Sujet Précédent Sujet Suivant

3.tmp

ricou -  
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour,
j'ai un programme anti virus qui me propose ses services sans arret sous firefox (antivirus 2008 XP). Mon antivirus symantec localise un virus 3.tmp (virus downloader) mais n'arrive pas à s'en debarasser. Que dois je faire? Merci de votre aide
A voir également:

12 réponses

Réponse 1 / 12
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Salut,

---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
0
ricoule nul Messages postés 4 Statut Membre
 
c'est quoi MBAM?
0
ricoule nul Messages postés 4 Statut Membre
 
voila :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:04:51, on 29/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\WinTV\EPGSER~1\System\EPGCLI~1.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Propriétaire\Mes documents\EMMANUELLE\iPod\bin\iPodService.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\3.tmp
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = free.fr:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\^%^ ^^ ^ %^%%%%%%^^^% ^%^ ^^^%%^^^ .exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\EX9QRAPG\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [MNI.UWFX5V_0001_LP1710] "C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\1KK3XTSL\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_N57M1412] "C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\K9UF89YB\WinFixer2005ScannerInstallFRA[1].exe" -nag
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ooze build meow locks] C:\Documents and Settings\All Users\Application Data\soft dead ooze build\MapiWay.exe
O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPGSER~1\System\EPGCLI~1.EXE /Minimize
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Flash Media] C:\WINDOWS\system32\^%^ ^^ ^ %^%%%%%%^^^% ^%^ ^^^%%^^^ .exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [MultiDate] C:\DOCUME~1\PROPRI~1\APPLIC~1\PROGRA~1\MAGS THIRD.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WinTouch] C:\Documents and Settings\Propriétaire\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [Eroca] C:\Program Files\Eroca\Eroca.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: pushow29.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Documents and Settings\Propriétaire\Mes documents\EMMANUELLE\iPod\bin\iPodService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
0
Réponse 2 / 12
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
MalwareByte's Anti-Malware
0
Réponse 3 / 12
ricoule nul Messages postés 4 Statut Membre
 
voila c'est fait :
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1093
Windows 5.1.2600 Service Pack 2

01:42:04 29/08/2008
mbam-log-08-29-2008 (01-41-45).txt

Type de recherche: Examen rapide
Eléments examinés: 53031
Temps écoulé: 7 minute(s), 12 second(s)

Processus mémoire infecté(s): 6
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 47
Valeur(s) du Registre infectée(s): 11
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 26
Fichier(s) infecté(s): 34

Processus mémoire infecté(s):
C:\WINDOWS\faceback.exe (Trojan.Agent) -> No action taken.
C:\Program Files\Sakora\Sakora.exe (Trojan.Agent) -> No action taken.
C:\Program Files\GetPack\GetPack20.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\setup135.exe (Rogue.Installer) -> No action taken.
C:\Program Files\VnrBlock\VnrBlock20.exe (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\av2008xp.exe (Rogue.XPAntivirus) -> No action taken.

Module(s) mémoire infecté(s):
C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> No action taken.
C:\Documents and Settings\All Users\Application Data\services\services.dll (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32\msvbcr40.dll (Trojan.BHO) -> No action taken.
C:\Program Files\Webtools\webtools.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\cablerouting.cablerouting (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\cablerouting.cablerouting.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\msvbcr40.msvbcr40 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\msvbcr40.msvbcr40.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bannerstyle (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\icheck (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\GetModule (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\GetPack (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webtools (Malware.Trace) -> No action taken.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\SoftLand Ltd (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinTouch (Adware.WinPop) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\WinTouch (Adware.WinPop) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1638003f-5d49-de71-6a70-73c9785547a6} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1638003f-5d49-de71-6a70-73c9785547a6} (Adware.BHO) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sakora (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\getpack20 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\somefox (Rogue.Installer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vnrblock20 (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\s9201 (Rogue.XPAntivirus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\getmodule19 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\getpack19 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mjc (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{0e8453c0-78b4-6d00-2bb2-3565f575262e} (Trojan.FakeAlert) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\InetGet2 (Trojan.Downloader) -> No action taken.
C:\Program Files\Inet_Get_2 (Trojan.Downloader) -> No action taken.
C:\Program Files\Temporary (Trojan.Agent) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd (Rogue.XPAntivirus) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP (Rogue.XPAntivirus) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\BASE (Rogue.XPAntivirus) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\DELETED (Rogue.XPAntivirus) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG (Rogue.XPAntivirus) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\SAVED (Rogue.XPAntivirus) -> No action taken.
C:\Program Files\Montorgueil (Dialer) -> No action taken.
C:\Program Files\Montorgueil\beurette_sodo.avi (Dialer) -> No action taken.
C:\Program Files\CPV (Trojan.Downloader) -> No action taken.
C:\Program Files\MyWay (Adware.MyWay) -> No action taken.
C:\Program Files\MyWay\myBar (Adware.MyWay) -> No action taken.
C:\Program Files\MyWay\myBar\1.bin (Adware.MyWay) -> No action taken.
C:\Program Files\MyWay\myBar\History (Adware.MyWay) -> No action taken.
C:\Program Files\MyWay\myBar\Settings (Adware.MyWay) -> No action taken.
C:\Program Files\Webtools (Trojan.Agent) -> No action taken.
C:\Program Files\VnrBlock (Trojan.Agent) -> No action taken.
C:\Program Files\Spcron (Trojan.Agent) -> No action taken.
C:\Program Files\Sakora (Trojan.Agent) -> No action taken.
C:\Program Files\GetPack (Trojan.Agent) -> No action taken.
C:\Program Files\iCheck (Trojan.Agent) -> No action taken.
C:\Program Files\GetModule (Trojan.Agent) -> No action taken.
C:\Program Files\Mjcore (Trojan.BHO) -> No action taken.
C:\Documents and Settings\Propriétaire\Application Data\WinTouch (Adware.WinPop) -> No action taken.

Fichier(s) infecté(s):
C:\WINDOWS\faceback.exe (Trojan.Agent) -> No action taken.
C:\Program Files\Sakora\Sakora.exe (Trojan.Agent) -> No action taken.
C:\Program Files\GetPack\GetPack20.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\setup135.exe (Rogue.Installer) -> No action taken.
C:\Program Files\VnrBlock\VnrBlock20.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> No action taken.
C:\Documents and Settings\All Users\Application Data\services\services.dll (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32\msvbcr40.dll (Trojan.BHO) -> No action taken.
C:\Program Files\Webtools\webtools.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\b148.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\scqbpmlvuasorgbx.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\av2008xp.exe (Rogue.XPAntivirus) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080827210322827.log (Rogue.XPAntivirus) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080828121438734.log (Rogue.XPAntivirus) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080828150158703.log (Rogue.XPAntivirus) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080828200557171.log (Rogue.XPAntivirus) -> No action taken.
C:\Program Files\Montorgueil\14.06248 (Dialer) -> No action taken.
C:\Program Files\Montorgueil\beurette_sodo.avi\beurette_sodo.avi.exe (Dialer) -> No action taken.
C:\Program Files\Montorgueil\beurette_sodo.avi\beurette_sodo.avi.ico (Dialer) -> No action taken.
C:\Program Files\CPV\CPV8.dll.lzma (Trojan.Downloader) -> No action taken.
C:\Program Files\MyWay\myBar\History\search (Adware.MyWay) -> No action taken.
C:\Program Files\MyWay\myBar\Settings\prevcfg.htm (Adware.MyWay) -> No action taken.
C:\Program Files\VnrBlock\xtarga.gz (Trojan.Agent) -> No action taken.
C:\Program Files\Spcron\Spc.dll (Trojan.Agent) -> No action taken.
C:\Program Files\GetPack\dictame.gz (Trojan.Agent) -> No action taken.
C:\Program Files\GetPack\trgtame.gz (Trojan.Agent) -> No action taken.
C:\Program Files\iCheck\iCheck.exe (Trojan.Agent) -> No action taken.
C:\Program Files\iCheck\Uninstall.exe (Trojan.Agent) -> No action taken.
C:\Program Files\GetModule\dicik.gz (Trojan.Agent) -> No action taken.
C:\Program Files\GetModule\kwdik.gz (Trojan.Agent) -> No action taken.
C:\Program Files\GetModule\pckik.dat (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Propriétaire\Application Data\WinTouch\wintouch.cfg (Adware.WinPop) -> No action taken.
C:\WINDOWS\system32\daccmqnymhbmu.dll (Trojan.FakeAlert) -> No action taken.
0
Réponse 4 / 12
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Relance MBAM, va dans Quarantaine et supprime tout

- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

- Clique sur Install ensuite sur I Accept

- Clique sur Do a scan system and save log file

- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 12
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Oula, les infections.

Virus MSN, infection Lop/Swizzor (les célèbres pubs CiD),...

- Télécharge MSNFix.zip (de !aur3n7) sur le bureau:
http://sosvirus.changelog.fr/MSNFix.zip

- Décompresse-le (clic droit >> Extraire ici).

- Double-clique sur le fichier MSNFix.bat.

- Exécute l'option R.

- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage
- Note : Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal.

- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.t, poste-le.
0
Réponse 6 / 12
ricoule nul Messages postés 4 Statut Membre
 
je ne trouve pas le rapport mais je pense que cela a marché.
Je n'ai plus de problemes
Merci tu es un chef
0
Réponse 7 / 12
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Pars pas comme ça.

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
0
ricoule nul
 
rebonjour,
excuse moi je croyais que c'etait fini.
Voila le rapport avec LopS&D


--------------------\\ Lop S&D 4.2.3-6 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 04/27/04 20:18:06 Ver: 08.00.09
USER : Propriétaire ( Administrator )
BOOT : Normal boot

"C:\Lop SD" ( MAJ : 27-08-2008|22:40 )
Option : [1] ( 29/08/2008|12:00 )

--------------------\\ Listing des dossiers dans APPLIC~1

[03/01/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[07/11/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alexandra Ledermann 8
[30/11/2007|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[02/01/2007|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/12/2007|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[04/04/2007|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
[07/07/2006|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[01/01/2004|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[21/04/2005|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/01/2004|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[02/10/2005|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[01/01/2004|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[01/01/2004|23:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[22/06/2008|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[29/08/2008|01:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[25/04/2006|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/11/2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/01/2004|00:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[12/09/2004|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[20/10/2007|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[18/09/2005|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2004|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[29/08/2008|02:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\services
[17/03/2005|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[01/07/2007|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft dead ooze build
[08/05/2008|20:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[13/11/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[26/12/2005|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[08/03/2008|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ViaMichelin
[21/07/2006|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[25/08/2007|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[22/04/2008|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[01/01/2004|20:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/01/2004|21:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|23:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[25/08/2007|13:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/01/2004|00:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|22:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[04/01/2004|07:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[09/03/2008|19:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\$_hpcst$.hpc
[05/09/2007|16:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[03/03/2007|13:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[11/04/2008|17:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
[27/10/2004|19:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[30/11/2007|21:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[08/03/2008|17:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\$_hpcst$.hpc
[22/06/2008|10:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[11/01/2007|20:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[06/08/2006|14:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[07/01/2007|17:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Arcsoft
[08/12/2007|16:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVS4YOU
[20/09/2006|16:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVSDVDPlayer.m3u
[04/04/2007|14:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Babylon
[11/11/2004|21:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Common Files
[01/01/2004|20:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[18/09/2006|20:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\dvdcss
[26/12/2005|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\EPSON
[14/12/2005|20:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
[03/09/2005|17:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[15/09/2004|19:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[02/10/2005|11:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP
[04/09/2005|10:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\HTML Executable
[01/01/2004|21:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[07/11/2007|20:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[11/11/2004|19:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intervideo
[26/12/2004|17:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Kazaa Lite
[07/09/2004|21:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech
[26/07/2008|11:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[25/12/2006|12:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
[12/10/2005|16:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[23/07/2005|08:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Magix
[29/08/2008|01:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[25/12/2006|12:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[07/09/2004|21:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft Web Folders
[12/09/2004|14:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Motive
[29/08/2008|01:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[30/10/2004|19:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[04/11/2006|15:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Panasonic
[05/09/2007|16:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\PROGRAM MAPI
[31/03/2007|19:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[02/01/2004|00:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
[18/03/2007|20:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Screenshot Sender
[29/12/2004|19:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Shareaza
[07/09/2004|21:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
[01/01/2004|22:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[04/01/2004|07:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[16/01/2006|22:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\v3.0
[23/07/2005|09:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[29/08/2008 12:00][--ah-----] C:\WINDOWS\tasks\ADAFE460918497CC.job
[28/07/2008 18:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[25/07/2008 16:00][--ah-----] C:\WINDOWS\tasks\{22753462-EAD5-4F04-ABC3-A6C4A994B17D}_ERIC_Propri‚taire.job
[28/08/2008 16:00][--ah-----] C:\WINDOWS\tasks\{4C79F0AA-ACAA-4EB4-BCCA-F69DAE500492}_ERIC_Propri‚taire.job
[14/05/2008 09:00][--ah-----] C:\WINDOWS\tasks\{31782EBF-92EF-4DCE-8933-5466E9F8F86D}_ERIC_Propri‚taire.job
[12/02/2004 06:27][-rah-----] C:\WINDOWS\tasks\desktop.ini
[29/08/2008 11:12][--ah-----] C:\WINDOWS\tasks\SA.DAT

( ADAFE460918497CC.job )=( c:\docume~1\propri~1\applic~1\progra~1\Surftitleinfo.exe )
--------------------\\ MsgPlus SPONSOR INSTALLED !

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"DisplayName"="Messenger Plus! 3 & Sponsor"
"SponsorInstalled"=dword:00000000


--------------------\\ Listing des dossiers dans C:\Program Files

[16/03/2007|19:58] C:\Program Files\3B Software
[16/01/2008|16:42] C:\Program Files\ABAEnglishCourse
[28/12/2005|16:38] C:\Program Files\Adobe
[06/07/2006|21:11] C:\Program Files\Adverts
[30/11/2007|22:18] C:\Program Files\Apple Software Update
[02/09/2006|12:31] C:\Program Files\ArcSoft
[06/09/2004|21:06] C:\Program Files\ATI Technologies
[16/04/2005|15:27] C:\Program Files\ATLAS
[02/10/2004|10:44] C:\Program Files\AvantGo Connect
[22/12/2007|21:05] C:\Program Files\AVS4YOU
[20/09/2006|16:05] C:\Program Files\AVSMedia
[19/11/2004|19:04] C:\Program Files\Barbie(R) Aventures questres
[02/12/2007|16:26] C:\Program Files\Cambridge
[23/12/2004|11:16] C:\Program Files\CDex_150
[02/10/2004|10:44] C:\Program Files\Common Files
[01/01/2004|21:02] C:\Program Files\ComPlus Applications
[26/09/2004|10:29] C:\Program Files\DelphineSoft
[26/09/2004|10:34] C:\Program Files\directx
[23/09/2007|17:45] C:\Program Files\Dofus
[14/01/2006|10:05] C:\Program Files\Don't see!
[22/11/2006|16:25] C:\Program Files\DVD Shrink
[19/09/2006|20:03] C:\Program Files\DVD X Player 4.0 Professionnel
[05/11/2006|15:31] C:\Program Files\EA GAMES
[23/12/2004|15:05] C:\Program Files\Easy Internet signup
[16/12/2006|18:12] C:\Program Files\emme
[08/05/2008|20:09] C:\Program Files\epson
[22/06/2008|10:33] C:\Program Files\Fichiers communs
[27/10/2004|19:48] C:\Program Files\Free.fr
[26/12/2004|17:43] C:\Program Files\Freenet
[19/09/2006|20:21] C:\Program Files\GDiVX Player
[03/09/2005|17:53] C:\Program Files\Google
[12/02/2006|18:34] C:\Program Files\Gravurom
[04/11/2006|15:28] C:\Program Files\HP
[02/01/2004|00:19] C:\Program Files\HP Pavilion PC Help
[15/10/2005|19:37] C:\Program Files\Icon Extractor
[08/05/2008|20:09] C:\Program Files\InstallShield Installation Information
[06/09/2007|18:14] C:\Program Files\InterActual
[27/08/2008|22:52] C:\Program Files\Internet Explorer
[04/11/2006|15:30] C:\Program Files\InterVideo
[04/04/2008|10:57] C:\Program Files\iTunes
[07/07/2006|18:48] C:\Program Files\IVT Corporation
[08/05/2008|20:06] C:\Program Files\Java
[26/12/2006|10:24] C:\Program Files\Kazaa
[22/06/2008|10:34] C:\Program Files\Lavasoft
[14/01/2006|09:45] C:\Program Files\LCPA Lite
[26/03/2008|18:09] C:\Program Files\LimeWire
[25/12/2006|12:15] C:\Program Files\Logitech
[29/08/2008|01:42] C:\Program Files\Malwarebytes' Anti-Malware
[08/03/2008|17:53] C:\Program Files\Microsoft ActiveSync
[07/09/2004|21:14] C:\Program Files\microsoft frontpage
[02/10/2004|10:41] C:\Program Files\Microsoft Office
[22/04/2008|18:44] C:\Program Files\Microsoft SQL Server Compact Edition
[17/10/2004|11:03] C:\Program Files\Movie Maker
[29/08/2008|11:59] C:\Program Files\Mozilla Firefox
[04/11/2006|15:24] C:\Program Files\Mptool
[30/10/2004|19:19] C:\Program Files\MSN
[19/10/2005|20:07] C:\Program Files\MSN Apps
[01/01/2004|21:01] C:\Program Files\MSN Gaming Zone
[19/11/2006|20:41] C:\Program Files\MSXML 4.0
[26/12/2004|18:55] C:\Program Files\MUSICMATCH
[02/08/2005|22:55] C:\Program Files\Need2Find
[12/12/2004|12:55] C:\Program Files\NETGEAR
[17/10/2004|11:00] C:\Program Files\NetMeeting
[08/05/2008|20:08] C:\Program Files\NewDotNet
[14/06/2007|08:34] C:\Program Files\Outlook Express
[21/07/2006|20:00] C:\Program Files\PAN vision
[04/11/2006|15:28] C:\Program Files\Panasonic
[26/12/2004|12:42] C:\Program Files\PHILIPS
[01/03/2007|13:08] C:\Program Files\PROGRAM MAPI
[04/04/2008|10:54] C:\Program Files\QuickTime
[23/07/2005|09:52] C:\Program Files\Real
[06/09/2004|21:06] C:\Program Files\RecordNow!
[02/01/2004|00:27] C:\Program Files\Services en ligne
[28/07/2006|17:20] C:\Program Files\Shareaza
[04/09/2005|10:35] C:\Program Files\SoftCAD
[22/11/2006|16:30] C:\Program Files\SoftwareClub.ws
[06/09/2004|21:06] C:\Program Files\Sonic
[29/08/2008|11:12] C:\Program Files\SP2 Connection Patcher
[08/05/2008|20:10] C:\Program Files\Spybot - Search & Destroy
[13/11/2004|17:29] C:\Program Files\Symantec
[13/11/2004|17:28] C:\Program Files\Symantec_Client_Security
[27/10/2004|19:52] C:\Program Files\SymNetDrv
[25/09/2004|17:45] C:\Program Files\The Learning Company
[29/08/2008|01:59] C:\Program Files\Trend Micro
[14/11/2004|11:30] C:\Program Files\Ubi Soft
[07/11/2007|20:06] C:\Program Files\UbiSoft
[01/01/2004|23:34] C:\Program Files\Uninstall Information
[08/03/2008|17:59] C:\Program Files\ViaMichelin
[17/12/2006|19:26] C:\Program Files\ViaVoice
[08/05/2008|20:10] C:\Program Files\VideoLAN
[07/09/2005|14:56] C:\Program Files\Warez P2P Client
[07/09/2005|14:53] C:\Program Files\Warez P2P ClientIPGUARD.LOG
[23/04/2008|20:01] C:\Program Files\Windows Live
[03/03/2007|13:38] C:\Program Files\Windows Media Connect 2
[02/05/2007|14:47] C:\Program Files\Windows Media Player
[17/10/2004|11:00] C:\Program Files\Windows NT
[15/09/2004|20:02] C:\Program Files\WindowsUpdate
[29/08/2008|11:12] C:\Program Files\WinTV
[01/01/2004|21:05] C:\Program Files\xerox

[01/11/2004|19:00] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[22/07/2005|19:27] C:\Program Files\Fichiers communs\Adobe
[30/11/2007|22:17] C:\Program Files\Fichiers communs\Apple
[02/09/2006|12:32] C:\Program Files\Fichiers communs\ArcSoft
[08/12/2007|16:00] C:\Program Files\Fichiers communs\AVSMedia
[07/09/2004|21:17] C:\Program Files\Fichiers communs\Designer
[08/09/2004|19:05] C:\Program Files\Fichiers communs\English+
[29/01/2006|13:08] C:\Program Files\Fichiers communs\English+ Millennium
[14/12/2005|20:46] C:\Program Files\Fichiers communs\FotoWire
[01/01/2004|22:51] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2004|22:52] C:\Program Files\Fichiers communs\HP
[15/10/2005|19:36] C:\Program Files\Fichiers communs\HTML Executable Viewer
[26/12/2005|13:46] C:\Program Files\Fichiers communs\InstallShield
[27/08/2007|21:39] C:\Program Files\Fichiers communs\IviSDK
[01/01/2004|22:12] C:\Program Files\Fichiers communs\Java
[25/12/2006|12:15] C:\Program Files\Fichiers communs\Logitech
[08/03/2008|17:53] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2004|21:02] C:\Program Files\Fichiers communs\MSSoap
[01/01/2004|20:57] C:\Program Files\Fichiers communs\ODBC
[16/03/2005|21:16] C:\Program Files\Fichiers communs\pnnnclcc
[25/11/2006|21:03] C:\Program Files\Fichiers communs\Real
[14/08/2004|23:20] C:\Program Files\Fichiers communs\Services
[06/09/2004|21:07] C:\Program Files\Fichiers communs\Sonic
[01/01/2004|20:57] C:\Program Files\Fichiers communs\SpeechEngines
[06/09/2004|21:06] C:\Program Files\Fichiers communs\SureThing Shared
[13/11/2004|17:28] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|08:34] C:\Program Files\Fichiers communs\System
[21/02/2008|15:16] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[22/06/2008|10:33] C:\Program Files\Fichiers communs\Wise Installation Wizard
[25/11/2006|21:03] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 56 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\cogyicvl.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\dsaepybh.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\ekhkncno.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\encvrxej.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\joczhfjz.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\kfviflws.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\knctqisx.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\mlokuvup.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\orudkcto.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\rculerxj.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\riqrpiat.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\sxoqzqfl.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\tcdqzvlb.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\ydasahkh.exe
C:\Program Files\progra~1
C:\Program Files\Adverts
C:\Program Files\Adverts\uninst.exe
C:\Program Files\Warez P2P Client
C:\Program Files\Warez P2P ClientIPGUARD.LOG
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.cotedazurpalace[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@cotedazurpalace[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adopt.euroclick[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@32vegas[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.32vegas[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.vegasaffiliates[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@888[2].txt
C:\WINDOWS\Tasks\ADAFE460918497CC.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acme.PCHButton"="C:\\PROGRA~1\\HPPAVI~1\\Pavilion\\XPHWWBS4\\plugin\\bin\\pchbutton.exe"
"MultiDate"="C:\\DOCUME~1\\PROPRI~1\\APPLIC~1\\PROGRA~1\\MAGS THIRD.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="C:\\PROGRA~1\\SYMANT~1\\SYMANT~1\\vptray.exe"
"EPGServiceTool"="C:\\PROGRA~1\\WinTV\\EPGSER~1\\System\\EPGCLI~1.EXE /Minimize"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 58 [ 56 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-29 12:01:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 33

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Metadata\(DoD) you and your hands- pink 1 _crack_ 32.wma.xml


[F:36][D:22]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:146][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:5042][D:26]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 12:04:31
0
Réponse 8 / 12
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
"excuse moi je croyais que c'etait fini."
---> Et les pubs CiD ?

---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
0
ricoule nul
 
voila le rapport apres avoir fait suppression option 2



--------------------\\ Lop S&D 4.2.3-6 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 04/27/04 20:18:06 Ver: 08.00.09
USER : Propriétaire ( Administrator )
BOOT : Normal boot

"C:\Lop SD" ( MAJ : 27-08-2008|22:40 )
Option : [2] ( 29/08/2008|12:15 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\cogyicvl.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\dsaepybh.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\ekhkncno.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\encvrxej.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\joczhfjz.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\kfviflws.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\knctqisx.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\mlokuvup.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\orudkcto.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\rculerxj.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\riqrpiat.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\sxoqzqfl.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\tcdqzvlb.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1\ydasahkh.exe
Supprime! - C:\Program Files\Adverts\uninst.exe
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@32vegas[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.vegasaffiliates[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@888[2].txt
Supprime! - C:\WINDOWS\Tasks\ADAFE460918497CC.job
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\progra~1
Supprime! - C:\Program Files\progra~1
Supprime! - C:\Program Files\Adverts
Supprime! - C:\Program Files\Warez P2P Client
Echec ! - C:\Program Files\Warez P2P ClientIPGUARD.LOG
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE

Echec ! - C:\Program Files\Warez P2P ClientIPGUARD.LOG

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[03/01/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[07/11/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alexandra Ledermann 8
[30/11/2007|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[02/01/2007|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/12/2007|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[04/04/2007|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
[07/07/2006|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[01/01/2004|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[21/04/2005|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/01/2004|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[02/10/2005|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[01/01/2004|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[01/01/2004|23:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[22/06/2008|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[29/08/2008|01:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[25/04/2006|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/11/2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/01/2004|00:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[12/09/2004|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[20/10/2007|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[18/09/2005|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2004|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[29/08/2008|02:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\services
[17/03/2005|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[01/07/2007|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft dead ooze build
[08/05/2008|20:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[13/11/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[26/12/2005|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[08/03/2008|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ViaMichelin
[21/07/2006|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[25/08/2007|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[22/04/2008|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[01/01/2004|20:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/01/2004|21:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|23:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[25/08/2007|13:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/01/2004|00:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|22:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[04/01/2004|07:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[09/03/2008|19:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\$_hpcst$.hpc
[05/09/2007|16:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[03/03/2007|13:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[11/04/2008|17:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
[27/10/2004|19:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[30/11/2007|21:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[08/03/2008|17:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\$_hpcst$.hpc
[22/06/2008|10:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[11/01/2007|20:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[06/08/2006|14:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[07/01/2007|17:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Arcsoft
[08/12/2007|16:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVS4YOU
[20/09/2006|16:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVSDVDPlayer.m3u
[04/04/2007|14:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Babylon
[11/11/2004|21:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Common Files
[01/01/2004|20:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[18/09/2006|20:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\dvdcss
[26/12/2005|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\EPSON
[14/12/2005|20:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
[03/09/2005|17:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[15/09/2004|19:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[02/10/2005|11:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP
[04/09/2005|10:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\HTML Executable
[01/01/2004|21:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[07/11/2007|20:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[11/11/2004|19:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intervideo
[26/12/2004|17:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Kazaa Lite
[07/09/2004|21:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech
[26/07/2008|11:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[25/12/2006|12:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
[12/10/2005|16:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[23/07/2005|08:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Magix
[29/08/2008|01:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[25/12/2006|12:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[07/09/2004|21:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft Web Folders
[12/09/2004|14:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Motive
[29/08/2008|01:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[30/10/2004|19:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[04/11/2006|15:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Panasonic
[31/03/2007|19:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[02/01/2004|00:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
[18/03/2007|20:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Screenshot Sender
[29/12/2004|19:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Shareaza
[07/09/2004|21:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
[01/01/2004|22:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[04/01/2004|07:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[16/01/2006|22:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\v3.0
[23/07/2005|09:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[28/07/2008 18:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[25/07/2008 16:00][--ah-----] C:\WINDOWS\tasks\{22753462-EAD5-4F04-ABC3-A6C4A994B17D}_ERIC_Propri‚taire.job
[28/08/2008 16:00][--ah-----] C:\WINDOWS\tasks\{4C79F0AA-ACAA-4EB4-BCCA-F69DAE500492}_ERIC_Propri‚taire.job
[14/05/2008 09:00][--ah-----] C:\WINDOWS\tasks\{31782EBF-92EF-4DCE-8933-5466E9F8F86D}_ERIC_Propri‚taire.job
[12/02/2004 06:27][-rah-----] C:\WINDOWS\tasks\desktop.ini
[29/08/2008 11:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
--------------------\\ MsgPlus SPONSOR INSTALLED !

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"SponsorInstalled"=dword:00000000


--------------------\\ Listing des dossiers dans C:\Program Files

[16/03/2007|19:58] C:\Program Files\3B Software
[16/01/2008|16:42] C:\Program Files\ABAEnglishCourse
[28/12/2005|16:38] C:\Program Files\Adobe
[30/11/2007|22:18] C:\Program Files\Apple Software Update
[02/09/2006|12:31] C:\Program Files\ArcSoft
[06/09/2004|21:06] C:\Program Files\ATI Technologies
[16/04/2005|15:27] C:\Program Files\ATLAS
[02/10/2004|10:44] C:\Program Files\AvantGo Connect
[22/12/2007|21:05] C:\Program Files\AVS4YOU
[20/09/2006|16:05] C:\Program Files\AVSMedia
[19/11/2004|19:04] C:\Program Files\Barbie(R) Aventures questres
[02/12/2007|16:26] C:\Program Files\Cambridge
[23/12/2004|11:16] C:\Program Files\CDex_150
[02/10/2004|10:44] C:\Program Files\Common Files
[01/01/2004|21:02] C:\Program Files\ComPlus Applications
[26/09/2004|10:29] C:\Program Files\DelphineSoft
[26/09/2004|10:34] C:\Program Files\directx
[23/09/2007|17:45] C:\Program Files\Dofus
[14/01/2006|10:05] C:\Program Files\Don't see!
[22/11/2006|16:25] C:\Program Files\DVD Shrink
[19/09/2006|20:03] C:\Program Files\DVD X Player 4.0 Professionnel
[05/11/2006|15:31] C:\Program Files\EA GAMES
[23/12/2004|15:05] C:\Program Files\Easy Internet signup
[16/12/2006|18:12] C:\Program Files\emme
[08/05/2008|20:09] C:\Program Files\epson
[22/06/2008|10:33] C:\Program Files\Fichiers communs
[27/10/2004|19:48] C:\Program Files\Free.fr
[26/12/2004|17:43] C:\Program Files\Freenet
[19/09/2006|20:21] C:\Program Files\GDiVX Player
[03/09/2005|17:53] C:\Program Files\Google
[12/02/2006|18:34] C:\Program Files\Gravurom
[04/11/2006|15:28] C:\Program Files\HP
[02/01/2004|00:19] C:\Program Files\HP Pavilion PC Help
[15/10/2005|19:37] C:\Program Files\Icon Extractor
[08/05/2008|20:09] C:\Program Files\InstallShield Installation Information
[06/09/2007|18:14] C:\Program Files\InterActual
[27/08/2008|22:52] C:\Program Files\Internet Explorer
[04/11/2006|15:30] C:\Program Files\InterVideo
[04/04/2008|10:57] C:\Program Files\iTunes
[07/07/2006|18:48] C:\Program Files\IVT Corporation
[08/05/2008|20:06] C:\Program Files\Java
[26/12/2006|10:24] C:\Program Files\Kazaa
[22/06/2008|10:34] C:\Program Files\Lavasoft
[14/01/2006|09:45] C:\Program Files\LCPA Lite
[26/03/2008|18:09] C:\Program Files\LimeWire
[25/12/2006|12:15] C:\Program Files\Logitech
[29/08/2008|01:42] C:\Program Files\Malwarebytes' Anti-Malware
[08/03/2008|17:53] C:\Program Files\Microsoft ActiveSync
[07/09/2004|21:14] C:\Program Files\microsoft frontpage
[02/10/2004|10:41] C:\Program Files\Microsoft Office
[22/04/2008|18:44] C:\Program Files\Microsoft SQL Server Compact Edition
[17/10/2004|11:03] C:\Program Files\Movie Maker
[29/08/2008|11:59] C:\Program Files\Mozilla Firefox
[04/11/2006|15:24] C:\Program Files\Mptool
[30/10/2004|19:19] C:\Program Files\MSN
[19/10/2005|20:07] C:\Program Files\MSN Apps
[01/01/2004|21:01] C:\Program Files\MSN Gaming Zone
[19/11/2006|20:41] C:\Program Files\MSXML 4.0
[26/12/2004|18:55] C:\Program Files\MUSICMATCH
[02/08/2005|22:55] C:\Program Files\Need2Find
[12/12/2004|12:55] C:\Program Files\NETGEAR
[17/10/2004|11:00] C:\Program Files\NetMeeting
[08/05/2008|20:08] C:\Program Files\NewDotNet
[14/06/2007|08:34] C:\Program Files\Outlook Express
[21/07/2006|20:00] C:\Program Files\PAN vision
[04/11/2006|15:28] C:\Program Files\Panasonic
[26/12/2004|12:42] C:\Program Files\PHILIPS
[04/04/2008|10:54] C:\Program Files\QuickTime
[23/07/2005|09:52] C:\Program Files\Real
[06/09/2004|21:06] C:\Program Files\RecordNow!
[02/01/2004|00:27] C:\Program Files\Services en ligne
[28/07/2006|17:20] C:\Program Files\Shareaza
[04/09/2005|10:35] C:\Program Files\SoftCAD
[22/11/2006|16:30] C:\Program Files\SoftwareClub.ws
[06/09/2004|21:06] C:\Program Files\Sonic
[29/08/2008|11:12] C:\Program Files\SP2 Connection Patcher
[08/05/2008|20:10] C:\Program Files\Spybot - Search & Destroy
[13/11/2004|17:29] C:\Program Files\Symantec
[13/11/2004|17:28] C:\Program Files\Symantec_Client_Security
[27/10/2004|19:52] C:\Program Files\SymNetDrv
[25/09/2004|17:45] C:\Program Files\The Learning Company
[29/08/2008|01:59] C:\Program Files\Trend Micro
[14/11/2004|11:30] C:\Program Files\Ubi Soft
[07/11/2007|20:06] C:\Program Files\UbiSoft
[01/01/2004|23:34] C:\Program Files\Uninstall Information
[08/03/2008|17:59] C:\Program Files\ViaMichelin
[17/12/2006|19:26] C:\Program Files\ViaVoice
[08/05/2008|20:10] C:\Program Files\VideoLAN
[07/09/2005|14:53] C:\Program Files\Warez P2P ClientIPGUARD.LOG
[23/04/2008|20:01] C:\Program Files\Windows Live
[03/03/2007|13:38] C:\Program Files\Windows Media Connect 2
[02/05/2007|14:47] C:\Program Files\Windows Media Player
[17/10/2004|11:00] C:\Program Files\Windows NT
[15/09/2004|20:02] C:\Program Files\WindowsUpdate
[29/08/2008|11:12] C:\Program Files\WinTV
[01/01/2004|21:05] C:\Program Files\xerox
[01/11/2004|19:00] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[22/07/2005|19:27] C:\Program Files\Fichiers communs\Adobe
[30/11/2007|22:17] C:\Program Files\Fichiers communs\Apple
[02/09/2006|12:32] C:\Program Files\Fichiers communs\ArcSoft
[08/12/2007|16:00] C:\Program Files\Fichiers communs\AVSMedia
[07/09/2004|21:17] C:\Program Files\Fichiers communs\Designer
[08/09/2004|19:05] C:\Program Files\Fichiers communs\English+
[29/01/2006|13:08] C:\Program Files\Fichiers communs\English+ Millennium
[14/12/2005|20:46] C:\Program Files\Fichiers communs\FotoWire
[01/01/2004|22:51] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2004|22:52] C:\Program Files\Fichiers communs\HP
[15/10/2005|19:36] C:\Program Files\Fichiers communs\HTML Executable Viewer
[26/12/2005|13:46] C:\Program Files\Fichiers communs\InstallShield
[27/08/2007|21:39] C:\Program Files\Fichiers communs\IviSDK
[01/01/2004|22:12] C:\Program Files\Fichiers communs\Java
[25/12/2006|12:15] C:\Program Files\Fichiers communs\Logitech
[08/03/2008|17:53] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2004|21:02] C:\Program Files\Fichiers communs\MSSoap
[01/01/2004|20:57] C:\Program Files\Fichiers communs\ODBC
[16/03/2005|21:16] C:\Program Files\Fichiers communs\pnnnclcc
[25/11/2006|21:03] C:\Program Files\Fichiers communs\Real
[14/08/2004|23:20] C:\Program Files\Fichiers communs\Services
[06/09/2004|21:07] C:\Program Files\Fichiers communs\Sonic
[01/01/2004|20:57] C:\Program Files\Fichiers communs\SpeechEngines
[06/09/2004|21:06] C:\Program Files\Fichiers communs\SureThing Shared
[13/11/2004|17:28] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|08:34] C:\Program Files\Fichiers communs\System
[21/02/2008|15:16] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[22/06/2008|10:33] C:\Program Files\Fichiers communs\Wise Installation Wizard
[25/11/2006|21:03] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 56 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\Program Files\Warez P2P ClientIPGUARD.LOG

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-29 12:16:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 33

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Metadata\(DoD) you and your hands- pink 1 _crack_ 32.wma.xml


[F:36][D:22]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:139][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:5042][D:26]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 12:18:38
0
Réponse 9 / 12
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Télécharge OTMoveIt2 à partir du lien ci-dessous :
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

---> Enregistre le fichier sur le Bureau.

---> Double-clique sur le fichier OTMoveIt2.exe pour lancer l'outil.
Assure-toi que la case Unregister Dll's and Ocx's soit bien cochée.

---> Copie l'intégralité du texte ci-dessous et colle-le dans la fenêtre intitulée Paste List Of Files/Folders to Move.

C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft dead ooze build
C:\Program Files\Warez P2P ClientIPGUARD.LOG

---> Clique sur MoveIt! pour lancer la suppression.
Lorsqu'un résultat apparaît dans le cadre Results, clique sur Exit.

Note : Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.

---> Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
0
Réponse 10 / 12
ricoule nul
 
C'est fait
voila le rapport

C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft dead ooze build moved successfully.
C:\Program Files\Warez P2P ClientIPGUARD.LOG moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08292008_122911
0
Réponse 11 / 12
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Bien.

---> Désinstalle Lop S&D.

---> Poste un nouveau rapport HijackThis
0
ricoule nul
 
voila le dernier rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:44:25, on 29/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\WinTV\EPGSER~1\System\EPGCLI~1.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\WinTV\Ir.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Propriétaire\Mes documents\EMMANUELLE\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = free.fr:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\EX9QRAPG\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [MNI.UWFX5V_0001_LP1710] "C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\1KK3XTSL\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_N57M1412] "C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\K9UF89YB\WinFixer2005ScannerInstallFRA[1].exe" -nag
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ooze build meow locks] C:\Documents and Settings\All Users\Application Data\soft dead ooze build\MapiWay.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Eroca] C:\Program Files\Eroca\Eroca.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: pushow29.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Documents and Settings\Propriétaire\Mes documents\EMMANUELLE\iPod\bin\iPodService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
0
Réponse 12 / 12
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Supprime les traces de Norton avec ceci :
ftp://ftp.symantec.com/public/francais/removal_tools/Norton_Removal_Tool.exe

---> Installe Antivir :
http://dl1.avgate.net/down/windows/antivir_workstation_winu_fr_h.exe

---> Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
https://www.ccleaner.com/ccleaner/download

---> Lance-le. Va dans "Options" puis "Avancé", tu décoches la case "Effacer uniquement les fichiers etc...". Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage. Puis tu vas dans "Registre", tu fais "Chercher des erreurs". Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.

---> Redémarre ton PC et poste un nouveau rapport HijackThis
0

Discussions similaires

Ca veut dire quoi :3
Moi -
Adraen -

3 réponses
comment ouvrir un fichier tmp
yasmine -
MPMP10 -

1 réponse
comment ouvrir un fichier TMP
trealou -
Hind -

8 réponses
Signification de :3
blanchecanelle -
Adraen -

6 réponses
signification "<3" dans un sms
lecogno -
Utilisateur anonyme -

3 réponses