:45] C:\Program Files\Microsoft.NET
[18/05/2007|02:48] C:\Program Files\Motorola
[18/06/2008|22:48] C:\Program Files\Movie Maker
[06/01/2008|12:45] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[19/06/2008|16:29] C:\Program Files\MSN Adder
[19/06/2008|17:24] C:\Program Files\MSN Messenger
[19/08/2007|01:31] C:\Program Files\MSXML 4.0
[19/01/2008|13:45] C:\Program Files\Nero
[19/02/2008|11:03] C:\Program Files\Norton Security Scan
[22/04/2008|22:24] C:\Program Files\OpenOffice.org 2.4
[23/08/2007|17:35] C:\Program Files\Photodex
[20/04/2008|22:00] C:\Program Files\Picasa2
[17/08/2007|11:48] C:\Program Files\QuickTime
[18/05/2007|04:04] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/05/2007|03:28] C:\Program Files\Roxio
[18/05/2007|04:00] C:\Program Files\Services en ligne
[19/06/2008|16:16] C:\Program Files\Spyware Doctor
[28/10/2007|21:11] C:\Program Files\Symantec
[18/05/2007|02:54] C:\Program Files\Synaptics
[20/06/2008|21:54] C:\Program Files\Trend Micro
[26/02/2008|22:19] C:\Program Files\Tronics
[08/01/2008|18:55] C:\Program Files\TuxPaint
[03/12/2007|11:28] C:\Program Files\Ulead Systems
[18/01/2008|22:21] C:\Program Files\UnFREEz
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/09/2007|11:42] C:\Program Files\VideoLAN
[27/08/2007|15:49] C:\Program Files\VistaCodecPack
[08/01/2008|18:53] C:\Program Files\Winamp
[18/06/2008|22:48] C:\Program Files\Windows Calendar
[18/06/2008|22:48] C:\Program Files\Windows Collaboration
[18/06/2008|22:48] C:\Program Files\Windows Defender
[18/06/2008|22:48] C:\Program Files\Windows Journal
[19/06/2008|17:24] C:\Program Files\Windows Live
[18/06/2008|22:48] C:\Program Files\Windows Mail
[18/06/2008|22:48] C:\Program Files\Windows Media Player
[16/08/2007|23:15] C:\Program Files\Windows NT
[18/06/2008|22:48] C:\Program Files\Windows Photo Gallery
[18/06/2008|22:48] C:\Program Files\Windows Sidebar
[19/09/2007|15:34] C:\Program Files\WinRAR
[18/10/2007|17:36] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[25/05/2008|19:34] C:\Program Files\Common Files\Adobe
[17/08/2007|11:45] C:\Program Files\Common Files\Apple
[18/05/2007|03:45] C:\Program Files\Common Files\DESIGNER
[18/05/2007|03:57] C:\Program Files\Common Files\HP
[17/05/2008|22:15] C:\Program Files\Common Files\InstallShield
[18/05/2007|04:22] C:\Program Files\Common Files\Java
[18/05/2007|04:06] C:\Program Files\Common Files\LightScribe
[27/04/2008|22:09] C:\Program Files\Common Files\logishrd
[08/01/2008|19:21] C:\Program Files\Common Files\microsoft shared
[19/01/2008|13:48] C:\Program Files\Common Files\Nero
[23/08/2007|11:31] C:\Program Files\Common Files\PX Storage Engine
[18/05/2007|03:27] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[18/05/2007|03:27] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/05/2007|03:28] C:\Program Files\Common Files\SureThing Shared
[28/10/2007|21:15] C:\Program Files\Common Files\Symantec Shared
[18/06/2008|22:48] C:\Program Files\Common Files\System
[03/12/2007|11:28] C:\Program Files\Common Files\Ulead Systems

---------------------------[ Process ]--------------------------

... 88

iexplore.exe ~ [2024]

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\axis gram boob.70lw3
C:\ProgramData\warn default default.nms70n1
C:\ProgramData\warn default default.odg3fk
C:\ProgramData\axis gram boob.70lw3
C:\ProgramData\warn default default.nms70n1

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-20 23:04:12
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\Windows\System32\wbem\Performance\WmiApRpl_new.h 357 bytes
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------[ Recherche d'autres infections ]---------------------

C:\Windows\system32\nvs2.inf
C:\Users\sa\AppData\Local\xhzku_navps.dat
C:\Users\sa\AppData\Local\xhzku.exe
C:\Users\sa\AppData\Local\xhzku.dat
C:\Users\sa\AppData\Local\xhzku_nav.dat
[b]! EGDACCESS !/b

=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11Z0TTQG\crackjtm.20080504195008[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11Z0TTQG\crackjtm.20080504195154[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11Z0TTQG\crackjtm.20080504200414[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11Z0TTQG\crackjtm.20080504203620[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DWYFCF3Q\crackjtm.20080504195058[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DWYFCF3Q\crackjtm.20080504195141[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DWYFCF3Q\crackjtm.20080504200235[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DWYFCF3Q\crackjtm.20080504200414[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M2RC9WU2\crackjtm.20080504194954[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M2RC9WU2\crackjtm.20080504200614[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M2RC9WU2\crackjtm.20080504202641[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M2RC9WU2\crackjtm.20080504203620[1].jpg
=> C:\Users\sa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VXUMFKKG\crackjtm.20080504195036[1].jpg

[F:3588][D:130]-> C:\Users\sa\AppData\Local\Temp
[F:358][D:1]-> C:\Users\sa\AppData\Roaming\MICROS~1\Windows\Cookies
[F:2730][D:6]-> C:\Users\sa\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> C:\$Recycle.Bin

[ UAC => 1 ]

--------------------[ Fin du rapport a 23:06:14,81 ]----------------------
0
Utilisateur anonyme
 
1) Télécharge Malwarebytes' Anti-Malware.

*Télécharge et installe Malwarebyte's Anti-Malware
*http://www.commentcamarche.net/telecharger/telechargement 34055379 malwarebyte s anti malware
*A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK
*Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.
*Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK
*Laisse les Mises à jour se télécharger

*** Referme le programme ***

2) Redémarre en "Mode sans échec"

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm

Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

3) Scan avec Malwarebyte's Anti-Malware

*Lance Malwarebyte's Anti-Malware
*Puis vs dans l'onglet "Recherche" puis coche "Exécuter un examen complet" puis "Rechercher sélectionne tes disques durs" puis clique sur "Lancer l’examen"
*A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
*Suppression des éléments détectés >>>> clique sur Supprimer la sélection
*S'il t'es demandé de redémarrer >>> clique sur "Yes"

*--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
0
mam'z3ll Messages postés 15 Statut Membre > Utilisateur anonyme
 
Dsl sa a été un peu long :


Malwarebytes' Anti-Malware 1.18
Version de la base de données: 873

00:02:01 21/06/2008
mbam-log-6-21-2008 (00-01-56).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 178185
Temps écoulé: 39 minute(s), 11 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 22
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 19

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\Software\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MessengerSkinner (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\download (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources (Adware.EGDAccess) -> No action taken.
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\MessengerSkinner\MessengerSkinnerDll.dll (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\uninst.exe (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\download\defaultPack.cab (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\appconfig.xml (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btn.rgn (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnBnr.rgn (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnIn.rgn (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnInNormal.bmp (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnInOver.bmp (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnNormal.bmp (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnNormal.gif (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnNormalBnr.bmp (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnNormalBnr.gif (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnOver.bmp (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnOver.gif (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnOverBnr.bmp (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\btnOverBnr.gif (Adware.EGDAccess) -> No action taken.
C:\Program Files\MessengerSkinner\resources\languages_v2.xml (Adware.EGDAccess) -> No action taken.
C:\Windows\System32\nvs2.inf (Adware.EGDAccess) -> No action taken.
0
Utilisateur anonyme > mam'z3ll Messages postés 15 Statut Membre
 
Ouvre "Malwarebytes' Anti-Malware" puis "Quarantaine" puis "Tout Supprimé".
0
Réponse 3 / 3
mam'z3ll Messages postés 15 Statut Membre
 
Et voila c'est fait !!Merci beaucoup de m'avoir aider..
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses