Rapport hijackthis
Résolu
justmamzell
Messages postés
21
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
j'ai effectué un rapport hijackthis car mon ordi est assez lent, et j'aurais voulu connaitre votre avis s'ilvousplait...
apres avoir analysé j'ai copié le log et l'ai fait evalué...mais comment supprimer les fichiers marqués d'une croix orange "nasty"?
par expemple le logiciel bitcomet a été supprimé il y a longtemps et n'a mm pas été utilisé. pourquoi est il inscrit sur le log?
:$ en vous remerciant par avance...
voici le log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:25:37, on 15/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Coraline\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (file missing)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O13 - Gopher Prefix:
O15 - Trusted Zone: https://www.bing.com/search?q=onecare%20live&form=MSDTR1&toHttps=1&redig=1C92C1A5A5B14363B76B4872209A5D58
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
j'ai effectué un rapport hijackthis car mon ordi est assez lent, et j'aurais voulu connaitre votre avis s'ilvousplait...
apres avoir analysé j'ai copié le log et l'ai fait evalué...mais comment supprimer les fichiers marqués d'une croix orange "nasty"?
par expemple le logiciel bitcomet a été supprimé il y a longtemps et n'a mm pas été utilisé. pourquoi est il inscrit sur le log?
:$ en vous remerciant par avance...
voici le log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:25:37, on 15/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Coraline\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (file missing)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O13 - Gopher Prefix:
O15 - Trusted Zone: https://www.bing.com/search?q=onecare%20live&form=MSDTR1&toHttps=1&redig=1C92C1A5A5B14363B76B4872209A5D58
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
A voir également:
- Rapport hijackthis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Modifier rapport d'échelle pdf xchange viewer ✓ - Forum PDF
11 réponses
Salut,
Démarrer > accessoire> executer > tape : services.msc
- Clic droit sur le service cité - Planificateur LiveUpdate automatique
- propriétés
- et dans "type de démarrage" et mets le sur « désactivé ».
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »
Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html
ensuite :
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Vas dans "Démarrer" puis Panneau de configuration.
- Double Clique sur l'icône Comptes d'utilisateurs et sur Activer ou désactiver le contrôle des comptes d'utilisateurs.
- Clique sur Continuer.
- Décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
- Valide par OK et redémarre.
Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517
télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Fais un clic droit sur le raccourci Lop S&D présent sur ton Bureau
* Choisi execueter en tant qu administrateur
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Démarrer > accessoire> executer > tape : services.msc
- Clic droit sur le service cité - Planificateur LiveUpdate automatique
- propriétés
- et dans "type de démarrage" et mets le sur « désactivé ».
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »
Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html
ensuite :
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Vas dans "Démarrer" puis Panneau de configuration.
- Double Clique sur l'icône Comptes d'utilisateurs et sur Activer ou désactiver le contrôle des comptes d'utilisateurs.
- Clique sur Continuer.
- Décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
- Valide par OK et redémarre.
Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517
télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Fais un clic droit sur le raccourci Lop S&D présent sur ton Bureau
* Choisi execueter en tant qu administrateur
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Relance Lop S&D
* Fais un clic droit sur le raccourci Lop S&D présent sur ton Bureau
* Choisi executer en tant qu administrateur
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
* Fais un clic droit sur le raccourci Lop S&D présent sur ton Bureau
* Choisi executer en tant qu administrateur
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual-Core Processor TK-53 )
BIOS : BIOS Version 8.2-0023-M007
USER : Coraline ( Administrator )
BOOT : Normal boot
Antivirus : AntiVirus Firewall 7.00 7.00 (Activated)
Firewall : AntiVirus Firewall 7.00 7.00 (Activated)
C:\ (Local Disk) - NTFS - Total : 146 Go Free : 82 Go
D:\ (Local Disk) - NTFS - Total : 73 Go Free : 70 Go
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [2] ( 15/09/2008|17:27 )
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[02/06/2008|18:41] C:\Users\Coraline\AppData\Local\Adobe
[01/03/2008|02:40] C:\Users\Coraline\AppData\Local\Ahead
[25/12/2007|12:35] C:\Users\Coraline\AppData\Local\Application Data
[29/04/2008|17:56] C:\Users\Coraline\AppData\Local\ApplicationHistory
[28/08/2008|20:41] C:\Users\Coraline\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[29/04/2008|17:48] C:\Users\Coraline\AppData\Local\fusioncache.dat
[29/04/2008|20:04] C:\Users\Coraline\AppData\Local\GDIPFONTCACHEV1.DAT
[29/05/2008|21:33] C:\Users\Coraline\AppData\Local\Google
[25/12/2007|12:35] C:\Users\Coraline\AppData\Local\Historique
[15/09/2008|16:44] C:\Users\Coraline\AppData\Local\IconCache.db
[30/04/2008|22:10] C:\Users\Coraline\AppData\Local\Microsoft
[25/05/2008|18:44] C:\Users\Coraline\AppData\Local\Microsoft Games
[15/09/2008|15:53] C:\Users\Coraline\AppData\Local\MigWiz
[24/01/2008|19:14] C:\Users\Coraline\AppData\Local\Mozilla
[30/03/2008|02:22] C:\Users\Coraline\AppData\Local\Paint.NET
[15/09/2008|17:27] C:\Users\Coraline\AppData\Local\Temp
[25/12/2007|12:35] C:\Users\Coraline\AppData\Local\Temporary Internet Files
[25/12/2007|14:43] C:\Users\Coraline\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[15/09/2008 16:45][--a------] C:\Windows\tasks\Scheduled scanning task.job
[29/01/2008 20:31][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[14/09/2008 18:03][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{F1BBD121-D0B5-48F3-8290-2953919F6E00}.job
[12/09/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - Coraline.job
[15/09/2008 16:45][--ah-----] C:\Windows\tasks\SA.DAT
[15/09/2008 16:44][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[02/06/2008|18:40] C:\ProgramData\Adobe
[22/04/2008|16:10] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[25/12/2007|12:31] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[12/03/2008|18:59] C:\ProgramData\eMule
[25/12/2007|12:31] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[25/12/2007|12:37] C:\ProgramData\fsc-reg
[22/01/2008|18:02] C:\ProgramData\f-secure
[29/05/2008|21:34] C:\ProgramData\Google
[25/12/2007|12:31] C:\ProgramData\Menu D‚marrer
[01/02/2008|17:03] C:\ProgramData\Messenger Plus!
[17/07/2008|15:32] C:\ProgramData\Microsoft
[25/12/2007|12:31] C:\ProgramData\ModŠles
[02/11/2007|10:05] C:\ProgramData\Nero
[29/05/2008|21:33] C:\ProgramData\Skype
[15/09/2008|16:43] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[17/06/2008|00:21] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[03/07/2008|17:05] C:\Program Files\Adobe
[08/04/2008|19:50] C:\Program Files\CCleaner
[29/05/2008|21:33] C:\Program Files\Common Files
[17/08/2008|18:56] C:\Program Files\Counter-Strike Source Local
[29/04/2008|17:51] C:\Program Files\Disc2Phone
[26/05/2008|19:22] C:\Program Files\DVDVideoSoft
[25/12/2007|12:31] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/05/2008|21:34] C:\Program Files\Google
[21/07/2008|18:17] C:\Program Files\inKline Global
[22/07/2008|23:31] C:\Program Files\InstallShield Installation Information
[15/08/2008|11:33] C:\Program Files\Internet Explorer
[25/12/2007|12:41] C:\Program Files\InterVideo
[22/01/2008|16:26] C:\Program Files\Inventel
[22/03/2008|18:55] C:\Program Files\Java
[08/07/2008|16:30] C:\Program Files\K-Lite Codec Pack
[02/11/2007|10:05] C:\Program Files\MB application
[03/09/2008|07:04] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[27/02/2008|01:32] C:\Program Files\Microsoft Office
[19/08/2008|11:42] C:\Program Files\Microsoft Silverlight
[29/01/2008|20:32] C:\Program Files\Microsoft SQL Server Compact Edition
[02/11/2007|09:57] C:\Program Files\Motorola
[02/11/2006|14:42] C:\Program Files\Movie Maker
[15/09/2008|16:46] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[02/11/2007|09:58] C:\Program Files\MSXML 4.0
[02/11/2007|10:05] C:\Program Files\Nero
[27/01/2008|01:24] C:\Program Files\OpenOffice.org 2.3
[30/01/2008|14:39] C:\Program Files\OrangeHSS
[08/04/2008|01:37] C:\Program Files\Paint.NET
[30/05/2008|13:15] C:\Program Files\Panda Security
[22/04/2008|16:38] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[28/04/2008|17:57] C:\Program Files\Securitoo
[29/05/2008|21:33] C:\Program Files\Skype
[05/09/2008|22:03] C:\Program Files\SpeedFan
[15/09/2008|16:36] C:\Program Files\Spybot - Search & Destroy
[02/11/2007|09:58] C:\Program Files\Synaptics
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/11/2007|09:55] C:\Program Files\VIA
[02/11/2007|09:48] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[02/11/2007|09:48] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[28/02/2008|00:47] C:\Program Files\Windows Live
[29/01/2008|20:31] C:\Program Files\Windows Live Favorites
[30/01/2008|17:28] C:\Program Files\Windows Live Safety Center
[29/01/2008|20:31] C:\Program Files\Windows Live Toolbar
[15/08/2008|02:30] C:\Program Files\Windows Mail
[02/11/2007|09:48] C:\Program Files\Windows Media Player
[25/12/2007|12:31] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[24/01/2008|13:54] C:\Program Files\Windows Sidebar
[13/03/2008|00:37] C:\Program Files\WinRAR
[18/08/2008|19:48] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[02/06/2008|18:40] C:\Program Files\Common Files\Adobe
[25/12/2007|14:21] C:\Program Files\Common Files\Ahead
[26/05/2008|19:22] C:\Program Files\Common Files\DVDVideoSoft
[02/11/2007|10:15] C:\Program Files\Common Files\Fujitsu Siemens Computers
[22/07/2008|23:31] C:\Program Files\Common Files\InstallShield
[25/12/2007|12:41] C:\Program Files\Common Files\InterVideo
[27/01/2008|01:22] C:\Program Files\Common Files\Java
[23/01/2008|11:47] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[29/05/2008|21:33] C:\Program Files\Common Files\Skype
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[22/01/2008|17:11] C:\Program Files\Common Files\Symantec Shared
[02/11/2007|09:48] C:\Program Files\Common Files\System
[22/01/2008|18:19] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 62 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-15 17:27:42
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:71][D:6]-> C:\Users\Coraline\AppData\Local\Temp
[F:4][D:1]-> C:\Users\Coraline\AppData\Roaming\MICROS~1\Windows\Cookies
[F:159][D:6]-> C:\Users\Coraline\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:4]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 15/09/2008|16:54 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/09/2008|17:28 - Option : [2]
--------------------\\ Fin du rapport a 17:28:54
[ UAC => 1 ]
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual-Core Processor TK-53 )
BIOS : BIOS Version 8.2-0023-M007
USER : Coraline ( Administrator )
BOOT : Normal boot
Antivirus : AntiVirus Firewall 7.00 7.00 (Activated)
Firewall : AntiVirus Firewall 7.00 7.00 (Activated)
C:\ (Local Disk) - NTFS - Total : 146 Go Free : 82 Go
D:\ (Local Disk) - NTFS - Total : 73 Go Free : 70 Go
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [2] ( 15/09/2008|17:27 )
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[02/06/2008|18:41] C:\Users\Coraline\AppData\Local\Adobe
[01/03/2008|02:40] C:\Users\Coraline\AppData\Local\Ahead
[25/12/2007|12:35] C:\Users\Coraline\AppData\Local\Application Data
[29/04/2008|17:56] C:\Users\Coraline\AppData\Local\ApplicationHistory
[28/08/2008|20:41] C:\Users\Coraline\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[29/04/2008|17:48] C:\Users\Coraline\AppData\Local\fusioncache.dat
[29/04/2008|20:04] C:\Users\Coraline\AppData\Local\GDIPFONTCACHEV1.DAT
[29/05/2008|21:33] C:\Users\Coraline\AppData\Local\Google
[25/12/2007|12:35] C:\Users\Coraline\AppData\Local\Historique
[15/09/2008|16:44] C:\Users\Coraline\AppData\Local\IconCache.db
[30/04/2008|22:10] C:\Users\Coraline\AppData\Local\Microsoft
[25/05/2008|18:44] C:\Users\Coraline\AppData\Local\Microsoft Games
[15/09/2008|15:53] C:\Users\Coraline\AppData\Local\MigWiz
[24/01/2008|19:14] C:\Users\Coraline\AppData\Local\Mozilla
[30/03/2008|02:22] C:\Users\Coraline\AppData\Local\Paint.NET
[15/09/2008|17:27] C:\Users\Coraline\AppData\Local\Temp
[25/12/2007|12:35] C:\Users\Coraline\AppData\Local\Temporary Internet Files
[25/12/2007|14:43] C:\Users\Coraline\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[15/09/2008 16:45][--a------] C:\Windows\tasks\Scheduled scanning task.job
[29/01/2008 20:31][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[14/09/2008 18:03][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{F1BBD121-D0B5-48F3-8290-2953919F6E00}.job
[12/09/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - Coraline.job
[15/09/2008 16:45][--ah-----] C:\Windows\tasks\SA.DAT
[15/09/2008 16:44][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[02/06/2008|18:40] C:\ProgramData\Adobe
[22/04/2008|16:10] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[25/12/2007|12:31] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[12/03/2008|18:59] C:\ProgramData\eMule
[25/12/2007|12:31] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[25/12/2007|12:37] C:\ProgramData\fsc-reg
[22/01/2008|18:02] C:\ProgramData\f-secure
[29/05/2008|21:34] C:\ProgramData\Google
[25/12/2007|12:31] C:\ProgramData\Menu D‚marrer
[01/02/2008|17:03] C:\ProgramData\Messenger Plus!
[17/07/2008|15:32] C:\ProgramData\Microsoft
[25/12/2007|12:31] C:\ProgramData\ModŠles
[02/11/2007|10:05] C:\ProgramData\Nero
[29/05/2008|21:33] C:\ProgramData\Skype
[15/09/2008|16:43] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[17/06/2008|00:21] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[03/07/2008|17:05] C:\Program Files\Adobe
[08/04/2008|19:50] C:\Program Files\CCleaner
[29/05/2008|21:33] C:\Program Files\Common Files
[17/08/2008|18:56] C:\Program Files\Counter-Strike Source Local
[29/04/2008|17:51] C:\Program Files\Disc2Phone
[26/05/2008|19:22] C:\Program Files\DVDVideoSoft
[25/12/2007|12:31] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/05/2008|21:34] C:\Program Files\Google
[21/07/2008|18:17] C:\Program Files\inKline Global
[22/07/2008|23:31] C:\Program Files\InstallShield Installation Information
[15/08/2008|11:33] C:\Program Files\Internet Explorer
[25/12/2007|12:41] C:\Program Files\InterVideo
[22/01/2008|16:26] C:\Program Files\Inventel
[22/03/2008|18:55] C:\Program Files\Java
[08/07/2008|16:30] C:\Program Files\K-Lite Codec Pack
[02/11/2007|10:05] C:\Program Files\MB application
[03/09/2008|07:04] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[27/02/2008|01:32] C:\Program Files\Microsoft Office
[19/08/2008|11:42] C:\Program Files\Microsoft Silverlight
[29/01/2008|20:32] C:\Program Files\Microsoft SQL Server Compact Edition
[02/11/2007|09:57] C:\Program Files\Motorola
[02/11/2006|14:42] C:\Program Files\Movie Maker
[15/09/2008|16:46] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[02/11/2007|09:58] C:\Program Files\MSXML 4.0
[02/11/2007|10:05] C:\Program Files\Nero
[27/01/2008|01:24] C:\Program Files\OpenOffice.org 2.3
[30/01/2008|14:39] C:\Program Files\OrangeHSS
[08/04/2008|01:37] C:\Program Files\Paint.NET
[30/05/2008|13:15] C:\Program Files\Panda Security
[22/04/2008|16:38] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[28/04/2008|17:57] C:\Program Files\Securitoo
[29/05/2008|21:33] C:\Program Files\Skype
[05/09/2008|22:03] C:\Program Files\SpeedFan
[15/09/2008|16:36] C:\Program Files\Spybot - Search & Destroy
[02/11/2007|09:58] C:\Program Files\Synaptics
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/11/2007|09:55] C:\Program Files\VIA
[02/11/2007|09:48] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[02/11/2007|09:48] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[28/02/2008|00:47] C:\Program Files\Windows Live
[29/01/2008|20:31] C:\Program Files\Windows Live Favorites
[30/01/2008|17:28] C:\Program Files\Windows Live Safety Center
[29/01/2008|20:31] C:\Program Files\Windows Live Toolbar
[15/08/2008|02:30] C:\Program Files\Windows Mail
[02/11/2007|09:48] C:\Program Files\Windows Media Player
[25/12/2007|12:31] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[24/01/2008|13:54] C:\Program Files\Windows Sidebar
[13/03/2008|00:37] C:\Program Files\WinRAR
[18/08/2008|19:48] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[02/06/2008|18:40] C:\Program Files\Common Files\Adobe
[25/12/2007|14:21] C:\Program Files\Common Files\Ahead
[26/05/2008|19:22] C:\Program Files\Common Files\DVDVideoSoft
[02/11/2007|10:15] C:\Program Files\Common Files\Fujitsu Siemens Computers
[22/07/2008|23:31] C:\Program Files\Common Files\InstallShield
[25/12/2007|12:41] C:\Program Files\Common Files\InterVideo
[27/01/2008|01:22] C:\Program Files\Common Files\Java
[23/01/2008|11:47] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[29/05/2008|21:33] C:\Program Files\Common Files\Skype
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[22/01/2008|17:11] C:\Program Files\Common Files\Symantec Shared
[02/11/2007|09:48] C:\Program Files\Common Files\System
[22/01/2008|18:19] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 62 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-15 17:27:42
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:71][D:6]-> C:\Users\Coraline\AppData\Local\Temp
[F:4][D:1]-> C:\Users\Coraline\AppData\Roaming\MICROS~1\Windows\Cookies
[F:159][D:6]-> C:\Users\Coraline\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:4]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 15/09/2008|16:54 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/09/2008|17:28 - Option : [2]
--------------------\\ Fin du rapport a 17:28:54
[ UAC => 1 ]
Telecharge malwarebytes
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1155
Windows 6.0.6000
15/09/2008 19:46:29
mbam-log-2008-09-15 (19-46-29).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 157039
Temps écoulé: 1 hour(s), 30 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Version de la base de données: 1155
Windows 6.0.6000
15/09/2008 19:46:29
mbam-log-2008-09-15 (19-46-29).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 157039
Temps écoulé: 1 hour(s), 30 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
fais un clic droit sur hiajckthis
choisi executer en tant qu adminstrateur
fais le scan et post le new rapport stp
choisi executer en tant qu adminstrateur
fais le scan et post le new rapport stp
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:34:54, on 15/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\mobsync.exe
C:\Users\Coraline\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: https://www.bing.com/search?q=onecare%20live&form=MSDTR1&toHttps=1&redig=1C92C1A5A5B14363B76B4872209A5D58
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
Scan saved at 20:34:54, on 15/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\mobsync.exe
C:\Users\Coraline\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: https://www.bing.com/search?q=onecare%20live&form=MSDTR1&toHttps=1&redig=1C92C1A5A5B14363B76B4872209A5D58
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
fais un clic droit sur hijackthis
choisi executer en tant qu adminstrateur
fais scan only
coches ces lignes :
O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (file missing)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
tu les coches et tu clic sur fi checked
ensuite :
-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):
http://download.piriform.com/ccsetup210.exe
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
-> Tuto : https://www.malekal.com/tutoriel-ccleaner/
ensuite :
désinstal java car pas a jours et telecharge et instal cette version
idem pour adobe reader : http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.0/fra/AdbeRdr90_fr_FR.exe
ensuite :
* pour supprimer les outils/fix utilisés :
Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/
# Fais un clic droit sur toolcleaner
# Choisi executer en tant qu administrateur
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
Désactive et reactive ta restauration
choisi executer en tant qu adminstrateur
fais scan only
coches ces lignes :
O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (file missing)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
tu les coches et tu clic sur fi checked
ensuite :
-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):
http://download.piriform.com/ccsetup210.exe
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
-> Tuto : https://www.malekal.com/tutoriel-ccleaner/
ensuite :
désinstal java car pas a jours et telecharge et instal cette version
idem pour adobe reader : http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.0/fra/AdbeRdr90_fr_FR.exe
ensuite :
* pour supprimer les outils/fix utilisés :
Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/
# Fais un clic droit sur toolcleaner
# Choisi executer en tant qu administrateur
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
Désactive et reactive ta restauration
OK Hijackthis et lop s&d ont disparu ?
si oui :
si tu n as pas d autres soucis change le statut du sujet en resolu stp
http://www.commentcamarche.net/faq/sujet 11365 marquer un fil de discussion comme etant resolu
si oui :
si tu n as pas d autres soucis change le statut du sujet en resolu stp
http://www.commentcamarche.net/faq/sujet 11365 marquer un fil de discussion comme etant resolu
on a nettoyé les infections presentent oui il devrait moins ramer
si il rame tu sais faire une defrgmentation ??
si il rame tu sais faire une defrgmentation ??
lol ah non pas du tout ^^ mais d'apres les rapports que j'ai posté j'ai supprimé pas mal de trucs? je ne trouve pas les deux noms que vous avez cité audessus je pense qu'ils ont été supprimé. en tout cas merci pr votre aide. Je pourrais refaire ça de temps en temps en suivant ce que vous venez de m'expliquer? Y a t-il un post qui explique pr des "novices" comment faire une degragmentation si besoin?
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual-Core Processor TK-53 )
BIOS : BIOS Version 8.2-0023-M007
USER : Coraline ( Administrator )
BOOT : Normal boot
Antivirus : AntiVirus Firewall 7.00 7.00 (Activated)
Firewall : AntiVirus Firewall 7.00 7.00 (Activated)
C:\ (Local Disk) - NTFS - Total : 146 Go Free : 82 Go
D:\ (Local Disk) - NTFS - Total : 73 Go Free : 70 Go
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 15/09/2008|16:50 )
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[02/06/2008|18:41] C:\Users\Coraline\AppData\Local\Adobe
[01/03/2008|02:40] C:\Users\Coraline\AppData\Local\Ahead
[25/12/2007|12:35] C:\Users\Coraline\AppData\Local\Application Data
[29/04/2008|17:56] C:\Users\Coraline\AppData\Local\ApplicationHistory
[28/08/2008|20:41] C:\Users\Coraline\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[29/04/2008|17:48] C:\Users\Coraline\AppData\Local\fusioncache.dat
[29/04/2008|20:04] C:\Users\Coraline\AppData\Local\GDIPFONTCACHEV1.DAT
[29/05/2008|21:33] C:\Users\Coraline\AppData\Local\Google
[25/12/2007|12:35] C:\Users\Coraline\AppData\Local\Historique
[15/09/2008|16:44] C:\Users\Coraline\AppData\Local\IconCache.db
[30/04/2008|22:10] C:\Users\Coraline\AppData\Local\Microsoft
[25/05/2008|18:44] C:\Users\Coraline\AppData\Local\Microsoft Games
[15/09/2008|15:53] C:\Users\Coraline\AppData\Local\MigWiz
[24/01/2008|19:14] C:\Users\Coraline\AppData\Local\Mozilla
[30/03/2008|02:22] C:\Users\Coraline\AppData\Local\Paint.NET
[15/09/2008|16:48] C:\Users\Coraline\AppData\Local\Temp
[25/12/2007|12:35] C:\Users\Coraline\AppData\Local\Temporary Internet Files
[25/12/2007|14:43] C:\Users\Coraline\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[15/09/2008 16:45][--a------] C:\Windows\tasks\Scheduled scanning task.job
[29/01/2008 20:31][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[14/09/2008 18:03][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{F1BBD121-D0B5-48F3-8290-2953919F6E00}.job
[12/09/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - Coraline.job
[15/09/2008 16:45][--ah-----] C:\Windows\tasks\SA.DAT
[15/09/2008 16:44][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[02/06/2008|18:40] C:\ProgramData\Adobe
[22/04/2008|16:10] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[25/12/2007|12:31] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[12/03/2008|18:59] C:\ProgramData\eMule
[25/12/2007|12:31] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[25/12/2007|12:37] C:\ProgramData\fsc-reg
[22/01/2008|18:02] C:\ProgramData\f-secure
[29/05/2008|21:34] C:\ProgramData\Google
[25/12/2007|12:31] C:\ProgramData\Menu D‚marrer
[01/02/2008|17:03] C:\ProgramData\Messenger Plus!
[17/07/2008|15:32] C:\ProgramData\Microsoft
[25/12/2007|12:31] C:\ProgramData\ModŠles
[02/11/2007|10:05] C:\ProgramData\Nero
[29/05/2008|21:33] C:\ProgramData\Skype
[15/09/2008|16:43] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[17/06/2008|00:21] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[03/07/2008|17:05] C:\Program Files\Adobe
[08/04/2008|19:50] C:\Program Files\CCleaner
[09/04/2008|01:27] C:\Program Files\Circle Developement
[29/05/2008|21:33] C:\Program Files\Common Files
[17/08/2008|18:56] C:\Program Files\Counter-Strike Source Local
[29/04/2008|17:51] C:\Program Files\Disc2Phone
[26/05/2008|19:22] C:\Program Files\DVDVideoSoft
[25/12/2007|12:31] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/05/2008|21:34] C:\Program Files\Google
[21/07/2008|18:17] C:\Program Files\inKline Global
[22/07/2008|23:31] C:\Program Files\InstallShield Installation Information
[15/08/2008|11:33] C:\Program Files\Internet Explorer
[25/12/2007|12:41] C:\Program Files\InterVideo
[22/01/2008|16:26] C:\Program Files\Inventel
[22/03/2008|18:55] C:\Program Files\Java
[08/07/2008|16:30] C:\Program Files\K-Lite Codec Pack
[02/11/2007|10:05] C:\Program Files\MB application
[03/09/2008|07:04] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[27/02/2008|01:32] C:\Program Files\Microsoft Office
[19/08/2008|11:42] C:\Program Files\Microsoft Silverlight
[29/01/2008|20:32] C:\Program Files\Microsoft SQL Server Compact Edition
[02/11/2007|09:57] C:\Program Files\Motorola
[02/11/2006|14:42] C:\Program Files\Movie Maker
[15/09/2008|16:46] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[02/11/2007|09:58] C:\Program Files\MSXML 4.0
[02/11/2007|10:05] C:\Program Files\Nero
[27/01/2008|01:24] C:\Program Files\OpenOffice.org 2.3
[30/01/2008|14:39] C:\Program Files\OrangeHSS
[08/04/2008|01:37] C:\Program Files\Paint.NET
[30/05/2008|13:15] C:\Program Files\Panda Security
[22/04/2008|16:38] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[28/04/2008|17:57] C:\Program Files\Securitoo
[29/05/2008|21:33] C:\Program Files\Skype
[05/09/2008|22:03] C:\Program Files\SpeedFan
[15/09/2008|16:36] C:\Program Files\Spybot - Search & Destroy
[02/11/2007|09:58] C:\Program Files\Synaptics
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/11/2007|09:55] C:\Program Files\VIA
[02/11/2007|09:48] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[02/11/2007|09:48] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[28/02/2008|00:47] C:\Program Files\Windows Live
[29/01/2008|20:31] C:\Program Files\Windows Live Favorites
[30/01/2008|17:28] C:\Program Files\Windows Live Safety Center
[29/01/2008|20:31] C:\Program Files\Windows Live Toolbar
[15/08/2008|02:30] C:\Program Files\Windows Mail
[02/11/2007|09:48] C:\Program Files\Windows Media Player
[25/12/2007|12:31] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[24/01/2008|13:54] C:\Program Files\Windows Sidebar
[13/03/2008|00:37] C:\Program Files\WinRAR
[18/08/2008|19:48] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[02/06/2008|18:40] C:\Program Files\Common Files\Adobe
[25/12/2007|14:21] C:\Program Files\Common Files\Ahead
[26/05/2008|19:22] C:\Program Files\Common Files\DVDVideoSoft
[02/11/2007|10:15] C:\Program Files\Common Files\Fujitsu Siemens Computers
[22/07/2008|23:31] C:\Program Files\Common Files\InstallShield
[25/12/2007|12:41] C:\Program Files\Common Files\InterVideo
[27/01/2008|01:22] C:\Program Files\Common Files\Java
[23/01/2008|11:47] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[29/05/2008|21:33] C:\Program Files\Common Files\Skype
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[22/01/2008|17:11] C:\Program Files\Common Files\Symantec Shared
[02/11/2007|09:48] C:\Program Files\Common Files\System
[22/01/2008|18:19] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 60 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\Circle Developement
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-15 16:52:38
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:62][D:6]-> C:\Users\Coraline\AppData\Local\Temp
[F:4][D:1]-> C:\Users\Coraline\AppData\Roaming\MICROS~1\Windows\Cookies
[F:150][D:6]-> C:\Users\Coraline\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:8][D:4]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 15/09/2008|16:54 - Option : [1]
--------------------\\ Fin du rapport a 16:54:59
[ UAC => 1 ]