Attaque Antivirus xp 2008 [Résolu]

Réponse 1 / 13

berliane

ce n'est aps moi qui est posté le raport précédent
Voici le bon rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:30, on 23/08/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\mp3-explorer\SystrayStarter.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: XBTP06568 Class - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\tbu25\AOL_security_toolbar.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\tbu25\AOL_security_toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: TV5 - Dictionnaires - {CEDDA62D-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\MEDIADICO\Dico TV5\MDTV5TB.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: [ mp3 - explorer ].lnk = C:\Program Files\mp3-explorer\SystrayStarter.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.09\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer l'image vers la bibliothèque - file://C:\Program Files\MGI\MGI PhotoSuite III SE\Temp\MGI00000.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.09\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe (file missing)
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Réponse 2 / 13

berliane

ce n'est aps moi qui est posté le raport précédent
Voici le bon rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:30, on 23/08/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\mp3-explorer\SystrayStarter.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: XBTP06568 Class - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\tbu25\AOL_security_toolbar.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\tbu25\AOL_security_toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: TV5 - Dictionnaires - {CEDDA62D-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\MEDIADICO\Dico TV5\MDTV5TB.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: [ mp3 - explorer ].lnk = C:\Program Files\mp3-explorer\SystrayStarter.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.09\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer l'image vers la bibliothèque - file://C:\Program Files\MGI\MGI PhotoSuite III SE\Temp\MGI00000.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.09\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe (file missing)
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Réponse 3 / 13

Utilisateur anonyme

bonjour fait ceci nous allons regarder ;-))

Télécharge sur le bureau" outil de diagnostic et reparation"

ftp://ftp.commentcamarche.com/download/HJTInstall.exe

=Double clique sur l'icone d'hijackthis pour l'instaler
=Clic Do a system scan and save the log
=Coller le rapport
si problème voir l'aide
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Réponse 4 / 13

Utilisateur anonyme

execute toolbar s & d clique : ici

selectionne l'option 1 ( option de recherche seulement , ne passe pas a l'option 2 sans notre avis )
copie et colle le rapport qui va s'afficher dans ta prochaine réponse
tu trouveras le lien de telechargement ainsi qu'une demo en images afin d'utiliser correctement l'outil

Réponse 5 / 13

berliane Messages postés 13 Date d'inscription Statut Membre Dernière intervention

bonsoir
Merci par avance de votre aide
Le rapport de toolbar que j'ai passé en mode sans echec
-----------\\ ToolBar S&D 1.1.4 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 )
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Administrateur ( Administrator )
BOOT : Fail-safe boot

"C:\ToolBar SD" ( MAJ : 24-08-2008|14:20 )
Option : [1] ( 24/08/2008|21:20 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
C:\Program Files\AskSBar\SrchAstt

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Update_Check_Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

-----------\\ Fin du rapport a 21:21:23,82

Réponse 6 / 13

Utilisateur anonyme

bonjour ok on va supprimer tout ca

# Relance Toolbar-S&D en double-cliquant sur le raccourci. saisisse "2" puis valider par Entrée.
# ! Ne ferme pas la fenêtre lors de la procédure de suppression !
# Un nouveau rapport sera généré , copie le et colle le dans ta prochaine reponse ;-)

berliane Messages postés 13 Date d'inscription Statut Membre Dernière intervention

Bonsoir chez ami
Je ne sais pas qui est SG64 mais à chaque fois il répond à ma place
Pour ma part j'ai posté mon rapport le 25/08/08
j'aimerai avoir ton analyse et tes conseils pour me sortir de ce pétrin
Merci d'avance

Réponse 7 / 13

berliane Messages postés 13 Date d'inscription Statut Membre Dernière intervention

bonsoir
j'ai passé toolbar s&d en mode sans echec
j'ai lancé l'option 2
voici le nouveau rapport

-----------\\ ToolBar S&D 1.1.4 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 )
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Administrateur ( Administrator )
BOOT : Fail-safe boot

"C:\ToolBar SD" ( MAJ : 24-08-2008|14:20 )
Option : [2] ( 25/08/2008|21:28 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskSBar\bar
Supprime! - C:\Program Files\AskSBar\SrchAstt
Supprime! - C:\Program Files\AskSBar

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Update_Check_Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

-----------\\ Fin du rapport a 21:29:32,70

Réponse 8 / 13

Utilisateur anonyme

bonsoir desoles je n'avais pas vue ta reponse

poste stp un nouveau rapport hijackthis

berliane Messages postés 13 Date d'inscription Statut Membre Dernière intervention

nouveau rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27:51, on 28/08/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\Winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\clavier\Clavier.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\mp3-explorer\SystrayStarter.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: XBTP06568 Class - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\tbu25\AOL_security_toolbar.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\tbu25\AOL_security_toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: TV5 - Dictionnaires - {CEDDA62D-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\MEDIADICO\Dico TV5\MDTV5TB.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PrestoNotes] C:\Program Files\PrestoNotes\PrestoNotes.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Clavier+] C:\Program Files\clavier\Clavier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: [ mp3 - explorer ].lnk = C:\Program Files\mp3-explorer\SystrayStarter.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 Trial\CalCheck.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.09\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer l'image vers la bibliothèque - file://C:\Program Files\MGI\MGI PhotoSuite III SE\Temp\MGI00000.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.09\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe (file missing)
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Réponse 9 / 13

Utilisateur anonyme

Télécharges Lop S&D :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

-Double clik sur sur l'.exe que tu viens de télécharger pour lancer l'instale .
-Une fois l'instalation faite, click sur le racourcci pour lancer l'outil .

Dans le menu :
#choisis l'option 1 (recherche) et valides.
ne fais pas l'option de nettoyage 2 ou 3 sans notre avis .

Une fois le scan terminer ,le Bloc-Notes contenant le rapport va s'afficher .
Postes ce rapport dans ta prochaine réponse .

Tutoriel : https://sites.google.com/site/eric71mespages/lop.sd.exe

berliane Messages postés 13 Date d'inscription Statut Membre Dernière intervention

Bonsoir mon ami
Merci de ton aide
Comme tu n'as rien préciser je n'ai passé lop en mode sans echec et voici le rapport
--------------------\\ Lop S&D 4.2.3-6 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 )
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Bernard ( Administrator )
BOOT : Normal boot

"C:\Lop SD" ( MAJ : 27-08-2008|22:40 )
Option : [1] ( 28/08/2008|21:40 )

--------------------\\ Listing des dossiers dans APPLIC~1

[06/11/2002|12:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[06/11/2002|12:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[22/10/2003|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/06/2008|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[06/11/2002|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[24/09/2006|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/03/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[17/03/2008|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[02/12/2007|09:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[20/08/2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[19/08/2008|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[06/11/2002|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[03/02/2003|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[01/07/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[12/07/2008|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pdf995
[14/02/2006|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[28/09/2004|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[09/09/2004|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[04/02/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[21/09/2004|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[28/12/2007|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[04/03/2006|22:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[25/06/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[06/11/2002|12:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[06/11/2002|12:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[28/02/2007|22:23] C:\DOCUME~1\BERNARD\APPLIC~1\.BitTornado
[07/11/2003|20:50] C:\DOCUME~1\BERNARD\APPLIC~1\123 Free Solitaire
[29/01/2006|12:31] C:\DOCUME~1\BERNARD\APPLIC~1\3M
[06/11/2002|21:13] C:\DOCUME~1\BERNARD\APPLIC~1\Adobe
[22/10/2003|22:01] C:\DOCUME~1\BERNARD\APPLIC~1\AdobeUM
[21/05/2005|21:20] C:\DOCUME~1\BERNARD\APPLIC~1\Ahead
[01/12/2007|18:21] C:\DOCUME~1\BERNARD\APPLIC~1\Anuman Interactive
[28/02/2007|22:03] C:\DOCUME~1\BERNARD\APPLIC~1\Azureus
[01/03/2007|22:41] C:\DOCUME~1\BERNARD\APPLIC~1\BitDownload
[28/02/2007|19:48] C:\DOCUME~1\BERNARD\APPLIC~1\BitTorrent
[10/11/2002|11:59] C:\DOCUME~1\BERNARD\APPLIC~1\Canon
[12/10/2004|22:37] C:\DOCUME~1\BERNARD\APPLIC~1\Corel
[06/11/2002|12:50] C:\DOCUME~1\BERNARD\APPLIC~1\desktop.ini
[20/01/2008|20:40] C:\DOCUME~1\BERNARD\APPLIC~1\DivX
[26/05/2008|18:56] C:\DOCUME~1\BERNARD\APPLIC~1\EoRezo
[22/11/2002|18:02] C:\DOCUME~1\BERNARD\APPLIC~1\FileMaker
[11/11/2003|22:20] C:\DOCUME~1\BERNARD\APPLIC~1\Free Spider TreeCardGames
[06/01/2006|20:37] C:\DOCUME~1\BERNARD\APPLIC~1\Google
[16/11/2002|19:29] C:\DOCUME~1\BERNARD\APPLIC~1\Help
[06/11/2002|13:24] C:\DOCUME~1\BERNARD\APPLIC~1\Identities
[06/03/2004|19:30] C:\DOCUME~1\BERNARD\APPLIC~1\InterVideo
[26/05/2008|19:01] C:\DOCUME~1\BERNARD\APPLIC~1\ItsLabel
[14/10/2004|20:30] C:\DOCUME~1\BERNARD\APPLIC~1\Lavasoft
[26/12/2005|17:14] C:\DOCUME~1\BERNARD\APPLIC~1\Logitech
[14/11/2003|19:39] C:\DOCUME~1\BERNARD\APPLIC~1\Macromedia
[19/08/2008|18:32] C:\DOCUME~1\BERNARD\APPLIC~1\Malwarebytes
[17/07/2006|19:32] C:\DOCUME~1\BERNARD\APPLIC~1\Media Player Classic
[06/11/2002|12:50] C:\DOCUME~1\BERNARD\APPLIC~1\Microsoft
[06/11/2002|23:32] C:\DOCUME~1\BERNARD\APPLIC~1\Microsoft Web Folders
[10/01/2008|19:06] C:\DOCUME~1\BERNARD\APPLIC~1\Mozilla
[03/02/2003|21:17] C:\DOCUME~1\BERNARD\APPLIC~1\MSN6
[24/01/2004|23:17] C:\DOCUME~1\BERNARD\APPLIC~1\Real
[10/04/2006|22:37] C:\DOCUME~1\BERNARD\APPLIC~1\SendPix
[08/03/2008|22:00] C:\DOCUME~1\BERNARD\APPLIC~1\Simple Sudoku
[09/05/2007|21:53] C:\DOCUME~1\BERNARD\APPLIC~1\SodeaSoft
[15/01/2007|20:40] C:\DOCUME~1\BERNARD\APPLIC~1\Sun
[27/09/2004|19:04] C:\DOCUME~1\BERNARD\APPLIC~1\Ulead Systems
[04/03/2006|22:09] C:\DOCUME~1\BERNARD\APPLIC~1\VadeRetro
[24/06/2007|22:28] C:\DOCUME~1\BERNARD\APPLIC~1\vlc
[18/07/2006|15:17] C:\DOCUME~1\BERNARD\APPLIC~1\Vso
[21/09/2004|19:55] C:\DOCUME~1\BERNARD\APPLIC~1\XnView

[06/11/2002|12:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[19/08/2008|19:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
[06/11/2002|12:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[28/08/2008 21:25][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][---------] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[07/09/2002|13:09] C:\Program Files\1036.lng
[07/11/2003|20:50] C:\Program Files\123 Free Solitaire
[29/01/2006|12:31] C:\Program Files\3M
[24/10/2004|22:30] C:\Program Files\a2 free
[09/05/2007|21:49] C:\Program Files\ActivTP
[07/09/2002|13:09] C:\Program Files\AdmDll.dll
[06/11/2002|21:13] C:\Program Files\Adobe
[06/11/2002|23:28] C:\Program Files\ahead
[09/05/2007|21:58] C:\Program Files\Almeza
[12/10/2005|21:48] C:\Program Files\Alwil Software
[03/11/2005|22:21] C:\Program Files\ao2000pr
[09/02/2007|22:28] C:\Program Files\AOL Security Toolbar
[03/07/2006|20:34] C:\Program Files\Apache Group
[06/11/2002|21:06] C:\Program Files\ArcSoft
[28/12/2007|22:20] C:\Program Files\Ares
[16/12/2002|19:37] C:\Program Files\AtomixMP3
[26/06/2008|22:53] C:\Program Files\Azureus
[22/11/2002|21:40] C:\Program Files\BeDeskStarter
[24/11/2003|22:16] C:\Program Files\BigPatience
[01/03/2007|22:40] C:\Program Files\BitDownload
[28/02/2007|19:48] C:\Program Files\BitTorrent
[23/03/2004|18:45] C:\Program Files\blss
[02/05/2003|21:24] C:\Program Files\Borland
[06/11/2002|21:07] C:\Program Files\Canon
[07/10/2006|23:12] C:\Program Files\CCleaner
[23/12/2007|20:59] C:\Program Files\CDex_170b2
[09/02/2007|21:22] C:\Program Files\clavier
[27/02/2004|21:43] C:\Program Files\Common Files
[06/11/2002|13:12] C:\Program Files\ComPlus Applications
[28/05/2005|16:42] C:\Program Files\CONEXANT
[06/03/2004|18:58] C:\Program Files\Creative
[08/11/2002|19:40] C:\Program Files\CyberLink
[16/11/2002|12:28] C:\Program Files\DelFin
[01/05/2003|19:03] C:\Program Files\directx
[16/11/2002|12:10] C:\Program Files\DivX
[15/09/2003|22:04] C:\Program Files\Download Express
[22/10/2003|08:37] C:\Program Files\easyphp1-7_setup.exe
[03/11/2005|21:33] C:\Program Files\ElcomSoft
[27/02/2004|22:57] C:\Program Files\eMule
[26/05/2008|18:56] C:\Program Files\EoRezo
[18/09/2002|03:28] C:\Program Files\F.msi
[12/12/2002|21:31] C:\Program Files\FeedAMP
[06/11/2002|12:51] C:\Program Files\Fichiers communs
[09/06/2004|22:13] C:\Program Files\filesubmit
[30/03/2004|20:51] C:\Program Files\FlashFXP
[11/11/2003|22:20] C:\Program Files\Free Spider
[18/08/2008|21:52] C:\Program Files\Gadwin Systems
[21/03/2006|21:46] C:\Program Files\Gem Quest
[21/12/2003|22:11] C:\Program Files\Google
[04/03/2006|22:09] C:\Program Files\Goto Software
[05/03/2006|17:36] C:\Program Files\GSpot
[06/11/2002|21:16] C:\Program Files\Hewlett-Packard
[06/11/2002|21:17] C:\Program Files\hp deskjet 980c series
[09/06/2004|22:14] C:\Program Files\IncrediFind
[03/02/2006|21:16] C:\Program Files\IncrediMail
[16/11/2002|10:33] C:\Program Files\InstallShield Installation Information
[06/03/2004|18:58] C:\Program Files\InterActual
[06/11/2002|13:13] C:\Program Files\Internet Explorer
[06/03/2004|18:58] C:\Program Files\InterVideo
[16/11/2002|12:26] C:\Program Files\ip
[17/11/2007|17:17] C:\Program Files\IrfanView
[02/05/2003|21:24] C:\Program Files\Jardin
[16/11/2002|12:31] C:\Program Files\Java
[16/11/2002|12:32] C:\Program Files\Java Web Start
[01/08/2007|21:57] C:\Program Files\K-Lite Codec Pack
[07/11/2003|20:37] C:\Program Files\Kyodai Mahjongg
[15/11/2003|19:27] C:\Program Files\Lavasoft
[02/12/2007|20:47] C:\Program Files\LiveCAD
[26/12/2005|17:12] C:\Program Files\Logitech
[09/06/2004|22:03] C:\Program Files\Logon Loader
[10/12/2007|21:05] C:\Program Files\Macro Runner
[27/11/2002|21:40] C:\Program Files\MailVox
[19/08/2008|18:32] C:\Program Files\Malwarebytes' Anti-Malware
[15/03/2005|21:48] C:\Program Files\Media Access
[04/03/2008|10:23] C:\Program Files\MediaCoder
[06/02/2008|19:38] C:\Program Files\MEDIADICO
[01/05/2003|19:02] C:\Program Files\Mega pixel Camera
[06/11/2002|13:12] C:\Program Files\Messenger
[13/02/2005|09:04] C:\Program Files\MGI
[03/05/2003|07:57] C:\Program Files\Micro Application
[06/11/2002|13:17] C:\Program Files\microsoft frontpage
[06/11/2002|23:32] C:\Program Files\Microsoft Office
[14/08/2004|00:43] C:\Program Files\Microsoft Visual Studio
[14/08/2004|00:44] C:\Program Files\Microsoft.NET
[25/01/2003|14:32] C:\Program Files\MLH
[06/11/2002|13:14] C:\Program Files\Movie Maker
[13/12/2002|21:38] C:\Program Files\MP3 Explorer
[23/04/2007|22:43] C:\Program Files\MP3 Player Utilities 4.09
[23/07/2008|21:28] C:\Program Files\mp3-explorer
[06/11/2002|13:12] C:\Program Files\MSN
[06/11/2002|13:12] C:\Program Files\MSN Gaming Zone
[01/03/2007|22:50] C:\Program Files\Multi_Media
[04/09/2004|23:10] C:\Program Files\MyDiscover
[09/03/2006|10:26] C:\Program Files\Nero
[06/11/2002|13:13] C:\Program Files\NetMeeting
[01/01/2003|17:36] C:\Program Files\Network Associates
[10/11/2005|19:29] C:\Program Files\Oh‚
[15/03/2004|21:44] C:\Program Files\On2 Technologies
[06/11/2002|13:13] C:\Program Files\Outlook Express
[02/11/2005|22:16] C:\Program Files\Passware
[12/07/2008|16:34] C:\Program Files\pdf995
[12/07/2008|16:32] C:\Program Files\PDFCreator
[12/07/2008|16:33] C:\Program Files\PDFCreator Toolbar
[26/05/2008|21:16] C:\Program Files\PhotoFiltre
[29/10/2007|21:56] C:\Program Files\Picasa2
[14/02/2006|22:08] C:\Program Files\Pinnacle
[10/04/2006|22:37] C:\Program Files\PixDiscount
[04/01/2004|22:39] C:\Program Files\Pochette Express 2
[16/04/2006|11:00] C:\Program Files\Power IE
[13/08/2006|20:59] C:\Program Files\PowerIE6
[25/10/2007|15:18] C:\Program Files\Presentersoft PowerVideoMaker
[24/10/2005|22:09] C:\Program Files\PrestoNotes
[22/11/2002|22:20] C:\Program Files\Profiles Solutions NZ
[09/05/2007|21:56] C:\Program Files\Projet1
[13/03/2008|21:14] C:\Program Files\Pure Sudoku
[09/06/2004|22:13] C:\Program Files\QuickSearch
[25/10/2004|22:31] C:\Program Files\QuickTime
[15/03/2004|21:58] C:\Program Files\RamBooster
[25/10/2004|22:33] C:\Program Files\Real
[15/03/2004|22:07] C:\Program Files\RegCleaner
[30/03/2007|21:28] C:\Program Files\RegConso
[15/02/2007|20:27] C:\Program Files\Replisting
[02/03/2008|19:13] C:\Program Files\Romain's Software
[01/07/2005|21:58] C:\Program Files\SAGEM
[02/06/2006|22:41] C:\Program Files\Scriptocean
[10/05/2008|18:56] C:\Program Files\Securitoo
[06/11/2002|13:12] C:\Program Files\Services en ligne
[12/07/2008|16:33] C:\Program Files\settings.dat
[08/03/2008|22:00] C:\Program Files\Simple Sudoku
[28/09/2004|20:39] C:\Program Files\SmartSound Software
[09/05/2007|21:53] C:\Program Files\SodeaSoft
[10/02/2007|19:28] C:\Program Files\Softwin
[21/03/2006|21:26] C:\Program Files\Sokoban
[03/09/2004|22:04] C:\Program Files\Spybot - Search & Destroy
[24/10/2004|22:29] C:\Program Files\SpywareBlaster
[13/06/2004|21:56] C:\Program Files\Stardock
[07/03/2004|23:18] C:\Program Files\StreamCast
[01/12/2007|18:20] C:\Program Files\Sweet Home 3D
[23/12/2004|18:15] C:\Program Files\ToniArts
[23/08/2008|17:54] C:\Program Files\Trend Micro
[15/03/2004|22:02] C:\Program Files\TZ Connection Booster
[28/05/2005|16:41] C:\Program Files\UIU
[21/09/2004|19:46] C:\Program Files\Ulead Systems
[06/11/2002|13:23] C:\Program Files\Uninstall Information
[24/06/2007|22:22] C:\Program Files\VideoLAN
[09/05/2007|22:11] C:\Program Files\VIP Quality Software
[07/11/2005|22:35] C:\Program Files\Visicom Media
[18/07/2006|15:17] C:\Program Files\vso
[01/07/2005|21:56] C:\Program Files\Wanadoo
[07/10/2005|21:03] C:\Program Files\Wanadoo Messager
[28/10/2006|22:26] C:\Program Files\WebCopier
[11/12/2002|22:20] C:\Program Files\Winamp
[01/07/2008|22:01] C:\Program Files\Winamp Remote
[01/07/2008|22:11] C:\Program Files\Winamp Toolbar
[28/09/2004|20:36] C:\Program Files\Windows Media Components
[06/11/2002|13:13] C:\Program Files\Windows Media Player
[06/11/2002|13:12] C:\Program Files\Windows NT
[12/10/2004|18:48] C:\Program Files\Windows SyncroAd
[23/11/2004|22:00] C:\Program Files\Windows TaskAd
[06/11/2002|13:12] C:\Program Files\WindowsUpdate
[18/04/2004|19:22] C:\Program Files\WinHTTrack
[28/10/2006|23:32] C:\Program Files\WinPcap
[06/11/2002|23:27] C:\Program Files\WinRAR
[13/05/2003|21:11] C:\Program Files\WinZip
[06/11/2002|13:17] C:\Program Files\xerox
[21/09/2004|19:55] C:\Program Files\XnView
[07/10/2006|23:12] C:\Program Files\Yahoo!
[10/11/2002|20:54] C:\Program Files\Zero G Registry
[24/08/2008|22:39] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[06/11/2002|21:13] C:\Program Files\Fichiers communs\Adobe
[09/03/2006|10:26] C:\Program Files\Fichiers communs\Ahead
[04/02/2008|21:49] C:\Program Files\Fichiers communs\Application
[06/11/2002|21:07] C:\Program Files\Fichiers communs\Caere
[14/08/2004|00:44] C:\Program Files\Fichiers communs\DESIGNER
[06/11/2002|23:39] C:\Program Files\Fichiers communs\InstallShield
[06/03/2004|18:58] C:\Program Files\Fichiers communs\InterVideo
[15/01/2007|20:22] C:\Program Files\Fichiers communs\Java
[26/12/2005|17:12] C:\Program Files\Fichiers communs\Logitech
[13/02/2005|09:04] C:\Program Files\Fichiers communs\MGI Shared
[06/11/2002|12:51] C:\Program Files\Fichiers communs\Microsoft Shared
[06/11/2002|13:13] C:\Program Files\Fichiers communs\MSSoap
[06/11/2002|12:51] C:\Program Files\Fichiers communs\ODBC
[03/07/2006|20:36] C:\Program Files\Fichiers communs\PC SOFT
[24/01/2004|23:17] C:\Program Files\Fichiers communs\Real
[06/11/2002|13:13] C:\Program Files\Fichiers communs\Services
[10/02/2007|19:28] C:\Program Files\Fichiers communs\Softwin
[06/11/2002|12:51] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2004|21:56] C:\Program Files\Fichiers communs\Stardock
[06/11/2002|13:13] C:\Program Files\Fichiers communs\System
[21/09/2004|19:49] C:\Program Files\Fichiers communs\Ulead Systems
[02/12/2007|09:31] C:\Program Files\Fichiers communs\Wise Installation Wizard
[11/11/2007|18:50] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 45 Processus )

iexplore.exe ~ [PID:916]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\WINDOWS\system32\drivers\etc\hosts.bho
C:\DOCUME~1\Bernard\APPLIC~1\BitDownload
C:\DOCUME~1\Bernard\APPLIC~1\BitDownload\Data
C:\Program Files\BitDownload
C:\Program Files\BitDownload\BitDownload.TRC
C:\Program Files\Multi_Media
C:\Program Files\Multi_Media\INSTALL.LOG
C:\Program Files\Multi_Media\LocalSettings.txt
C:\Program Files\Multi_Media\RadioPlayer
C:\Program Files\Multi_Media\LanguagePack.xml
C:\Program Files\Multi_Media\ThirdPartyComponents.xml
C:\Program Files\Multi_Media\update.xml
C:\Program Files\Multi_Media\tbMul1.dll
C:\Program Files\Multi_Media\UNWISE.EXE
C:\Program Files\Multi_Media\toolbar.cfg
C:\Program Files\Multi_Media\tbMult.dll

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-28 21:41:40
Windows 5.1.2600 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Antivirus XP 2008

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\BERNARD\Favoris\crak\H.L.M. CRACKS.url
C:\DOCUME~1\BERNARD\Favoris\crak\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url
C:\DOCUME~1\BERNARD\Favoris\crak\DownloadsCracks et logiciels chez Abdou Wahab alias SNSOFTKILLER.url
C:\DOCUME~1\BERNARD\Favoris\crak\Crack.url
C:\DOCUME~1\BERNARD\Favoris\crak\Rechercher un crack www.zikmax.fr.st.url
C:\DOCUME~1\BERNARD\Favoris\crak\Cracks Malele.url
C:\DOCUME~1\BERNARD\Application Data\Azureus\torrents\TomTom_Navigator_5.000_(4890)___Crack_for_PocketPC.3353455.TPB.torrent
C:\DOCUME~1\BERNARD\Application Data\Azureus\torrents\[www[1][1].Dl-torrent.com]Tomtom 5.21 FR + crack pour ppc.torrent

[F:52][D:9]-> C:\DOCUME~1\Bernard\LOCALS~1\Temp
[F:69][D:0]-> C:\DOCUME~1\Bernard\Cookies
[F:3684][D:4]-> C:\DOCUME~1\Bernard\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

--------------------\\ Fin du rapport a 21:42:21

Réponse 10 / 13

Utilisateur anonyme

parfait ,

relance lLop S&D

* Cette fois ci selectionne l'option 2
* Le menu démarrer et les icônes vont à nouveau disparaître.. c'est normal.
* Le nettoyage va prendre quelques minutes...
* Une fois l'opération terminée, le rapport de nettoyage s'ouvre.
* Copie et colle le rapport dans ta prochaine reponse .

berliane Messages postés 13 Date d'inscription Statut Membre Dernière intervention

--------------------\\ Lop S&D 4.2.3-6 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 )
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Bernard ( Administrator )
BOOT : Normal boot

"C:\Lop SD" ( MAJ : 27-08-2008|22:40 )
Option : [2] ( 28/08/2008|21:53 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\WINDOWS\system32\drivers\etc\hosts.bho
Supprime! - C:\DOCUME~1\Bernard\APPLIC~1\BitDownload\Data
Supprime! - C:\Program Files\BitDownload\BitDownload.TRC
Supprime! - C:\Program Files\Multi_Media\INSTALL.LOG
Supprime! - C:\Program Files\Multi_Media\LocalSettings.txt
Supprime! - C:\Program Files\Multi_Media\RadioPlayer
Supprime! - C:\Program Files\Multi_Media\LanguagePack.xml
Supprime! - C:\Program Files\Multi_Media\ThirdPartyComponents.xml
Supprime! - C:\Program Files\Multi_Media\update.xml
Echec ! - C:\Program Files\Multi_Media\tbMul1.dll
Supprime! - C:\Program Files\Multi_Media\UNWISE.EXE
Supprime! - C:\Program Files\Multi_Media\toolbar.cfg
Supprime! - C:\Program Files\Multi_Media\tbMult.dll
Supprime! - C:\DOCUME~1\Bernard\APPLIC~1\BitDownload
Supprime! - C:\Program Files\BitDownload
Echec ! - C:\Program Files\Multi_Media

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE

Echec ! - C:\Program Files\Multi_Media\tbMul1.dll
Echec ! - C:\Program Files\Multi_Media

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[06/11/2002|12:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[06/11/2002|12:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[22/10/2003|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/06/2008|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[06/11/2002|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[24/09/2006|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/03/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[17/03/2008|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[02/12/2007|09:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[20/08/2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[19/08/2008|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[06/11/2002|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[03/02/2003|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[01/07/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[12/07/2008|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pdf995
[14/02/2006|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[28/09/2004|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[09/09/2004|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[04/02/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[21/09/2004|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[28/12/2007|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[04/03/2006|22:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[25/06/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[06/11/2002|12:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[06/11/2002|12:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[28/02/2007|22:23] C:\DOCUME~1\BERNARD\APPLIC~1\.BitTornado
[07/11/2003|20:50] C:\DOCUME~1\BERNARD\APPLIC~1\123 Free Solitaire
[29/01/2006|12:31] C:\DOCUME~1\BERNARD\APPLIC~1\3M
[06/11/2002|21:13] C:\DOCUME~1\BERNARD\APPLIC~1\Adobe
[22/10/2003|22:01] C:\DOCUME~1\BERNARD\APPLIC~1\AdobeUM
[21/05/2005|21:20] C:\DOCUME~1\BERNARD\APPLIC~1\Ahead
[01/12/2007|18:21] C:\DOCUME~1\BERNARD\APPLIC~1\Anuman Interactive
[28/02/2007|22:03] C:\DOCUME~1\BERNARD\APPLIC~1\Azureus
[28/02/2007|19:48] C:\DOCUME~1\BERNARD\APPLIC~1\BitTorrent
[10/11/2002|11:59] C:\DOCUME~1\BERNARD\APPLIC~1\Canon
[12/10/2004|22:37] C:\DOCUME~1\BERNARD\APPLIC~1\Corel
[06/11/2002|12:50] C:\DOCUME~1\BERNARD\APPLIC~1\desktop.ini
[20/01/2008|20:40] C:\DOCUME~1\BERNARD\APPLIC~1\DivX
[26/05/2008|18:56] C:\DOCUME~1\BERNARD\APPLIC~1\EoRezo
[22/11/2002|18:02] C:\DOCUME~1\BERNARD\APPLIC~1\FileMaker
[11/11/2003|22:20] C:\DOCUME~1\BERNARD\APPLIC~1\Free Spider TreeCardGames
[06/01/2006|20:37] C:\DOCUME~1\BERNARD\APPLIC~1\Google
[16/11/2002|19:29] C:\DOCUME~1\BERNARD\APPLIC~1\Help
[06/11/2002|13:24] C:\DOCUME~1\BERNARD\APPLIC~1\Identities
[06/03/2004|19:30] C:\DOCUME~1\BERNARD\APPLIC~1\InterVideo
[26/05/2008|19:01] C:\DOCUME~1\BERNARD\APPLIC~1\ItsLabel
[14/10/2004|20:30] C:\DOCUME~1\BERNARD\APPLIC~1\Lavasoft
[26/12/2005|17:14] C:\DOCUME~1\BERNARD\APPLIC~1\Logitech
[14/11/2003|19:39] C:\DOCUME~1\BERNARD\APPLIC~1\Macromedia
[19/08/2008|18:32] C:\DOCUME~1\BERNARD\APPLIC~1\Malwarebytes
[17/07/2006|19:32] C:\DOCUME~1\BERNARD\APPLIC~1\Media Player Classic
[06/11/2002|12:50] C:\DOCUME~1\BERNARD\APPLIC~1\Microsoft
[06/11/2002|23:32] C:\DOCUME~1\BERNARD\APPLIC~1\Microsoft Web Folders
[10/01/2008|19:06] C:\DOCUME~1\BERNARD\APPLIC~1\Mozilla
[03/02/2003|21:17] C:\DOCUME~1\BERNARD\APPLIC~1\MSN6
[24/01/2004|23:17] C:\DOCUME~1\BERNARD\APPLIC~1\Real
[10/04/2006|22:37] C:\DOCUME~1\BERNARD\APPLIC~1\SendPix
[08/03/2008|22:00] C:\DOCUME~1\BERNARD\APPLIC~1\Simple Sudoku
[09/05/2007|21:53] C:\DOCUME~1\BERNARD\APPLIC~1\SodeaSoft
[15/01/2007|20:40] C:\DOCUME~1\BERNARD\APPLIC~1\Sun
[27/09/2004|19:04] C:\DOCUME~1\BERNARD\APPLIC~1\Ulead Systems
[04/03/2006|22:09] C:\DOCUME~1\BERNARD\APPLIC~1\VadeRetro
[24/06/2007|22:28] C:\DOCUME~1\BERNARD\APPLIC~1\vlc
[18/07/2006|15:17] C:\DOCUME~1\BERNARD\APPLIC~1\Vso
[21/09/2004|19:55] C:\DOCUME~1\BERNARD\APPLIC~1\XnView

[06/11/2002|12:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[19/08/2008|19:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
[06/11/2002|12:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[28/08/2008 21:25][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][---------] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[07/09/2002|13:09] C:\Program Files\1036.lng
[07/11/2003|20:50] C:\Program Files\123 Free Solitaire
[29/01/2006|12:31] C:\Program Files\3M
[24/10/2004|22:30] C:\Program Files\a2 free
[09/05/2007|21:49] C:\Program Files\ActivTP
[07/09/2002|13:09] C:\Program Files\AdmDll.dll
[06/11/2002|21:13] C:\Program Files\Adobe
[06/11/2002|23:28] C:\Program Files\ahead
[09/05/2007|21:58] C:\Program Files\Almeza
[12/10/2005|21:48] C:\Program Files\Alwil Software
[03/11/2005|22:21] C:\Program Files\ao2000pr
[09/02/2007|22:28] C:\Program Files\AOL Security Toolbar
[03/07/2006|20:34] C:\Program Files\Apache Group
[06/11/2002|21:06] C:\Program Files\ArcSoft
[28/12/2007|22:20] C:\Program Files\Ares
[16/12/2002|19:37] C:\Program Files\AtomixMP3
[26/06/2008|22:53] C:\Program Files\Azureus
[22/11/2002|21:40] C:\Program Files\BeDeskStarter
[24/11/2003|22:16] C:\Program Files\BigPatience
[28/02/2007|19:48] C:\Program Files\BitTorrent
[23/03/2004|18:45] C:\Program Files\blss
[02/05/2003|21:24] C:\Program Files\Borland
[06/11/2002|21:07] C:\Program Files\Canon
[07/10/2006|23:12] C:\Program Files\CCleaner
[23/12/2007|20:59] C:\Program Files\CDex_170b2
[09/02/2007|21:22] C:\Program Files\clavier
[27/02/2004|21:43] C:\Program Files\Common Files
[06/11/2002|13:12] C:\Program Files\ComPlus Applications
[28/05/2005|16:42] C:\Program Files\CONEXANT
[06/03/2004|18:58] C:\Program Files\Creative
[08/11/2002|19:40] C:\Program Files\CyberLink
[16/11/2002|12:28] C:\Program Files\DelFin
[01/05/2003|19:03] C:\Program Files\directx
[16/11/2002|12:10] C:\Program Files\DivX
[15/09/2003|22:04] C:\Program Files\Download Express
[22/10/2003|08:37] C:\Program Files\easyphp1-7_setup.exe
[03/11/2005|21:33] C:\Program Files\ElcomSoft
[27/02/2004|22:57] C:\Program Files\eMule
[26/05/2008|18:56] C:\Program Files\EoRezo
[18/09/2002|03:28] C:\Program Files\F.msi
[12/12/2002|21:31] C:\Program Files\FeedAMP
[06/11/2002|12:51] C:\Program Files\Fichiers communs
[09/06/2004|22:13] C:\Program Files\filesubmit
[30/03/2004|20:51] C:\Program Files\FlashFXP
[11/11/2003|22:20] C:\Program Files\Free Spider
[18/08/2008|21:52] C:\Program Files\Gadwin Systems
[21/03/2006|21:46] C:\Program Files\Gem Quest
[21/12/2003|22:11] C:\Program Files\Google
[04/03/2006|22:09] C:\Program Files\Goto Software
[05/03/2006|17:36] C:\Program Files\GSpot
[06/11/2002|21:16] C:\Program Files\Hewlett-Packard
[06/11/2002|21:17] C:\Program Files\hp deskjet 980c series
[09/06/2004|22:14] C:\Program Files\IncrediFind
[03/02/2006|21:16] C:\Program Files\IncrediMail
[16/11/2002|10:33] C:\Program Files\InstallShield Installation Information
[06/03/2004|18:58] C:\Program Files\InterActual
[06/11/2002|13:13] C:\Program Files\Internet Explorer
[06/03/2004|18:58] C:\Program Files\InterVideo
[16/11/2002|12:26] C:\Program Files\ip
[17/11/2007|17:17] C:\Program Files\IrfanView
[02/05/2003|21:24] C:\Program Files\Jardin
[16/11/2002|12:31] C:\Program Files\Java
[16/11/2002|12:32] C:\Program Files\Java Web Start
[01/08/2007|21:57] C:\Program Files\K-Lite Codec Pack
[07/11/2003|20:37] C:\Program Files\Kyodai Mahjongg
[15/11/2003|19:27] C:\Program Files\Lavasoft
[02/12/2007|20:47] C:\Program Files\LiveCAD
[26/12/2005|17:12] C:\Program Files\Logitech
[09/06/2004|22:03] C:\Program Files\Logon Loader
[10/12/2007|21:05] C:\Program Files\Macro Runner
[27/11/2002|21:40] C:\Program Files\MailVox
[19/08/2008|18:32] C:\Program Files\Malwarebytes' Anti-Malware
[15/03/2005|21:48] C:\Program Files\Media Access
[04/03/2008|10:23] C:\Program Files\MediaCoder
[06/02/2008|19:38] C:\Program Files\MEDIADICO
[01/05/2003|19:02] C:\Program Files\Mega pixel Camera
[06/11/2002|13:12] C:\Program Files\Messenger
[13/02/2005|09:04] C:\Program Files\MGI
[03/05/2003|07:57] C:\Program Files\Micro Application
[06/11/2002|13:17] C:\Program Files\microsoft frontpage
[06/11/2002|23:32] C:\Program Files\Microsoft Office
[14/08/2004|00:43] C:\Program Files\Microsoft Visual Studio
[14/08/2004|00:44] C:\Program Files\Microsoft.NET
[25/01/2003|14:32] C:\Program Files\MLH
[06/11/2002|13:14] C:\Program Files\Movie Maker
[13/12/2002|21:38] C:\Program Files\MP3 Explorer
[23/04/2007|22:43] C:\Program Files\MP3 Player Utilities 4.09
[23/07/2008|21:28] C:\Program Files\mp3-explorer
[06/11/2002|13:12] C:\Program Files\MSN
[06/11/2002|13:12] C:\Program Files\MSN Gaming Zone
[01/03/2007|22:50] C:\Program Files\Multi_Media
[04/09/2004|23:10] C:\Program Files\MyDiscover
[09/03/2006|10:26] C:\Program Files\Nero
[06/11/2002|13:13] C:\Program Files\NetMeeting
[01/01/2003|17:36] C:\Program Files\Network Associates
[10/11/2005|19:29] C:\Program Files\Oh‚
[15/03/2004|21:44] C:\Program Files\On2 Technologies
[06/11/2002|13:13] C:\Program Files\Outlook Express
[02/11/2005|22:16] C:\Program Files\Passware
[12/07/2008|16:34] C:\Program Files\pdf995
[12/07/2008|16:32] C:\Program Files\PDFCreator
[12/07/2008|16:33] C:\Program Files\PDFCreator Toolbar
[26/05/2008|21:16] C:\Program Files\PhotoFiltre
[29/10/2007|21:56] C:\Program Files\Picasa2
[14/02/2006|22:08] C:\Program Files\Pinnacle
[10/04/2006|22:37] C:\Program Files\PixDiscount
[04/01/2004|22:39] C:\Program Files\Pochette Express 2
[16/04/2006|11:00] C:\Program Files\Power IE
[13/08/2006|20:59] C:\Program Files\PowerIE6
[25/10/2007|15:18] C:\Program Files\Presentersoft PowerVideoMaker
[24/10/2005|22:09] C:\Program Files\PrestoNotes
[22/11/2002|22:20] C:\Program Files\Profiles Solutions NZ
[09/05/2007|21:56] C:\Program Files\Projet1
[13/03/2008|21:14] C:\Program Files\Pure Sudoku
[09/06/2004|22:13] C:\Program Files\QuickSearch
[25/10/2004|22:31] C:\Program Files\QuickTime
[15/03/2004|21:58] C:\Program Files\RamBooster
[25/10/2004|22:33] C:\Program Files\Real
[15/03/2004|22:07] C:\Program Files\RegCleaner
[30/03/2007|21:28] C:\Program Files\RegConso
[15/02/2007|20:27] C:\Program Files\Replisting
[02/03/2008|19:13] C:\Program Files\Romain's Software
[01/07/2005|21:58] C:\Program Files\SAGEM
[02/06/2006|22:41] C:\Program Files\Scriptocean
[10/05/2008|18:56] C:\Program Files\Securitoo
[06/11/2002|13:12] C:\Program Files\Services en ligne
[12/07/2008|16:33] C:\Program Files\settings.dat
[08/03/2008|22:00] C:\Program Files\Simple Sudoku
[28/09/2004|20:39] C:\Program Files\SmartSound Software
[09/05/2007|21:53] C:\Program Files\SodeaSoft
[10/02/2007|19:28] C:\Program Files\Softwin
[21/03/2006|21:26] C:\Program Files\Sokoban
[03/09/2004|22:04] C:\Program Files\Spybot - Search & Destroy
[24/10/2004|22:29] C:\Program Files\SpywareBlaster
[13/06/2004|21:56] C:\Program Files\Stardock
[07/03/2004|23:18] C:\Program Files\StreamCast
[01/12/2007|18:20] C:\Program Files\Sweet Home 3D
[23/12/2004|18:15] C:\Program Files\ToniArts
[23/08/2008|17:54] C:\Program Files\Trend Micro
[15/03/2004|22:02] C:\Program Files\TZ Connection Booster
[28/05/2005|16:41] C:\Program Files\UIU
[21/09/2004|19:46] C:\Program Files\Ulead Systems
[06/11/2002|13:23] C:\Program Files\Uninstall Information
[24/06/2007|22:22] C:\Program Files\VideoLAN
[09/05/2007|22:11] C:\Program Files\VIP Quality Software
[07/11/2005|22:35] C:\Program Files\Visicom Media
[18/07/2006|15:17] C:\Program Files\vso
[01/07/2005|21:56] C:\Program Files\Wanadoo
[07/10/2005|21:03] C:\Program Files\Wanadoo Messager
[28/10/2006|22:26] C:\Program Files\WebCopier
[11/12/2002|22:20] C:\Program Files\Winamp
[01/07/2008|22:01] C:\Program Files\Winamp Remote
[01/07/2008|22:11] C:\Program Files\Winamp Toolbar
[28/09/2004|20:36] C:\Program Files\Windows Media Components
[06/11/2002|13:13] C:\Program Files\Windows Media Player
[06/11/2002|13:12] C:\Program Files\Windows NT
[12/10/2004|18:48] C:\Program Files\Windows SyncroAd
[23/11/2004|22:00] C:\Program Files\Windows TaskAd
[06/11/2002|13:12] C:\Program Files\WindowsUpdate
[18/04/2004|19:22] C:\Program Files\WinHTTrack
[28/10/2006|23:32] C:\Program Files\WinPcap
[06/11/2002|23:27] C:\Program Files\WinRAR
[13/05/2003|21:11] C:\Program Files\WinZip
[06/11/2002|13:17] C:\Program Files\xerox
[21/09/2004|19:55] C:\Program Files\XnView
[07/10/2006|23:12] C:\Program Files\Yahoo!
[10/11/2002|20:54] C:\Program Files\Zero G Registry
[24/08/2008|22:39] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[06/11/2002|21:13] C:\Program Files\Fichiers communs\Adobe
[09/03/2006|10:26] C:\Program Files\Fichiers communs\Ahead
[04/02/2008|21:49] C:\Program Files\Fichiers communs\Application
[06/11/2002|21:07] C:\Program Files\Fichiers communs\Caere
[14/08/2004|00:44] C:\Program Files\Fichiers communs\DESIGNER
[06/11/2002|23:39] C:\Program Files\Fichiers communs\InstallShield
[06/03/2004|18:58] C:\Program Files\Fichiers communs\InterVideo
[15/01/2007|20:22] C:\Program Files\Fichiers communs\Java
[26/12/2005|17:12] C:\Program Files\Fichiers communs\Logitech
[13/02/2005|09:04] C:\Program Files\Fichiers communs\MGI Shared
[06/11/2002|12:51] C:\Program Files\Fichiers communs\Microsoft Shared
[06/11/2002|13:13] C:\Program Files\Fichiers communs\MSSoap
[06/11/2002|12:51] C:\Program Files\Fichiers communs\ODBC
[03/07/2006|20:36] C:\Program Files\Fichiers communs\PC SOFT
[24/01/2004|23:17] C:\Program Files\Fichiers communs\Real
[06/11/2002|13:13] C:\Program Files\Fichiers communs\Services
[10/02/2007|19:28] C:\Program Files\Fichiers communs\Softwin
[06/11/2002|12:51] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2004|21:56] C:\Program Files\Fichiers communs\Stardock
[06/11/2002|13:13] C:\Program Files\Fichiers communs\System
[21/09/2004|19:49] C:\Program Files\Fichiers communs\Ulead Systems
[02/12/2007|09:31] C:\Program Files\Fichiers communs\Wise Installation Wizard
[11/11/2007|18:50] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 44 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\Program Files\Multi_Media
C:\Program Files\Multi_Media\tbMul1.dll

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-28 21:54:31
Windows 5.1.2600 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Antivirus XP 2008

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\BERNARD\Favoris\crak\H.L.M. CRACKS.url
C:\DOCUME~1\BERNARD\Favoris\crak\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url
C:\DOCUME~1\BERNARD\Favoris\crak\DownloadsCracks et logiciels chez Abdou Wahab alias SNSOFTKILLER.url
C:\DOCUME~1\BERNARD\Favoris\crak\Crack.url
C:\DOCUME~1\BERNARD\Favoris\crak\Rechercher un crack www.zikmax.fr.st.url
C:\DOCUME~1\BERNARD\Favoris\crak\Cracks Malele.url
C:\DOCUME~1\BERNARD\Application Data\Azureus\torrents\TomTom_Navigator_5.000_(4890)___Crack_for_PocketPC.3353455.TPB.torrent
C:\DOCUME~1\BERNARD\Application Data\Azureus\torrents\[www[1][1].Dl-torrent.com]Tomtom 5.21 FR + crack pour ppc.torrent

[F:53][D:9]-> C:\DOCUME~1\Bernard\LOCALS~1\Temp
[F:69][D:0]-> C:\DOCUME~1\Bernard\Cookies
[F:3694][D:4]-> C:\DOCUME~1\Bernard\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

--------------------\\ Fin du rapport a 21:55:01

Réponse 11 / 13

Utilisateur anonyme

wahoo touts tes cracks sont infectés !!!

voici la suite de la manip , mais tu dois dire adieu a tes cracks tout tes soucis viennent d'ailleurs d'ici

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of standard Files/Folders to be moved.

Citation :

C:\Program Files\Multi_Media
C:\Program Files\Multi_Media\tbMul1.dll
C:\DOCUME~1\BERNARD\Favoris\crak\H.L.M. CRACKS.url
C:\DOCUME~1\BERNARD\Favoris\crak\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url
C:\DOCUME~1\BERNARD\Favoris\crak\DownloadsCracks et logiciels chez Abdou Wahab alias SNSOFTKILLER.url
C:\DOCUME~1\BERNARD\Favoris\crak\Crack.url
C:\DOCUME~1\BERNARD\Favoris\crak\Rechercher un crack www.zikmax.fr.st.url
C:\DOCUME~1\BERNARD\Favoris\crak\Cracks Malele.url
C:\DOCUME~1\BERNARD\Application Data\Azureus\torrents\TomTom_Navigator_5.000_(4890)___Crack_for_PocketPC.3353455.TPB.torrent
C:\DOCUME~1\BERNARD\Application Data\Azureus\torrents\[www[1][1].Dl-torrent.com]Tomtom 5.21 FR + crack pour ppc.torrent

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
copie et colle le rapport ici
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

ensuite malwarebytes devrait venir a bout de toutes les saletées qui polluent ton pc

1)
Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

2)
Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton bureau à partir de ce lien :

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

3)
A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

4)
Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

5)
Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

6)
MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

7)
Dans l'onglet analyse, selectionne analyse complete et clique sur le bouton Rechercher pour démarrer l'analyse.

8)
MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

10)
Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

11)
MBAM va ouvrir le bloc-notes et y copier le rapport d'analyse afin de le poster entier sur le forum . Ferme le bloc-note. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

12)
Ferme MBAM en cliquant sur Quitter.

Réponse 12 / 13

Utilisateur anonyme

edit lien ne fonctionne pas http://www.commentcamarche.net/forum/affich 8042375 attaque antivirus xp 2008#23

berliane Messages postés 13 Date d'inscription Statut Membre Dernière intervention

explique moi ce que tu veux que je fasse dans ton dernier message je ne sais pas ce que veut dire edit lien ne fonctionne pas ......
merci
J'ai imprimé les manip que tu me dis de faire dans ton avant dernière réponse

Réponse 13 / 13

Utilisateur anonyme

c'est pas grave execute le poste 23 ;-)

berliane Messages postés 13 Date d'inscription Statut Membre Dernière intervention

Merci mon ami
J'ai retrouvé mon panneau de configuration avec tous les onglets
J'ai pu ainsi grace à toi remettre en fond d'écran mon chien qui est mort il y a trois mois que que j'avais depuis 17 ans
Merci de tout coeur
@+

Attaque Antivirus xp 2008

13 réponses

Votre réponse

Discussions similaires