Publicité cid

sandy -  
 ... -
Bonjour,
apres avoir téléchargé msn plus avec le sponsor je reçois a chaque fois que je suis sur internet des publicités CID et je n'arrive pas à m'en débarrasser. J'ai d'abord désinstaller le sponsor mais comme rien n'avait chang j'ai désinstaller tout msn plus et je l'ai réinstallé cette foiis sans le sponsor; mais les publicités CID sont toujours présentes et elles ralentissent énormémen mon ordinateur. que dois-je faire? merci de votre aide

15 réponses

geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
salut Sandy !!

commence par faire ceci stp :

Télécharger et enregistrer sur le Bureau LopSD à cette adresse (c est le numéro 4 en bas de la page) : https://www.androidworld.fr/

= Double-clic Lop S&D
= Faire l'installation
Fermer toutes les applications
= Le lancer par un double-clic sur le raccourci qui est sur le bureau
Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur
= Taper F pour français , puis presser entrée
= Taper 1
= Presser Entrée
= Le PC va redémarrer
Note= si l'antivirus annonce une infection dans TEMP , l'ignorer
= Attendre l'apparition du rapport
Copier le rapport et le coller dans la réponse
le rapport se trouve aussi à C:\lopR
0
Juxx Messages postés 746 Statut Membre 129
 
Salut Sandy,

regardes là ==> http://www.commentcamarche.net/faq/sujet 5996 comment bloquer les fenetres cid

@+
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
Je m en occupe juxx..

Ce n est pas tout d aller voir comment supprimer les fenetres CID, elle surement d autres infections dans son pc ;-)
0
Juxx Messages postés 746 Statut Membre 129
 
Ok désolé...
0
sandy
 
Voici le rapport :


--------------------\\ Lop S&D 4.2.4-1 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Rev. 3.11
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)

"C:\Lop SD" ( MAJ : 06-09-2008|22:02 )
Option : [1] ( 07/09/2008|15:18 )

--------------------\\ Listing des dossiers dans APPLIC~1

[07/09/2007|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/01/2004|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/09/2008|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[16/04/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Awem
[07/03/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Farm Frenzy
[15/06/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[07/09/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
[07/05/2008|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[21/09/2006|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/09/2008|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[01/01/2004|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[02/02/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[01/01/2004|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[20/09/2007|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[31/08/2008|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool
[07/09/2008|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/05/2008|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/01/2004|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[23/09/2007|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
[06/03/2008|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\My Games
[25/02/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MythPeople
[04/10/2007|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
[25/11/2007|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NeptunesAdve
[28/07/2008|13:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[04/02/2007|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism
[16/01/2006|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[22/11/2007|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Runic
[25/10/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[01/01/2004|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[09/02/2006|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[24/08/2005|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[27/03/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
[31/08/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[14/01/2006|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[13/05/2008|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/09/2007|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio
[25/08/2006|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[09/03/2008|00:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/09/2007|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[01/01/2004|18:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[01/01/2004|15:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|18:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[01/01/2004|15:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|19:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|16:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|22:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[14/05/2008|13:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[07/09/2007|21:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[07/03/2008|22:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AlwaysNeat
[01/01/2004|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[27/05/2008|22:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AVGTOOLBAR
[04/11/2007|17:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Canvas Multi-Media
[06/09/2008|07:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Copie de Else Ball
[12/11/2007|19:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Gaijin Ent
[19/04/2008|10:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Gamelab
[22/09/2006|07:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[03/09/2008|22:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Grisoft
[24/12/2005|12:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[31/08/2008|20:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[12/10/2005|13:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
[21/05/2008|16:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\iWin
[21/11/2007|19:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Jane s Hotel
[18/05/2005|15:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[26/08/2008|21:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\LimeWire
[22/07/2007|00:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[18/09/2007|21:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Magic Academy
[26/06/2008|20:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[14/12/2004|20:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
[12/12/2004|16:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
[17/06/2007|23:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
[22/10/2007|21:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\My Games
[15/03/2008|19:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Pirateville
[28/07/2008|13:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
[05/07/2008|16:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[01/01/2004|19:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[26/06/2008|20:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Samsung
[20/10/2007|16:35] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sandlot Games
[10/03/2007|21:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skype
[18/05/2005|15:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[07/07/2008|19:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SprillBermudeEng
[01/01/2004|16:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[01/01/2004|22:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[05/04/2008|16:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TheScruffs
[22/11/2007|22:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vlc
[23/07/2006|14:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\VoipBuster
[26/05/2008|17:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Vso
[07/07/2008|15:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Wildfire
[24/06/2008|18:09] C:\DOCUME~1\HP_PRO~1\APPLIC~1\YTHE
[31/08/2008|20:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Zylom

[27/05/2008|23:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[27/05/2008|23:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[07/09/2008 15:00][--ah-----] C:\WINDOWS\tasks\A6FCCB8591437C2D.job
[04/09/2008 19:57][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[18/02/2006 18:42][--a------] C:\WINDOWS\tasks\Connexion facile … Internet.job
[05/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
[07/09/2008 11:16][--ah-----] C:\WINDOWS\tasks\SA.DAT

( A6FCCB8591437C2D.job )=( c:\docume~1\hp_pro~1\applic~1\elseba~1\loadcreativefirst.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[01/11/2005|19:25] C:\Program Files\AC3Filter
[07/09/2007|21:45] C:\Program Files\Adobe
[02/11/2005|20:52] C:\Program Files\Ahead
[18/12/2006|21:10] C:\Program Files\Alwil Software
[01/12/2004|15:58] C:\Program Files\ATI Technologies
[14/01/2006|18:53] C:\Program Files\avast antivirus
[27/05/2008|23:19] C:\Program Files\AVG
[01/11/2005|19:38] C:\Program Files\AviSynth 2.5
[23/06/2007|02:16] C:\Program Files\AVIXDVD
[25/12/2005|21:03] C:\Program Files\BlackBeanGames
[19/05/2008|06:45] C:\Program Files\CCleaner
[01/01/2004|15:03] C:\Program Files\ComPlus Applications
[01/11/2005|19:23] C:\Program Files\Custom Technology
[03/11/2005|15:36] C:\Program Files\DVD Decrypter
[30/09/2007|18:19] C:\Program Files\Easy Internet signup
[31/08/2008|14:39] C:\Program Files\Else Ball
[19/05/2008|22:09] C:\Program Files\eMule
[01/11/2005|19:27] C:\Program Files\ffdshow
[05/07/2008|16:49] C:\Program Files\Fichiers communs
[01/11/2005|12:59] C:\Program Files\Gabest
[13/05/2008|21:27] C:\Program Files\GamesBar
[04/09/2008|19:08] C:\Program Files\Google
[03/09/2008|22:40] C:\Program Files\Grisoft
[01/01/2004|18:57] C:\Program Files\Help and Support Additions
[01/01/2004|16:51] C:\Program Files\Hewlett-Packard
[01/01/2004|18:25] C:\Program Files\HP
[18/06/2008|20:13] C:\Program Files\Icone
[21/01/2006|18:48] C:\Program Files\IncrediMail
[03/09/2008|12:09] C:\Program Files\InstallShield Installation Information
[24/08/2008|03:02] C:\Program Files\Internet Explorer
[01/12/2004|16:01] C:\Program Files\InterVideo
[24/12/2005|12:25] C:\Program Files\Inventel
[08/05/2006|12:24] C:\Program Files\IrfanView
[24/08/2008|00:12] C:\Program Files\Java
[03/03/2008|21:05] C:\Program Files\KaraFun
[18/06/2008|20:13] C:\Program Files\LETMIN
[19/05/2008|21:14] C:\Program Files\LimeWire
[24/08/2008|03:06] C:\Program Files\Messenger
[06/09/2008|23:18] C:\Program Files\Messenger Plus! Live
[20/12/2004|16:53] C:\Program Files\Microsoft AutoRoute
[10/03/2008|04:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[01/12/2004|16:24] C:\Program Files\Microsoft Encarta
[01/01/2004|15:06] C:\Program Files\microsoft frontpage
[14/12/2004|20:27] C:\Program Files\Microsoft Office
[10/10/2007|13:21] C:\Program Files\Microsoft Picture It! 9
[02/07/2006|23:39] C:\Program Files\Microsoft Visual Studio
[15/12/2007|14:48] C:\Program Files\Microsoft Works
[01/12/2004|16:08] C:\Program Files\Microsoft Works Suite 2004
[01/01/2004|15:04] C:\Program Files\Movie Maker
[17/06/2007|23:30] C:\Program Files\MSN
[01/01/2004|15:03] C:\Program Files\MSN Gaming Zone
[16/11/2006|04:02] C:\Program Files\MSXML 4.0
[01/10/2004|00:49] C:\Program Files\NetMeeting
[04/09/2008|19:41] C:\Program Files\Norton Security Scan
[01/01/2004|15:03] C:\Program Files\Online Services
[13/05/2008|21:25] C:\Program Files\orange
[23/06/2007|14:01] C:\Program Files\Outlook Express
[17/06/2007|23:34] C:\Program Files\PC-Doctor for Windows
[28/10/2007|15:33] C:\Program Files\Picasa2
[04/09/2008|19:13] C:\Program Files\QuickTime
[05/07/2008|16:48] C:\Program Files\Real
[26/06/2008|19:55] C:\Program Files\Samsung
[17/12/2005|13:46] C:\Program Files\SCi Games
[27/08/2005|15:20] C:\Program Files\SCOL
[01/01/2004|19:06] C:\Program Files\Services en ligne
[02/01/2004|07:00] C:\Program Files\SiS VGA Utilities V3.59e
[01/01/2004|18:34] C:\Program Files\Sonic
[01/01/2004|18:34] C:\Program Files\Sonic RecordNow!
[24/08/2005|18:23] C:\Program Files\Sony
[24/08/2008|00:13] C:\Program Files\Sun
[01/01/2004|15:09] C:\Program Files\Uninstall Information
[22/11/2007|22:49] C:\Program Files\VideoLAN
[08/02/2006|20:08] C:\Program Files\Vimicro
[17/06/2007|22:41] C:\Program Files\VoipBuster.com
[23/06/2007|14:01] C:\Program Files\Wanadoo
[21/07/2008|01:56] C:\Program Files\Winamp
[09/03/2008|00:43] C:\Program Files\Windows Live
[29/01/2008|20:26] C:\Program Files\Windows Media Connect 2
[29/01/2008|20:26] C:\Program Files\Windows Media Player
[01/10/2004|00:49] C:\Program Files\Windows NT
[01/01/2004|15:04] C:\Program Files\WindowsUpdate
[08/06/2006|14:23] C:\Program Files\WinRAR
[28/12/2006|11:57] C:\Program Files\Woody Woodpecker
[01/01/2004|15:06] C:\Program Files\xerox
[01/11/2005|12:41] C:\Program Files\XviD
[04/09/2008|19:16] C:\Program Files\Yahoo!
[04/09/2008|19:18] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/12/2004|16:57] C:\Program Files\Fichiers communs\Adobe
[02/11/2005|20:52] C:\Program Files\Fichiers communs\Ahead
[10/06/2005|19:22] C:\Program Files\Fichiers communs\AOL
[03/09/2005|14:01] C:\Program Files\Fichiers communs\Borland Shared
[14/12/2004|20:28] C:\Program Files\Fichiers communs\Designer
[17/12/2005|13:53] C:\Program Files\Fichiers communs\DirectX
[01/01/2004|16:41] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2004|16:42] C:\Program Files\Fichiers communs\HP
[02/01/2004|06:59] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|16:07] C:\Program Files\Fichiers communs\Java
[27/05/2008|22:23] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2004|15:04] C:\Program Files\Fichiers communs\MSSoap
[13/05/2008|21:25] C:\Program Files\Fichiers communs\Oberon Media
[01/01/2004|15:59] C:\Program Files\Fichiers communs\ODBC
[05/07/2008|16:49] C:\Program Files\Fichiers communs\Real
[28/05/2008|09:15] C:\Program Files\Fichiers communs\Sandlot Shared
[01/10/2004|00:49] C:\Program Files\Fichiers communs\Services
[14/01/2006|19:13] C:\Program Files\Fichiers communs\Softwin
[10/03/2007|21:37] C:\Program Files\Fichiers communs\Sony Shared
[01/01/2004|15:59] C:\Program Files\Fichiers communs\SpeechEngines
[01/01/2004|18:34] C:\Program Files\Fichiers communs\SureThing Shared
[04/09/2008|08:11] C:\Program Files\Fichiers communs\Symantec Shared
[18/06/2007|00:18] C:\Program Files\Fichiers communs\System
[09/03/2008|00:44] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/07/2008|16:49] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 48 Processes )

IEXPLORE.EXE ~ [PID:2072]
iexplore.exe ~ [PID:2816]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\Bias way.exe
C:\Program Files\elseba~1
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\msgpl_a4e4.tmp
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\nsd6A3.tmp
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\nsu69E.tmp
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\nsy9B8.tmp
C:\WINDOWS\Tasks\A6FCCB8591437C2D.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Locks ace"="C:\\DOCUME~1\\HP_PRO~1\\APPLIC~1\\ELSEBA~1\\Grey Itch.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"else tool title ping"="C:\\Documents and Settings\\All Users\\Application Data\\Loud spam else tool\\Bias way.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 15:22:03
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1838

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:7025][D:261]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:126][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:4763][D:12]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008|15:30 - Option : [1]

--------------------\\ Fin du rapport a 15:30:42
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok maintenant :

---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

ensuite :

Fais un rapport hijackthis pour que je puisses vérifier les infections de ton pc stp

Télécharge hijackthis à cette adresse, tout est expliqué pour bien l installer et pour savoir s'en servir :

https://www.androidworld.fr/

Comment copier/coller le rapport :

Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".

ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.

Une explication des raccourcis clavier sont illustrés à cette adresse :

https://www.androidworld.fr/
0
sandy
 
--------------------\\ Lop S&D 4.2.4-1 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Rev. 3.11
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)

"C:\Lop SD" ( MAJ : 06-09-2008|22:02 )
Option : [2] ( 07/09/2008|15:39 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\Bias way.exe
Supprime! - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\msgpl_a4e4.tmp
Supprime! - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\nsd6A3.tmp
Supprime! - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\nsu69E.tmp
Supprime! - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\nsy9B8.tmp
Supprime! - C:\WINDOWS\Tasks\A6FCCB8591437C2D.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool
Supprime! - C:\Program Files\elseba~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[07/09/2007|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/01/2004|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/09/2008|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[16/04/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Awem
[07/03/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Farm Frenzy
[15/06/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[07/09/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
[07/05/2008|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[21/09/2006|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/09/2008|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[01/01/2004|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[02/02/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[01/01/2004|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[20/09/2007|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[07/09/2008|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/05/2008|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/01/2004|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[23/09/2007|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
[06/03/2008|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\My Games
[25/02/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MythPeople
[04/10/2007|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
[25/11/2007|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NeptunesAdve
[28/07/2008|13:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[04/02/2007|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism
[16/01/2006|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[22/11/2007|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Runic
[25/10/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[01/01/2004|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[09/02/2006|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[24/08/2005|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[27/03/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
[31/08/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[14/01/2006|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[13/05/2008|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/09/2007|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio
[25/08/2006|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[09/03/2008|00:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/09/2007|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[01/01/2004|18:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[01/01/2004|15:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|18:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[01/01/2004|15:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|19:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|16:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|22:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[14/05/2008|13:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[07/09/2007|21:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[07/03/2008|22:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AlwaysNeat
[01/01/2004|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[27/05/2008|22:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AVGTOOLBAR
[04/11/2007|17:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Canvas Multi-Media
[06/09/2008|07:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Copie de Else Ball
[12/11/2007|19:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Gaijin Ent
[19/04/2008|10:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Gamelab
[22/09/2006|07:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[03/09/2008|22:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Grisoft
[24/12/2005|12:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[31/08/2008|20:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[12/10/2005|13:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
[21/05/2008|16:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\iWin
[21/11/2007|19:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Jane s Hotel
[18/05/2005|15:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[26/08/2008|21:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\LimeWire
[22/07/2007|00:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[18/09/2007|21:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Magic Academy
[26/06/2008|20:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[14/12/2004|20:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
[12/12/2004|16:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
[17/06/2007|23:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
[22/10/2007|21:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\My Games
[15/03/2008|19:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Pirateville
[28/07/2008|13:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
[05/07/2008|16:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[01/01/2004|19:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[26/06/2008|20:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Samsung
[20/10/2007|16:35] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sandlot Games
[10/03/2007|21:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skype
[18/05/2005|15:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[07/07/2008|19:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SprillBermudeEng
[01/01/2004|16:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[01/01/2004|22:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[05/04/2008|16:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TheScruffs
[22/11/2007|22:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vlc
[23/07/2006|14:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\VoipBuster
[26/05/2008|17:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Vso
[07/07/2008|15:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Wildfire
[24/06/2008|18:09] C:\DOCUME~1\HP_PRO~1\APPLIC~1\YTHE
[31/08/2008|20:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Zylom

[27/05/2008|23:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[27/05/2008|23:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[04/09/2008 19:57][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[18/02/2006 18:42][--a------] C:\WINDOWS\tasks\Connexion facile … Internet.job
[05/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
[07/09/2008 11:16][--ah-----] C:\WINDOWS\tasks\SA.DAT

--------------------\\ Listing des dossiers dans C:\Program Files

[01/11/2005|19:25] C:\Program Files\AC3Filter
[07/09/2007|21:45] C:\Program Files\Adobe
[02/11/2005|20:52] C:\Program Files\Ahead
[18/12/2006|21:10] C:\Program Files\Alwil Software
[01/12/2004|15:58] C:\Program Files\ATI Technologies
[14/01/2006|18:53] C:\Program Files\avast antivirus
[27/05/2008|23:19] C:\Program Files\AVG
[01/11/2005|19:38] C:\Program Files\AviSynth 2.5
[23/06/2007|02:16] C:\Program Files\AVIXDVD
[25/12/2005|21:03] C:\Program Files\BlackBeanGames
[19/05/2008|06:45] C:\Program Files\CCleaner
[01/01/2004|15:03] C:\Program Files\ComPlus Applications
[01/11/2005|19:23] C:\Program Files\Custom Technology
[03/11/2005|15:36] C:\Program Files\DVD Decrypter
[30/09/2007|18:19] C:\Program Files\Easy Internet signup
[19/05/2008|22:09] C:\Program Files\eMule
[01/11/2005|19:27] C:\Program Files\ffdshow
[05/07/2008|16:49] C:\Program Files\Fichiers communs
[01/11/2005|12:59] C:\Program Files\Gabest
[13/05/2008|21:27] C:\Program Files\GamesBar
[04/09/2008|19:08] C:\Program Files\Google
[03/09/2008|22:40] C:\Program Files\Grisoft
[01/01/2004|18:57] C:\Program Files\Help and Support Additions
[01/01/2004|16:51] C:\Program Files\Hewlett-Packard
[01/01/2004|18:25] C:\Program Files\HP
[18/06/2008|20:13] C:\Program Files\Icone
[21/01/2006|18:48] C:\Program Files\IncrediMail
[03/09/2008|12:09] C:\Program Files\InstallShield Installation Information
[24/08/2008|03:02] C:\Program Files\Internet Explorer
[01/12/2004|16:01] C:\Program Files\InterVideo
[24/12/2005|12:25] C:\Program Files\Inventel
[08/05/2006|12:24] C:\Program Files\IrfanView
[24/08/2008|00:12] C:\Program Files\Java
[03/03/2008|21:05] C:\Program Files\KaraFun
[18/06/2008|20:13] C:\Program Files\LETMIN
[19/05/2008|21:14] C:\Program Files\LimeWire
[24/08/2008|03:06] C:\Program Files\Messenger
[06/09/2008|23:18] C:\Program Files\Messenger Plus! Live
[20/12/2004|16:53] C:\Program Files\Microsoft AutoRoute
[10/03/2008|04:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[01/12/2004|16:24] C:\Program Files\Microsoft Encarta
[01/01/2004|15:06] C:\Program Files\microsoft frontpage
[14/12/2004|20:27] C:\Program Files\Microsoft Office
[10/10/2007|13:21] C:\Program Files\Microsoft Picture It! 9
[02/07/2006|23:39] C:\Program Files\Microsoft Visual Studio
[15/12/2007|14:48] C:\Program Files\Microsoft Works
[01/12/2004|16:08] C:\Program Files\Microsoft Works Suite 2004
[01/01/2004|15:04] C:\Program Files\Movie Maker
[17/06/2007|23:30] C:\Program Files\MSN
[01/01/2004|15:03] C:\Program Files\MSN Gaming Zone
[16/11/2006|04:02] C:\Program Files\MSXML 4.0
[01/10/2004|00:49] C:\Program Files\NetMeeting
[04/09/2008|19:41] C:\Program Files\Norton Security Scan
[01/01/2004|15:03] C:\Program Files\Online Services
[13/05/2008|21:25] C:\Program Files\orange
[23/06/2007|14:01] C:\Program Files\Outlook Express
[17/06/2007|23:34] C:\Program Files\PC-Doctor for Windows
[28/10/2007|15:33] C:\Program Files\Picasa2
[04/09/2008|19:13] C:\Program Files\QuickTime
[05/07/2008|16:48] C:\Program Files\Real
[26/06/2008|19:55] C:\Program Files\Samsung
[17/12/2005|13:46] C:\Program Files\SCi Games
[27/08/2005|15:20] C:\Program Files\SCOL
[01/01/2004|19:06] C:\Program Files\Services en ligne
[02/01/2004|07:00] C:\Program Files\SiS VGA Utilities V3.59e
[01/01/2004|18:34] C:\Program Files\Sonic
[01/01/2004|18:34] C:\Program Files\Sonic RecordNow!
[24/08/2005|18:23] C:\Program Files\Sony
[24/08/2008|00:13] C:\Program Files\Sun
[01/01/2004|15:09] C:\Program Files\Uninstall Information
[22/11/2007|22:49] C:\Program Files\VideoLAN
[08/02/2006|20:08] C:\Program Files\Vimicro
[17/06/2007|22:41] C:\Program Files\VoipBuster.com
[23/06/2007|14:01] C:\Program Files\Wanadoo
[21/07/2008|01:56] C:\Program Files\Winamp
[09/03/2008|00:43] C:\Program Files\Windows Live
[29/01/2008|20:26] C:\Program Files\Windows Media Connect 2
[29/01/2008|20:26] C:\Program Files\Windows Media Player
[01/10/2004|00:49] C:\Program Files\Windows NT
[01/01/2004|15:04] C:\Program Files\WindowsUpdate
[08/06/2006|14:23] C:\Program Files\WinRAR
[28/12/2006|11:57] C:\Program Files\Woody Woodpecker
[01/01/2004|15:06] C:\Program Files\xerox
[01/11/2005|12:41] C:\Program Files\XviD
[04/09/2008|19:16] C:\Program Files\Yahoo!
[04/09/2008|19:18] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/12/2004|16:57] C:\Program Files\Fichiers communs\Adobe
[02/11/2005|20:52] C:\Program Files\Fichiers communs\Ahead
[10/06/2005|19:22] C:\Program Files\Fichiers communs\AOL
[03/09/2005|14:01] C:\Program Files\Fichiers communs\Borland Shared
[14/12/2004|20:28] C:\Program Files\Fichiers communs\Designer
[17/12/2005|13:53] C:\Program Files\Fichiers communs\DirectX
[01/01/2004|16:41] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2004|16:42] C:\Program Files\Fichiers communs\HP
[02/01/2004|06:59] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|16:07] C:\Program Files\Fichiers communs\Java
[27/05/2008|22:23] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2004|15:04] C:\Program Files\Fichiers communs\MSSoap
[13/05/2008|21:25] C:\Program Files\Fichiers communs\Oberon Media
[01/01/2004|15:59] C:\Program Files\Fichiers communs\ODBC
[05/07/2008|16:49] C:\Program Files\Fichiers communs\Real
[28/05/2008|09:15] C:\Program Files\Fichiers communs\Sandlot Shared
[01/10/2004|00:49] C:\Program Files\Fichiers communs\Services
[14/01/2006|19:13] C:\Program Files\Fichiers communs\Softwin
[10/03/2007|21:37] C:\Program Files\Fichiers communs\Sony Shared
[01/01/2004|15:59] C:\Program Files\Fichiers communs\SpeechEngines
[01/01/2004|18:34] C:\Program Files\Fichiers communs\SureThing Shared
[04/09/2008|08:11] C:\Program Files\Fichiers communs\Symantec Shared
[18/06/2007|00:18] C:\Program Files\Fichiers communs\System
[09/03/2008|00:44] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/07/2008|16:49] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 44 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 15:42:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1838

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:7021][D:258]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:126][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:4828][D:12]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008|15:30 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 07/09/2008|15:49 - Option : [2]

--------------------\\ Fin du rapport a 15:49:41
0
...
 
--------------------\\ Lop S&D 4.2.4-2 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : yusuf ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080909-0] 4.8.1229 (Activated)

"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [1] ( 10/09/2008|21:25 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[16/06/2008|16:31] C:\Users\yusuf\AppData\Local\Adobe
[11/02/2008|19:24] C:\Users\yusuf\AppData\Local\Application Data
[11/02/2008|19:29] C:\Users\yusuf\AppData\Local\ATI
[27/06/2008|13:47] C:\Users\yusuf\AppData\Local\Clavier+
[15/08/2008|14:22] C:\Users\yusuf\AppData\Local\Codemasters
[03/09/2008|12:54] C:\Users\yusuf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[06/07/2008|11:41] C:\Users\yusuf\AppData\Local\eMule
[10/04/2008|22:50] C:\Users\yusuf\AppData\Local\gctmp
[21/08/2008|13:28] C:\Users\yusuf\AppData\Local\GDIPFONTCACHEV1.DAT
[15/06/2008|22:14] C:\Users\yusuf\AppData\Local\Google
[11/02/2008|19:24] C:\Users\yusuf\AppData\Local\Historique
[10/09/2008|16:31] C:\Users\yusuf\AppData\Local\IconCache.db
[14/06/2008|00:37] C:\Users\yusuf\AppData\Local\Microsoft
[25/07/2008|19:48] C:\Users\yusuf\AppData\Local\Microsoft Games
[12/02/2008|12:34] C:\Users\yusuf\AppData\Local\Steam
[10/09/2008|21:15] C:\Users\yusuf\AppData\Local\Temp
[11/02/2008|19:24] C:\Users\yusuf\AppData\Local\Temporary Internet Files
[16/03/2008|00:28] C:\Users\yusuf\AppData\Local\TomTom
[11/02/2008|19:30] C:\Users\yusuf\AppData\Local\Toshiba
[22/06/2008|09:33] C:\Users\yusuf\AppData\Local\VirtualStore
[03/05/2008|19:48] C:\Users\yusuf\AppData\Local\Wyzo
[10/04/2008|22:48] C:\Users\yusuf\AppData\Local\Xenocode

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[10/09/2008 16:34][--ah-----] C:\Windows\tasks\SA.DAT
[10/09/2008 16:32][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[16/06/2008|13:24] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[11/02/2008|19:18] C:\ProgramData\Atheros
[11/02/2008|19:29] C:\ProgramData\ATI
[11/02/2008|19:20] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[06/07/2008|11:45] C:\ProgramData\eMule
[11/02/2008|19:20] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[04/09/2008|19:22] C:\ProgramData\Flagstore
[16/06/2008|14:40] C:\ProgramData\Google
[02/09/2008|21:43] C:\ProgramData\Iso Web Bags Else
[11/02/2008|19:20] C:\ProgramData\Menu D‚marrer
[08/09/2008|19:30] C:\ProgramData\Messenger Plus!
[26/02/2008|11:19] C:\ProgramData\Microsoft
[11/02/2008|19:20] C:\ProgramData\ModŠles
[02/09/2008|21:43] C:\ProgramData\Name Body Meet.pdprbi
[02/11/2006|15:02] C:\ProgramData\Start Menu
[20/06/2008|22:30] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[09/03/2008|00:46] C:\ProgramData\TomTom
[11/02/2008|19:28] C:\ProgramData\Toshiba
[11/02/2008|19:24] C:\ProgramData\ToshibaEurope
[10/07/2007|16:49] C:\ProgramData\Ulead Systems
[02/09/2008|21:43] C:\ProgramData\viewoneone.hannqv4
[02/09/2008|21:43] C:\ProgramData\viewoneone.xktaknu
[10/07/2007|16:36] C:\ProgramData\Vista64
[12/02/2008|17:46] C:\ProgramData\WLInstaller
[10/07/2007|16:36] C:\ProgramData\XP

--------------------\\ Listing des dossiers dans C:\Program Files

[25/06/2008|19:11] C:\Program Files\Adobe
[16/06/2008|13:21] C:\Program Files\Adobe Media Player
[04/06/2008|23:31] C:\Program Files\Alwil Software
[11/02/2008|19:18] C:\Program Files\Atheros
[11/02/2008|19:10] C:\Program Files\ATI
[11/02/2008|19:12] C:\Program Files\ATI Technologies
[11/02/2008|19:13] C:\Program Files\Camera Assistant Software for Toshiba
[06/09/2008|19:35] C:\Program Files\Cheat Engine
[08/09/2008|18:52] C:\Program Files\Circle Developement
[01/07/2008|22:42] C:\Program Files\Common Files
[14/07/2008|21:32] C:\Program Files\DivX
[07/09/2008|11:23] C:\Program Files\Dofus
[06/07/2008|11:41] C:\Program Files\eMule
[11/02/2008|19:20] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[12/04/2008|14:12] C:\Program Files\FlashGet
[09/03/2008|00:39] C:\Program Files\Free.fr
[17/06/2008|20:36] C:\Program Files\Google
[18/04/2007|09:08] C:\Program Files\IDM
[15/08/2008|14:18] C:\Program Files\InstallShield Installation Information
[11/02/2008|19:26] C:\Program Files\Intel
[03/08/2008|11:57] C:\Program Files\Internet Explorer
[10/07/2007|16:49] C:\Program Files\InterVideo
[26/02/2008|11:15] C:\Program Files\Inventel
[21/04/2008|09:46] C:\Program Files\Java
[11/07/2008|21:05] C:\Program Files\LG Electronics
[11/07/2008|21:03] C:\Program Files\LG PC Suite 2
[04/06/2008|13:05] C:\Program Files\LimeWire
[15/10/2007|19:48] C:\Program Files\ltmoh
[08/09/2008|18:52] C:\Program Files\Messenger Plus! Live
[07/09/2008|11:45] C:\Program Files\Metin2_France
[20/07/2008|11:09] C:\Program Files\Microsoft Games
[03/08/2008|11:57] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[18/04/2007|08:14] C:\Program Files\My Company Name
[18/04/2008|21:50] C:\Program Files\OpenOffice.org 2.4
[25/04/2008|19:09] C:\Program Files\PhotoFiltre
[15/10/2007|19:40] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[05/07/2008|16:30] C:\Program Files\Save Flash
[07/09/2008|11:39] C:\Program Files\Speed Gear
[11/02/2008|19:17] C:\Program Files\Synaptics
[28/05/2008|19:00] C:\Program Files\Teamspeak2_RC2
[01/03/2008|19:54] C:\Program Files\TLC-Edusoft
[12/07/2008|22:18] C:\Program Files\Tomato
[16/03/2008|00:11] C:\Program Files\TomTom DesktopSuite
[21/06/2008|00:21] C:\Program Files\TomTom HOME
[11/06/2008|00:15] C:\Program Files\TomTom HOME 2
[11/02/2008|21:36] C:\Program Files\TOSHIBA
[10/07/2007|16:46] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[20/07/2008|15:35] C:\Program Files\Visicom Media
[03/08/2008|11:57] C:\Program Files\Windows Calendar
[03/08/2008|11:57] C:\Program Files\Windows Collaboration
[03/08/2008|11:57] C:\Program Files\Windows Defender
[03/08/2008|11:57] C:\Program Files\Windows Journal
[12/02/2008|17:49] C:\Program Files\Windows Live
[26/02/2008|14:56] C:\Program Files\Windows Live Safety Center
[26/08/2008|03:09] C:\Program Files\Windows Mail
[18/04/2007|08:46] C:\Program Files\Windows Media Components
[03/08/2008|11:57] C:\Program Files\Windows Media Player
[11/02/2008|19:20] C:\Program Files\Windows NT
[03/08/2008|11:57] C:\Program Files\Windows Photo Gallery
[03/08/2008|11:57] C:\Program Files\Windows Sidebar
[28/03/2008|21:50] C:\Program Files\WinRAR
[04/09/2008|19:07] C:\Program Files\Woonoz

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[16/06/2008|13:23] C:\Program Files\Common Files\Adobe
[16/06/2008|13:20] C:\Program Files\Common Files\Adobe AIR
[17/07/2008|17:59] C:\Program Files\Common Files\Blizzard Entertainment
[18/04/2007|08:47] C:\Program Files\Common Files\InstallShield
[18/04/2007|07:44] C:\Program Files\Common Files\Java
[11/02/2008|22:09] C:\Program Files\Common Files\microsoft shared
[03/07/2008|10:06] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[06/09/2008|13:06] C:\Program Files\Common Files\Steam
[20/06/2008|21:28] C:\Program Files\Common Files\Symantec Shared
[03/08/2008|11:57] C:\Program Files\Common Files\System
[11/02/2008|19:28] C:\Program Files\Common Files\Toshiba Shared
[10/07/2007|16:49] C:\Program Files\Common Files\Ulead Systems
[11/02/2008|22:07] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 82 Processes )

iexplore.exe ~ [PID:968]
iexplore.exe ~ [PID:3392]
IEXPLORE.EXE ~ [PID:5004]
IEXPLORE.EXE ~ [PID:4168]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\Name Body Meet.pdprbi
C:\ProgramData\viewoneone.hannqv4
C:\ProgramData\viewoneone.xktaknu

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Iso Web Bags Else
C:\ProgramData\Iso Web Bags Else\CASH PROXY.exe
C:\Users\yusuf\AppData\Local\Temp\nsbADEB.tmp
C:\Users\yusuf\AppData\Local\Temp\nsbF151.tmp
C:\Users\yusuf\AppData\Local\Temp\nsfB74B.tmp
C:\Users\yusuf\AppData\Local\Temp\nsgF120.tmp
C:\Users\yusuf\AppData\Local\Temp\nsgF172.tmp
C:\Users\yusuf\AppData\Local\Temp\nsgF173.tmp
C:\Users\yusuf\AppData\Local\Temp\nslF140.tmp
C:\Users\yusuf\AppData\Local\Temp\nslF2CB.tmp
C:\Users\yusuf\AppData\Local\Temp\nsqD9BF.tmp
C:\Users\yusuf\AppData\Local\Temp\nsrF162.tmp
C:\Users\yusuf\AppData\Local\Temp\nsu1234.tmp
C:\Users\yusuf\AppData\Local\Temp\nsy2AC8.tmp
C:\Users\yusuf\AppData\Local\Temp\nszCF1D.tmp
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\Users\yusuf\AppData\Roaming\MICROS~1\Windows\Cookies\yusuf@www.adserver5[1].txt
C:\Users\yusuf\AppData\Roaming\MICROS~1\Windows\Cookies\yusuf@advertising[2].txt
C:\Users\yusuf\AppData\Roaming\MICROS~1\Windows\Cookies\yusuf@adopt.euroclick[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bags Else Hole Lite"="\"C:\\ProgramData\\Name Body Meet.pdprbi\""
"Heckfour"="\"C:\\ProgramData\\viewoneone.xktaknu\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-10 21:26:08
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 419

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\yusuf\AppData\Local\Temp\Temp1_Super Codes Prizee Pack+ Prizpass Crack+Generateur codes allopass.zip
C:\Users\yusuf\AppData\Local\Temp\Temp1_Super Codes Prizee Pack+ Prizpass Crack+Generateur codes allopass.zip\Hack Eurobarre V2.uzy
C:\Users\yusuf\AppData\Local\Temp\Temp1_Super Codes Prizee Pack+ Prizpass Crack+Generateur codes allopass.zip\prizeesoft.uzy
C:\Users\yusuf\AppData\Local\Temp\Temp1_Super Codes Prizee Pack+ Prizpass Crack+Generateur codes allopass.zip\un petit plus
C:\Users\yusuf\AppData\Roaming\LimeWire\.AppSpecialShare\Steam hack KeyGen and hack for Steam.torrent.bak


[F:3365][D:206]-> C:\Users\yusuf\AppData\Local\Temp
[F:1727][D:1]-> C:\Users\yusuf\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1017][D:6]-> C:\Users\yusuf\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5331][D:716]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 10/09/2008|21:30 - Option : [1]

--------------------\\ Fin du rapport a 21:30:05
[ UAC => 1 ]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok maintenant fais un rapport hijackthis stp
0
sandy
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:55:54, on 07/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok...tu as encore quelques infections...

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau à cette adresse :

(c est le numéro 6 en bas de la page) : https://www.androidworld.fr/

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
sandy
 
-----------\\ ToolBar S&D 1.1.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Rev. 3.11
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)

"C:\ToolBar SD" ( MAJ : 07-09-2008|12:20 )
Option : [1] ( 07/09/2008|16:01 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-17-08-52-37
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-17-08-52-37.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-12-14-02-06
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-12-14-02-06.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-17-21-54-19
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-17-21-54-19.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-04-11-35-02
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-04-11-35-02.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-04-11-36-00
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-04-11-36-00.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-11-22-05-43
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-11-22-05-43.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-18-13-02-59
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-18-13-02-59.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-25-20-24-47
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-25-20-24-47.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-28-02-16-53
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-28-02-16-53.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-01-11-35-48
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-01-11-35-48.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-01-11-40-22
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-01-11-40-22.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-03-11-54-14
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-03-11-54-14.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\around_the_world_in_80_days16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\big_city_adventure_sydney16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\chocolatier216x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\death_nile16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dream_day_first_home16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\farm_frenzy_216x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jewel_match_216x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\kids.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\MagiciansHandbook16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\magic_farm16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\MahjongChina16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\notFound.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\ranch_rush16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\riseAtlantis16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\saqqarah16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_great_chocolate_chase16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\virtual_farm16x16.gif
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization-French.ini
C:\Program Files\GamesBar\oberontb.dll
C:\Program Files\GamesBar\OBGet.exe
C:\Program Files\GamesBar\uninst.exe
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\GamesBar

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Default_Search_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start Page"="https://www.orange.fr/portail"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

1 - "C:\ToolBar SD\TB_1.txt" - 07/09/2008|16:06 - Option : [1]

-----------\\ Fin du rapport a 16:06:41,84
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok maintenant :

Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.

ensuite :

Télécharger sur le bureau malwarebytes à cette adresse :

https://www.androidworld.fr/

Voici un tuto pour bien l installer et bien l utiliser :

https://www.androidworld.fr/

aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé

Après l analyse, redémarrer le pc et poste le rapport !!

Et refais un nouveau rapport hijackthis stp
0
sandy
 
-----------\\ ToolBar S&D 1.1.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Rev. 3.11
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)

"C:\ToolBar SD" ( MAJ : 07-09-2008|12:20 )
Option : [2] ( 07/09/2008|16:11 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-17-08-52-37
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-17-08-52-37.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-12-14-02-06
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-12-14-02-06.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-17-21-54-19
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-17-21-54-19.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-04-11-35-02
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-04-11-35-02.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-04-11-36-00
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-04-11-36-00.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-11-22-05-43
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-11-22-05-43.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-18-13-02-59
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-18-13-02-59.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-25-20-24-47
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-25-20-24-47.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-28-02-16-53
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-28-02-16-53.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-01-11-35-48
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-01-11-35-48.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-01-11-40-22
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-01-11-40-22.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-03-11-54-14
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-09-03-11-54-14.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\around_the_world_in_80_days16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\big_city_adventure_sydney16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\chocolatier216x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\death_nile16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dream_day_first_home16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\farm_frenzy_216x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jewel_match_216x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\kids.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\MagiciansHandbook16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\magic_farm16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\MahjongChina16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\notFound.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\ranch_rush16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\riseAtlantis16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\saqqarah16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_great_chocolate_chase16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\virtual_farm16x16.gif
Supprime! - C:\Program Files\GamesBar\Localization-French.ini
Supprime! - C:\Program Files\GamesBar\oberontb.dll
Supprime! - C:\Program Files\GamesBar\OBGet.exe
Supprime! - C:\Program Files\GamesBar\uninst.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\GamesBar
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
Supprime! - C:\Program Files\GamesBar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Default_Search_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start Page"="https://www.orange.fr/portail"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 07/09/2008|16:06 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 07/09/2008|16:30 - Option : [2]

-----------\\ Fin du rapport a 16:30:07,93
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok maintenant fais une analyse complete avec malwarebytes stp

aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé
0
sandy
 
dsl de retard mais l'analyse a pris 2h ...

Malwarebytes' Anti-Malware 1.26
Version de la base de données: 1122
Windows 5.1.2600 Service Pack 2

07/09/2008 18:15:07
mbam-log-2008-09-07 (18-15-07).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 153738
Temps écoulé: 1 hour(s), 54 minute(s), 33 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
sandy
 
et voila le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:04:04, on 07/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\windows\system\hpsysdrv.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
je suis de retour...

relance hijackthis en cliquant sur scan only et coches ces lignes stp :

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

puis tu cliques sur fix checked.

vas aussi faire la mise à niveau d adobe reader à cette adresse :

https://get2.adobe.com/reader/otherversions/

est ce que tu as encore des problemes ??

Et as tu les logiciels spybot et ad-aware ??
0
sandy
 
non apparemment je n'ai plus de problemes et les pubs ne viennent plus non plus ! merci bcp de m'avoir aidée car moi qui n'y comprends rien je m'en serai jamais sortie sans toi .
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
Mais de rien, c est avec plaisir que je t aide ;-)

apres avoir fait tout du message 17, tu peux faire ceci pour terminer stp :

Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :

Télécharge toolscleaner sur ton Bureau :

(c est le numéro 15 en bas de la page) : https://www.androidworld.fr/

* Double-clique sur ToolsCleaner2.exe et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse

Désactive et réactive la Restauration du système :

1 Dans la barre des tâches de Windows, clique sur Démarrer.

2 Clique avec le bouton droit de la souris sur Poste de travail puis clique sur Propriétés.

3 Dans l'onglet Restauration du système, coche "Désactiver la Restauration du système"

4 Clique sur Appliquer.

5 Ensuite décoche "Désactiver la restauration du systeme"

6 clique sur appliquer puis ok

7 vas créer un point de restauration dans accessoires----outils systeme----restauration du systeme.

As tu les logiciels ad-aware et spybot ??

PS : les liens de toolscleaner, etc... C est mon site web si ca peut t aider ;-)
0
sandy
 
Non je n'ai pas ces logicieils et voici le rapport:

[ Rapport ToolsCleaner version 2.2.3 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\lopR.txt: trouvé !
C:\TB.txt: trouvé !
C:\Lop SD: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Default User\Recent\MSNFix.lnk: trouvé !
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\HP_Propriétaire\Bureau\HJTInstall.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\WINDOWS\system32\config\systemprofile\Recent\MSNFix.lnk: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Default User\Recent\MSNFix.lnk: supprimé !
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\HP_Propriétaire\Bureau\HJTInstall.exe: supprimé !
C:\WINDOWS\system32\config\systemprofile\Recent\MSNFix.lnk: supprimé !
C:\lopR.txt: supprimé !
C:\TB.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Lop SD: supprimé !
C:\Toolbar SD: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok...tu peux les télécharger sur mon site web dans la rubrique "téléchargements".

Fais bien la suite car c est tres important

Bonne fin de soirée @+
0
sandy
 
dsl mais je n'ai pas réussi a faire l'étape 7 car je ne sais pas ou je trouve "accessoires" et "outils systeme"
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
clique sur démarrer => tous les programmes => ......
0
sandy
 
ok c'est bon j'ai trouver mais je restaure à partir de quand? dsl de t'embêter ...
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
tu ne dois surtout pas restaurer !! tu dois créer un point de restauration
0
sandy
 
ah ok! merci bcp !
bonne soirée ++
0
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
merci et bonne soirée à toi aussi

@+

probleme résolu !!
0