Sujet Précédent Sujet Suivant

Au secours!!!!! SYSTEME ANTIVIRUS 2008

Résolu/Fermé
js11 - 22 sept. 2008 à 10:37
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 22 sept. 2008 à 16:18
Bonjour, a l'aide je suis em......... avec SYSTEME ANIVIRUS 2008 ce C.. d'antivirus MAC AFEE n'arrive pas a m'en débarasser merci a celui qui pourra m'aider.
A voir également:

8 réponses

Réponse 1 / 8
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
22 sept. 2008 à 11:15
tu fais un copier coller!!!









sinon

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.


déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
1
js11 Messages postés 24 Date d'inscription lundi 22 septembre 2008 Statut Membre Dernière intervention 4 novembre 2008
22 sept. 2008 à 11:42
ok voila le rapport combofix j'espére que ça ira merci

ComboFix 08-09-20.05 - jerome soulet 2008-09-22 11:40:25.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1219 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\jerome soulet\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
* Resident AV is active


[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\jerome soulet\Cookies\jerome_soulet@ad.yieldmanager[1].txt
C:\Documents and Settings\jerome soulet\Cookies\jerome_soulet@metaffiliation[2].txt
C:\Documents and Settings\jerome soulet\Cookies\jerome_soulet@www.google[1].txt
C:\Documents and Settings\jerome soulet\Cookies\jerome_soulet@www.pixmania[3].txt

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-22 au 2008-09-22 ))))))))))))))))))))))))))))))))))))
.

2008-09-22 11:01 . 2008-09-19 12:26 82,944 --a------ C:\WINDOWS\system32\o4Patch.exe
2008-09-22 11:01 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-09-22 10:54 . 2008-09-22 10:59 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-09-22 08:26 . 2008-09-22 08:26 122,372 --a------ C:\WINDOWS\system32\msxml71.dll
2008-09-22 08:25 . 2008-09-22 08:25 <REP> d-------- C:\Program Files\SAV
2008-09-18 21:09 . 2008-09-20 23:19 <REP> d-------- C:\Downloads
2008-09-18 21:08 . 2008-09-22 10:51 <REP> d-------- C:\Program Files\BitComet
2008-09-17 11:36 . 2008-09-17 11:42 <REP> d-------- C:\Program Files\Freeciv-2.0.8-gtk2
2008-09-15 22:29 . 2008-09-15 22:29 <REP> d-------- C:\UsinePreparations
2008-09-12 20:32 . 2008-09-12 20:32 <REP> d-------- C:\Documents and Settings\jerome soulet\Application Data\Malwarebytes
2008-09-12 20:32 . 2008-09-12 20:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-12 20:28 . 2008-09-22 11:01 5,636 --a------ C:\WINDOWS\system32\tmp.reg
2008-09-12 20:27 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-09-12 20:27 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-09-12 20:27 . 2008-09-08 23:38 88,576 --a------ C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-12 20:27 . 2008-09-02 16:51 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-09-12 20:27 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-09-12 20:27 . 2008-09-12 12:53 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-09-12 20:27 . 2008-08-18 12:19 82,432 --a------ C:\WINDOWS\system32\404Fix.exe
2008-09-12 20:27 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-09-12 20:27 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-09-12 19:36 . 2008-09-12 19:44 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-12 19:21 . 2008-09-12 19:21 <REP> d-------- C:\WINDOWS\McAfee.com
2008-09-12 14:52 . 2008-09-12 22:34 <REP> d-------- C:\Program Files\zcbtknc
2008-09-12 14:52 . 2008-09-12 22:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\qfqdwnmt
2008-09-09 10:04 . 2008-09-09 10:04 <REP> d-------- C:\Program Files\Veoh Networks
2008-09-04 19:46 . 2008-09-04 19:46 3,932,214 --a------ C:\WINDOWS\wallpaper.bmp

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-22 09:12 --------- d-----w C:\Program Files\Wanadoo
2008-09-21 14:40 --------- d-----w C:\Documents and Settings\jerome soulet\Application Data\SiteAdvisor
2008-09-19 13:15 --------- d-----w C:\Program Files\eMule
2008-09-17 11:33 --------- d-----w C:\Documents and Settings\jerome soulet\Application Data\LimeWire
2008-09-16 17:38 --------- d-----w C:\Program Files\LimeWire
2008-09-15 17:13 --------- d-----w C:\Program Files\Windows Live
2008-09-12 21:59 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-12 17:16 --------- d-----w C:\Documents and Settings\jerome soulet\Application Data\McAfee
2008-09-12 07:14 --------- d-----w C:\Documents and Settings\jerome soulet\Application Data\OpenOffice.org2
2008-09-12 07:11 --------- d-----w C:\Program Files\McAfee
2008-09-12 07:11 --------- d-----w C:\Program Files\Brother
2008-09-11 05:54 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-09-11 05:54 --------- d-----w C:\Program Files\Common Files
2008-09-09 08:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-28 13:36 --------- d-----w C:\Program Files\Yahoo!
2008-08-10 12:33 90,929 ----a-w C:\WINDOWS\system32\ofgrmyrfolbhu.dll-uninst.exe
2008-08-09 20:42 --------- d-----w C:\Documents and Settings\jerome soulet\Application Data\upload city first
2008-07-23 16:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\part dead amok eggs
2008-07-23 16:34 --------- d-----w C:\Program Files\upload city first
2008-07-22 13:44 --------- d-----w C:\Program Files\OpenOffice.org 2.4
2008-07-22 13:44 --------- d-----w C:\Program Files\Java
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 08:28 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:21 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:21 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-05 08:11 81,920 -c--a-w C:\Documents and Settings\jerome soulet\Application Data\ezpinst.exe
2008-06-05 08:11 47,360 -c--a-w C:\Documents and Settings\jerome soulet\Application Data\pcouffin.sys
2007-08-13 12:30 2,380 -c--a-w C:\Program Files\firebird.log
2007-02-27 18:21 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
2008-06-05 08:21 168 --sh--r C:\WINDOWS\system32\3C0EB1F9CA.sys
2008-06-05 08:21 5,018 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2006-08-28 395776]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-02 68856]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-10-09 202544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-16 7323648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-01 1838592]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-10 57393]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-10 40960]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-06-15 229376]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2007-03-05 36904]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 286720]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-10-09 16384]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-12-22 185896]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2006-08-14 462336]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"WrtMon.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-10-09 202544]
"Amok Eggs Four Web"="C:\Documents and Settings\All Users\Application Data\part dead amok eggs\proxy upload.exe" [2008-09-22 8084480]
"Antivirus"="C:\Program Files\SAV\sav.exe" [2008-09-22 404992]
"SigmatelSysTrayApp"="stsystra.exe" [2006-08-15 C:\WINDOWS\stsystra.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]

C:\Documents and Settings\jerome soulet\Menu D‚marrer\Programmes\D‚marrage\
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe [2007-12-12 3746856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.dvsd"= dvc.dll
"VIDC.VQJ1"= V1300dec.dll
"vidc.yv12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Visiodis\\visiodi2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"=
"C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"=
"C:\\isr\\ISRClients\\DanaClient348_fr_ver6.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7061:TCP"= 7061:TCP:BitComet 7061 TCP
"7061:UDP"= 7061:UDP:BitComet 7061 UDP

R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2004-12-13 65536]
R2 Scan4;Scan4;C:\WINDOWS\system32\drivers\Scan4.sys [2003-10-28 7040]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2004-12-13 1527893]
R3 TAK2PL;Pilote Puits de déchargement TakFlash;C:\WINDOWS\system32\DRIVERS\TAK2pl.SYS [2004-06-28 42752]
R3 USB TAKCardReader;USB TAKCardReader;C:\WINDOWS\system32\DRIVERS\TAKCR2K.sys [2005-06-08 47215]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver;C:\WINDOWS\system32\Drivers\BrSerIf.sys [2004-06-12 51712]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\WINDOWS\system32\Drivers\BrUsbSer.sys [2004-01-10 11648]
S3 CS780BLK;Mega Camera 1300(Bulk);C:\WINDOWS\system32\DRIVERS\V1300Blk.sys [ ]
S3 V1300;Mega Camera 1300;C:\WINDOWS\system32\DRIVERS\V1300vid.sys [ ]
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-Adobe Photo Downloader - C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe


.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\jerome soulet\Application Data\Mozilla\Firefox\Profiles\s4swq5vp.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-22 11:42:49
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-09-22 11:44:03
ComboFix-quarantined-files.txt 2008-09-22 09:43:47
ComboFix2.txt 2008-09-12 18:09:54

Avant-CF: 132ÿ631ÿ502ÿ848 octets libres
Après-CF: 132,728,147,968 octets libres

189 --- E O F --- 2008-09-11 05:34:39
0
Réponse 2 / 8
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
22 sept. 2008 à 16:18
parfait pour virer ce que l'on a utilisé:

Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

ps : pas besoin de m´envoyer le rapport si tout a été supprimé
1
Réponse 3 / 8
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
22 sept. 2008 à 10:39
slt,
lance rogue remover et colle nous le rapport:

pour info :
http://www.libellules.ch/dotclear/index.php?2006/11/29/1518-rogue-remover

pour telecharger :
https://www.01net.com/telecharger/


_______________


smit fraud fix (colle le rapport)

1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php

2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes.
-1
js11 Messages postés 24 Date d'inscription lundi 22 septembre 2008 Statut Membre Dernière intervention 4 novembre 2008
22 sept. 2008 à 11:02
j' arrive même pas a coller les rapports
-1
js11 Messages postés 24 Date d'inscription lundi 22 septembre 2008 Statut Membre Dernière intervention 4 novembre 2008
22 sept. 2008 à 11:23
ça y est voila les rapports :



SmitFraudFix v2.353

Rapport fait à 11:01:26,28, 22/09/2008
Executé à partir de C:\Documents and Settings\jerome soulet\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\SAV\sav.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\DOCUME~1\JEROME~1\LOCALS~1\Temp\video232.cfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\DOCUME~1\JEROME~1\LOCALS~1\Temp\b.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\BitComet\BitComet.exe
C:\Documents and Settings\jerome soulet\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\jerome soulet


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\jerome soulet\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JEROME~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\sav\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"appinit_dlls"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Broadcom 440x 10/100 Integrated Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{230BB2CE-E22F-487B-96E2-857BA9CE247A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{230BB2CE-E22F-487B-96E2-857BA9CE247A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{230BB2CE-E22F-487B-96E2-857BA9CE247A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Malwarebytes' RogueRemover
Malwarebytes ©2007 https://www.malwarebytes.com/
6290 total fingerprints loaded.

Loading database ...
Expanding environmental variables ...

Scanning files ... [ 100% ].
Scanning folders ... [ 100% ].
Scanning registry keys ... [ 100% ].
Scanning registry values ... [ 100% ].

RogueRemover has detected rogue antispyware components! Results below...

Type: Folder
Vendor: System Antivirus
Location: C:\Program Files\sav
Selected for removal: Yes

RogueRemover has found the objects above.
-1
Réponse 4 / 8
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
22 sept. 2008 à 11:49
ok

analyse ce fichier sur virus total et colle le rapport: https://www.virustotal.com/gui/

C:\Program Files\SAV\sav.exe


_________________



Télécharge MSNFix de Laurent
http://sosvirus.changelog.fr/MSNFix.zip

Décompresse-le et double clic sur le fichier MSNFix.bat.
- Exécute l'option R.
--Si l'infection est détectée, exécute l'option N
- Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.


envoyer le fichier [b] C:\DOCUME~1\florian\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr pour faire evoluer msnfix


______________________


tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
-1
js11 Messages postés 24 Date d'inscription lundi 22 septembre 2008 Statut Membre Dernière intervention 4 novembre 2008
22 sept. 2008 à 11:57
voila pour commencer je fais la suite.



Fichier sav.exe reçu le 2008.09.22 03:50:46 (CET)
Situation actuelle: terminé

Résultat: 19/36 (52.78%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.9.19.2 2008.09.19 -
AntiVir 7.8.1.34 2008.09.21 TR/Fake.UltimaAV.bh
Authentium 5.1.0.4 2008.09.21 -
Avast 4.8.1195.0 2008.09.22 Win32:FakeAlert-S
AVG 8.0.0.161 2008.09.21 FakeAlert.AO
BitDefender 7.2 2008.09.22 GenPack:Trojan.Fakeav.AD
CAT-QuickHeal 9.50 2008.09.20 (Suspicious) - DNAScan
ClamAV 0.93.1 2008.09.22 -
DrWeb 4.44.0.09170 2008.09.21 Trojan.Fakealert.1311
eSafe 7.0.17.0 2008.09.21 -
eTrust-Vet 31.6.6098 2008.09.21 Win32/FakeAVE!generic
Ewido 4.0 2008.09.21 -
F-Prot 4.4.4.56 2008.09.21 -
F-Secure 8.0.14332.0 2008.09.22 -
Fortinet 3.113.0.0 2008.09.21 PossibleThreat
GData 19 2008.09.22 Win32:FakeAlert-S
Ikarus T3.1.1.34.0 2008.09.22 Virus.Win32.FakeAlert.S
K7AntiVirus 7.10.466 2008.09.20 -
Kaspersky 7.0.0.125 2008.09.22 -
McAfee 5388 2008.09.19 -
Microsoft 1.3903 2008.09.22 -
NOD32v2 3458 2008.09.21 a variant of Win32/Adware.Antivirus2008
Norman 5.80.02 2008.09.19 AntiVirus2008.EA
Panda 9.0.0.4 2008.09.21 Suspicious file
PCTools 4.4.2.0 2008.09.21 -
Prevx1 V2 2008.09.22 Worm
Rising 20.62.62.00 2008.09.21 -
Sophos 4.33.0 2008.09.22 Mal/FakeAV-E
Sunbelt 3.1.1653.1 2008.09.20 Trojan.Fakeav.AD
Symantec 10 2008.09.22 AntiVirus2008
TheHacker 6.3.0.9.090 2008.09.20 -
TrendMicro 8.700.0.1004 2008.09.20 TROJ_FAKEAV.NN
VBA32 3.12.8.5 2008.09.22 -
ViRobot 2008.9.20.1385 2008.09.20 -
VirusBuster 4.5.11.0 2008.09.21 -
Webwasher-Gateway 6.6.2 2008.09.22 Trojan.Fake.UltimaAV.bh
Information additionnelle
File size: 404992 bytes
MD5...: c7dfa67e339be36c15fe5d490dfe6cb8
SHA1..: dced8e211919cc57878b53c7e6d288a31dc1c6ab
SHA256: daad68ed4ef99ef0dc3e8eced5e6da97431af801aaea823681abfd5408c7feed
SHA512: b5fbcf244dd1c72c6fb96613521ec8be29e3ea66536be737a386a7459ae74008
013c9920a3be1676a59b01e8dd0acacc74c38eac829cf51189b8ddb38864f5ff
PEiD..: ASProtect v1.23 RC1
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401000
timedatestamp.....: 0x48d240d6 (Thu Sep 18 11:51:50 2008)
machinetype.......: 0x14c (I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
0x1000 0x32000 0x19400 8.00 b16f3951f47fd463b85016dcf7e6e849
0x33000 0xc000 0x4a00 7.99 bebd5795a856837dfaab3235604a7456
0x3f000 0xa000 0x1200 7.95 c2a3f784762f603d8c4441f618624e6d
.rsrc 0x49000 0x24000 0x11e00 7.89 023f6c63d959fbac47082f8de5ee0f6b
0x6d000 0x1000 0x200 7.55 7da749830d4672617a63ad262a4fd0d9
.LIKJHSU 0x6e000 0x31000 0x30e00 7.67 8f073a2cbaccc2e5b3f0a392a74af730
.adata 0x9f000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

( 15 imports )
> kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA
> shlwapi.dll: SHDeleteKeyA
> user32.dll: PostThreadMessageA
> gdi32.dll: ScaleViewportExtEx
> comdlg32.dll: GetFileTitleA
> winspool.drv: ClosePrinter
> advapi32.dll: LookupPrivilegeValueA
> shell32.dll: Shell_NotifyIconA
> comctl32.dll: -
> oledlg.dll: -
> ole32.dll: CoFreeUnusedLibraries
> olepro32.dll: -
> oleaut32.dll: -
> oleaut32.dll: VariantChangeTypeEx
> kernel32.dll: RaiseException

( 0 exports )

packers (Kaspersky): PE_Patch
packers (F-Prot): Aspack
packers (Avast): ASProtect
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=65FBB2C60037F9852ED7068415F0F90007E73747
-1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
22 sept. 2008 à 12:13
ok j'attends la suite
-1
js11 Messages postés 24 Date d'inscription lundi 22 septembre 2008 Statut Membre Dernière intervention 4 novembre 2008
22 sept. 2008 à 12:23
MSN FIX :

winchat.exe
WinFXDocObj.exe
winhlp32.exe
winlogon.exe
winmine.exe
winmsd.exe
winspool.exe
winver.exe
[C:\WINDOWS\system32\winchat.exe] 2A99260794224489F29B628717B7947E
[C:\WINDOWS\system32\WinFXDocObj.exe] 660336AD0305C852122C5EEBBACE9BAF
[C:\WINDOWS\system32\winhlp32.exe] 577624F19D0441C9111F2AF26C81E04D
[C:\WINDOWS\system32\winlogon.exe] D2DE785AEAB0BB8CA4C14A8A199DBE4E
[C:\WINDOWS\system32\winmine.exe] EA682C022F7204CC8E8C9EF5DCE29356
[C:\WINDOWS\system32\winmsd.exe] 7EBF8A4B608AFB79C67F4E4A9C5885BB
[C:\WINDOWS\system32\winspool.exe] 0B4B94B78123E8035B84105BC024F9F8
[C:\WINDOWS\system32\winver.exe] CE30DCEF79B94D17A8B3BEC26FEF90A3
0
js11 Messages postés 24 Date d'inscription lundi 22 septembre 2008 Statut Membre Dernière intervention 4 novembre 2008
22 sept. 2008 à 12:25
rapport lop

bon courage


--------------------\\ Lop S&D 4.2.4-4 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : jerome soulet ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
C:\ (Local Disk) - NTFS - Total : 145 Go Free : 123 Go
D:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
F:\ (USB) - FAT - Total : 1961 Mo Free : 1 Go

"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 22/09/2008|12:26 )

--------------------\\ Listing des dossiers dans APPLIC~1

[20/02/2007|11:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\GTek
[19/08/2004|15:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[20/02/2007|11:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[11/03/2008|16:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/09/2007|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[10/09/2007|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/02/2007|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[20/02/2007|11:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[21/11/2007|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dell
[06/03/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[25/02/2007|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[20/02/2007|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GTek
[20/02/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[12/09/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[14/03/2007|08:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[14/03/2007|08:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[14/07/2008|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[04/06/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGI
[01/12/2007|00:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[11/07/2008|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/09/2007|01:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
[23/07/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
[06/03/2007|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[12/09/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\qfqdwnmt
[19/08/2004|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[24/02/2007|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[30/08/2007|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[20/02/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[06/11/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SupportSoft
[12/09/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[19/04/2007|07:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/07/2007|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[11/07/2008|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/02/2008|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[20/02/2007|11:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Gtek
[19/08/2004|15:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[20/02/2007|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[16/04/2008|21:09] C:\DOCUME~1\JEROME~1\APPLIC~1\Adobe
[26/02/2007|13:53] C:\DOCUME~1\JEROME~1\APPLIC~1\AdobeUM
[29/04/2008|19:08] C:\DOCUME~1\JEROME~1\APPLIC~1\Apple Computer
[26/02/2007|11:03] C:\DOCUME~1\JEROME~1\APPLIC~1\Brother
[05/06/2008|10:21] C:\DOCUME~1\JEROME~1\APPLIC~1\Corel
[06/03/2007|18:09] C:\DOCUME~1\JEROME~1\APPLIC~1\Datalayer
[21/04/2007|00:22] C:\DOCUME~1\JEROME~1\APPLIC~1\Google
[20/02/2007|11:23] C:\DOCUME~1\JEROME~1\APPLIC~1\Gtek
[26/02/2007|11:08] C:\DOCUME~1\JEROME~1\APPLIC~1\Help
[19/08/2004|15:24] C:\DOCUME~1\JEROME~1\APPLIC~1\Identities
[26/03/2008|22:33] C:\DOCUME~1\JEROME~1\APPLIC~1\InstallShield
[26/02/2007|14:30] C:\DOCUME~1\JEROME~1\APPLIC~1\Leadertech
[17/09/2008|13:33] C:\DOCUME~1\JEROME~1\APPLIC~1\LimeWire
[24/02/2007|15:35] C:\DOCUME~1\JEROME~1\APPLIC~1\Macromedia
[12/09/2008|20:32] C:\DOCUME~1\JEROME~1\APPLIC~1\Malwarebytes
[12/09/2008|19:16] C:\DOCUME~1\JEROME~1\APPLIC~1\McAfee
[04/02/2008|21:44] C:\DOCUME~1\JEROME~1\APPLIC~1\Microsoft
[22/12/2007|13:33] C:\DOCUME~1\JEROME~1\APPLIC~1\Mozilla
[23/03/2007|16:11] C:\DOCUME~1\JEROME~1\APPLIC~1\MSNInstaller
[27/03/2008|08:25] C:\DOCUME~1\JEROME~1\APPLIC~1\NewSoft
[06/03/2007|18:47] C:\DOCUME~1\JEROME~1\APPLIC~1\Nokia
[29/04/2008|19:06] C:\DOCUME~1\JEROME~1\APPLIC~1\Nokia Multimedia Player
[07/02/2008|15:48] C:\DOCUME~1\JEROME~1\APPLIC~1\ntr
[12/09/2008|09:14] C:\DOCUME~1\JEROME~1\APPLIC~1\OpenOffice.org2
[06/03/2007|18:47] C:\DOCUME~1\JEROME~1\APPLIC~1\PC Suite
[22/12/2007|13:35] C:\DOCUME~1\JEROME~1\APPLIC~1\Real
[21/09/2008|16:40] C:\DOCUME~1\JEROME~1\APPLIC~1\SiteAdvisor
[26/02/2007|14:31] C:\DOCUME~1\JEROME~1\APPLIC~1\Sonic
[18/03/2007|10:41] C:\DOCUME~1\JEROME~1\APPLIC~1\Sun
[22/12/2007|13:33] C:\DOCUME~1\JEROME~1\APPLIC~1\Talkback
[09/08/2008|22:42] C:\DOCUME~1\JEROME~1\APPLIC~1\upload city first
[13/05/2008|21:44] C:\DOCUME~1\JEROME~1\APPLIC~1\vlc
[05/06/2008|10:11] C:\DOCUME~1\JEROME~1\APPLIC~1\Vso
[01/02/2008|01:49] C:\DOCUME~1\JEROME~1\APPLIC~1\Yahoo!

[04/03/2008|09:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/03/2008|22:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Monotype Imaging
[01/12/2007|01:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor

[11/07/2008|19:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[11/07/2008|19:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\SiteAdvisor

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[22/09/2008 12:00][--ah-----] C:\WINDOWS\tasks\B449E20893B68BF8.job
[19/09/2008 11:02][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/07/2008 01:29][--a------] C:\WINDOWS\tasks\McDefragTask.job
[01/09/2008 01:00][--a------] C:\WINDOWS\tasks\McQcTask.job
[22/09/2008 10:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( B449E20893B68BF8.job )=( c:\docume~1\jerome~1\applic~1\upload~1\webmealstyle.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[25/06/2008|10:15] C:\Program Files\Adobe
[10/09/2007|11:37] C:\Program Files\Apple Software Update
[15/01/2008|22:02] C:\Program Files\AtomixMP3
[04/06/2008|20:22] C:\Program Files\AviSynth 2.5
[11/05/2008|08:40] C:\Program Files\Axis Communications
[20/02/2007|11:23] C:\Program Files\BAE
[22/09/2008|10:51] C:\Program Files\BitComet
[20/02/2007|11:15] C:\Program Files\Broadcom
[12/09/2008|09:11] C:\Program Files\Brother
[20/06/2007|16:14] C:\Program Files\CD Natation
[11/09/2008|07:54] C:\Program Files\Common Files
[19/08/2004|15:15] C:\Program Files\ComPlus Applications
[20/02/2007|11:00] C:\Program Files\CONEXANT
[14/03/2007|08:23] C:\Program Files\Controle Parental
[20/02/2007|11:19] C:\Program Files\Corel
[21/01/2008|19:11] C:\Program Files\Dcads Games Collection
[20/02/2007|11:15] C:\Program Files\Dell
[20/02/2007|11:23] C:\Program Files\Dell Support
[06/11/2007|18:49] C:\Program Files\Dell Support Center
[26/03/2008|22:40] C:\Program Files\Device Setting Utility
[06/03/2007|17:56] C:\Program Files\DIFX
[20/02/2007|11:15] C:\Program Files\Digital Line Detect
[04/06/2008|18:11] C:\Program Files\directx
[28/03/2008|22:14] C:\Program Files\DJ show
[04/06/2008|23:11] C:\Program Files\DVDx
[19/09/2008|15:15] C:\Program Files\eMule
[26/02/2007|14:54] C:\Program Files\epson
[22/09/2008|11:41] C:\Program Files\Fichiers communs
[26/02/2007|14:48] C:\Program Files\Firebird
[17/09/2008|11:42] C:\Program Files\Freeciv-2.0.8-gtk2
[22/12/2007|13:32] C:\Program Files\Google
[25/02/2007|10:13] C:\Program Files\i-Media
[09/09/2008|10:04] C:\Program Files\InstallShield Installation Information
[20/02/2007|11:15] C:\Program Files\InterActual
[15/08/2008|18:14] C:\Program Files\Internet Explorer
[25/02/2007|10:14] C:\Program Files\i-Timtel
[22/07/2008|15:44] C:\Program Files\Java
[16/09/2008|19:38] C:\Program Files\LimeWire
[20/02/2007|11:24] C:\Program Files\MAKEMSI Package Documentation
[12/09/2008|09:11] C:\Program Files\McAfee
[14/03/2007|08:23] C:\Program Files\McAfee.com
[15/08/2008|12:27] C:\Program Files\Messenger
[12/09/2008|23:59] C:\Program Files\Messenger Plus! Live
[04/06/2008|18:13] C:\Program Files\MGI
[19/08/2004|15:18] C:\Program Files\microsoft frontpage
[28/11/2007|15:21] C:\Program Files\Microsoft Office
[19/04/2007|07:59] C:\Program Files\Microsoft Sites publics fran‡ais
[20/02/2007|11:17] C:\Program Files\Microsoft Visual Studio
[30/01/2008|17:08] C:\Program Files\Microsoft Works
[20/02/2007|11:16] C:\Program Files\Microsoft.NET
[19/08/2004|15:16] C:\Program Files\Movie Maker
[22/12/2007|13:33] C:\Program Files\Mozilla Firefox
[09/08/2007|14:06] C:\Program Files\MSN
[19/08/2004|15:14] C:\Program Files\MSN Gaming Zone
[24/02/2007|15:15] C:\Program Files\MSXML 4.0
[19/08/2004|15:16] C:\Program Files\NetMeeting
[20/02/2007|11:15] C:\Program Files\NetWaiting
[27/03/2008|08:23] C:\Program Files\NewSoft
[01/09/2007|01:27] C:\Program Files\Nokia
[19/08/2004|15:15] C:\Program Files\Online Services
[22/07/2008|15:44] C:\Program Files\OpenOffice.org 2.4
[20/02/2007|11:24] C:\Program Files\Orange
[25/02/2007|10:08] C:\Program Files\Outil de diagnostic de modem
[20/06/2007|09:31] C:\Program Files\Outlook Express
[10/09/2007|11:38] C:\Program Files\QuickTime
[26/03/2008|22:33] C:\Program Files\R_Manual
[22/12/2007|13:32] C:\Program Files\Real
[22/09/2008|10:59] C:\Program Files\RogueRemover FREE
[20/02/2007|11:19] C:\Program Files\Roxio
[22/09/2008|08:25] C:\Program Files\SAV
[24/02/2007|15:05] C:\Program Files\ScanSoft
[19/08/2004|15:16] C:\Program Files\Services en ligne
[20/02/2007|11:13] C:\Program Files\Sigmatel
[27/05/2008|09:28] C:\Program Files\SiteAdvisor
[20/02/2007|11:20] C:\Program Files\Sonic
[19/08/2004|15:24] C:\Program Files\Uninstall Information
[23/07/2008|18:34] C:\Program Files\upload city first
[09/09/2008|10:04] C:\Program Files\Veoh Networks
[19/06/2008|07:46] C:\Program Files\Video Convert Master
[13/05/2008|20:34] C:\Program Files\VideoLAN
[11/03/2008|17:43] C:\Program Files\VirginMega
[07/02/2008|15:12] C:\Program Files\VisioArc
[22/09/2008|12:24] C:\Program Files\Wanadoo
[04/06/2008|20:15] C:\Program Files\WinASPI
[15/09/2008|19:13] C:\Program Files\Windows Live
[09/08/2007|14:08] C:\Program Files\Windows Live Toolbar
[29/05/2007|07:29] C:\Program Files\Windows Media Connect 2
[29/05/2007|07:29] C:\Program Files\Windows Media Player
[19/08/2004|15:14] C:\Program Files\Windows NT
[19/08/2004|15:16] C:\Program Files\WindowsUpdate
[19/08/2004|15:18] C:\Program Files\xerox
[28/08/2008|15:36] C:\Program Files\Yahoo!
[12/09/2008|22:34] C:\Program Files\zcbtknc

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[28/03/2008|20:03] C:\Program Files\Fichiers communs\Adobe
[20/02/2007|11:19] C:\Program Files\Fichiers communs\Corel
[20/02/2007|11:17] C:\Program Files\Fichiers communs\DESIGNER
[11/09/2008|07:54] C:\Program Files\Fichiers communs\InstallShield
[20/02/2007|11:11] C:\Program Files\Fichiers communs\Java
[13/03/2008|16:51] C:\Program Files\Fichiers communs\McAfee
[04/06/2008|18:11] C:\Program Files\Fichiers communs\MGI Shared
[08/07/2008|10:09] C:\Program Files\Fichiers communs\Microsoft Shared
[19/08/2004|15:16] C:\Program Files\Fichiers communs\MSSoap
[27/03/2008|08:24] C:\Program Files\Fichiers communs\NewSoft
[01/09/2007|01:27] C:\Program Files\Fichiers communs\Nokia
[19/08/2004|15:10] C:\Program Files\Fichiers communs\ODBC
[06/03/2007|17:56] C:\Program Files\Fichiers communs\PCSuite
[22/12/2007|13:33] C:\Program Files\Fichiers communs\Real
[20/02/2007|11:19] C:\Program Files\Fichiers communs\Roxio Shared
[24/02/2007|15:06] C:\Program Files\Fichiers communs\ScanSoft Shared
[19/08/2004|15:16] C:\Program Files\Fichiers communs\Services
[20/02/2007|11:20] C:\Program Files\Fichiers communs\Sonic Shared
[19/08/2004|15:10] C:\Program Files\Fichiers communs\SpeechEngines
[06/11/2007|18:49] C:\Program Files\Fichiers communs\supportsoft
[20/06/2007|09:31] C:\Program Files\Fichiers communs\System
[20/02/2007|11:19] C:\Program Files\Fichiers communs\TiVo Shared
[11/07/2008|12:17] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[22/12/2007|13:33] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 71 Processes )

IEXPLORE.EXE ~ [PID:1968]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\proxy upload.exe
C:\DOCUME~1\JEROME~1\APPLIC~1\upload~1
C:\DOCUME~1\JEROME~1\APPLIC~1\upload~1\RdrLongMpegProc.exe
C:\DOCUME~1\JEROME~1\APPLIC~1\upload~1\web meal style.exe
C:\Program Files\upload~1
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@advertstream[2].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@adultfriendfinder[1].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@advertising[2].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@ero-advertising[1].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@adin.bigpoint[1].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@bigpoint[2].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@fr.bigpoint[2].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@fr.xblaster.bigpoint[1].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@banner.casinoking[2].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@casinoking[1].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@banner.cotedazurpalace[2].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@www.cotedazurpalace[1].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@adopt.euroclick[1].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@pacificpoker[1].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@partypoker[1].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@32vegas[1].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@banner.32vegas[2].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@www.2xmoinscher[2].txt
C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@888[2].txt
C:\WINDOWS\Tasks\B449E20893B68BF8.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Amok Eggs Four Web"="C:\\Documents and Settings\\All Users\\Application Data\\part dead amok eggs\\proxy upload.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-22 12:28:00
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@likecrack[1].txt


[F:5][D:4]-> C:\DOCUME~1\JEROME~1\LOCALS~1\Temp
[F:701][D:0]-> C:\DOCUME~1\JEROME~1\Cookies
[F:290][D:12]-> C:\DOCUME~1\JEROME~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 22/09/2008|12:28 - Option : [1]

--------------------\\ Fin du rapport a 12:28:51
-1
Réponse 6 / 8
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
22 sept. 2008 à 12:34
lop sd:

* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)


(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)


____________________


pour fusionner:

http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

______________________


Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :







File::
C:\Documents and Settings\All Users\Application Data\part dead amok eggs\proxy upload.exe
C:\Program Files\SAV\sav.exe
C:\Program Files\SAV

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Amok Eggs Four Web"=-
"Antivirus"=-




Enregistre ce fichier sous le nom CFscript


Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

Remets aussi un rapport Hijackthis


Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
-1
js11 Messages postés 24 Date d'inscription lundi 22 septembre 2008 Statut Membre Dernière intervention 4 novembre 2008
22 sept. 2008 à 13:15
rapport combo et voila rapport hijac a suivre
ComboFix 08-09-20.05 - jerome soulet 2008-09-22 13:14:30.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1403 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\jerome soulet\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\jerome soulet\Bureau\CFscript.txt
* Un nouveau point de restauration a été créé
* Resident AV is active


[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\Documents and Settings\All Users\Application Data\part dead amok eggs\proxy upload.exe
C:\Program Files\SAV
C:\Program Files\SAV\sav.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\SAV\sav.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-22 au 2008-09-22 ))))))))))))))))))))))))))))))))))))
.

2008-09-22 12:26 . 2008-09-22 13:06 <REP> d-------- C:\Lop SD
2008-09-22 11:01 . 2008-09-19 12:26 82,944 --a------ C:\WINDOWS\system32\o4Patch.exe
2008-09-22 11:01 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-09-22 10:54 . 2008-09-22 10:59 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-09-22 08:26 . 2008-09-22 08:26 122,372 --a------ C:\WINDOWS\system32\msxml71.dll
2008-09-22 08:25 . 2008-09-22 13:14 <REP> d-------- C:\Program Files\SAV
2008-09-18 21:09 . 2008-09-20 23:19 <REP> d-------- C:\Downloads
2008-09-18 21:08 . 2008-09-22 12:55 <REP> d-------- C:\Program Files\BitComet
2008-09-17 11:36 . 2008-09-17 11:42 <REP> d-------- C:\Program Files\Freeciv-2.0.8-gtk2
2008-09-15 22:29 . 2008-09-15 22:29 <REP> d-------- C:\UsinePreparations
2008-09-12 20:32 . 2008-09-12 20:32 <REP> d-------- C:\Documents and Settings\jerome soulet\Application Data\Malwarebytes
2008-09-12 20:32 . 2008-09-12 20:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-12 20:28 . 2008-09-22 11:01 5,636 --a------ C:\WINDOWS\system32\tmp.reg
2008-09-12 20:28 . 2008-09-22 11:01 0 --a------ C:\WINDOWS\system32\tmp.MSNFix
2008-09-12 20:27 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-09-12 20:27 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-09-12 20:27 . 2008-09-08 23:38 88,576 --a------ C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-12 20:27 . 2008-09-02 16:51 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-09-12 20:27 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-09-12 20:27 . 2008-09-12 12:53 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-09-12 20:27 . 2008-08-18 12:19 82,432 --a------ C:\WINDOWS\system32\404Fix.exe
2008-09-12 20:27 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-09-12 20:27 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-09-12 19:36 . 2008-09-12 19:44 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-12 19:21 . 2008-09-12 19:21 <REP> d-------- C:\WINDOWS\McAfee.com
2008-09-12 14:52 . 2008-09-12 22:34 <REP> d-------- C:\Program Files\zcbtknc
2008-09-12 14:52 . 2008-09-12 22:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\qfqdwnmt
2008-09-09 10:04 . 2008-09-09 10:04 <REP> d-------- C:\Program Files\Veoh Networks
2008-09-04 19:46 . 2008-09-04 19:46 3,932,214 --a------ C:\WINDOWS\wallpaper.bmp

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-22 11:10 --------- d-----w C:\Program Files\Wanadoo
2008-09-21 14:40 --------- d-----w C:\Documents and Settings\jerome soulet\Application Data\SiteAdvisor
2008-09-19 13:15 --------- d-----w C:\Program Files\eMule
2008-09-17 11:33 --------- d-----w C:\Documents and Settings\jerome soulet\Application Data\LimeWire
2008-09-16 17:38 --------- d-----w C:\Program Files\LimeWire
2008-09-15 17:13 --------- d-----w C:\Program Files\Windows Live
2008-09-12 21:59 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-12 17:16 --------- d-----w C:\Documents and Settings\jerome soulet\Application Data\McAfee
2008-09-12 07:14 --------- d-----w C:\Documents and Settings\jerome soulet\Application Data\OpenOffice.org2
2008-09-12 07:11 --------- d-----w C:\Program Files\McAfee
2008-09-12 07:11 --------- d-----w C:\Program Files\Brother
2008-09-11 05:54 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-09-11 05:54 --------- d-----w C:\Program Files\Common Files
2008-09-09 08:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-28 13:36 --------- d-----w C:\Program Files\Yahoo!
2008-08-10 12:33 90,929 ----a-w C:\WINDOWS\system32\ofgrmyrfolbhu.dll-uninst.exe
2008-07-22 13:44 --------- d-----w C:\Program Files\OpenOffice.org 2.4
2008-07-22 13:44 --------- d-----w C:\Program Files\Java
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 08:28 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:21 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:21 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-05 08:11 81,920 -c--a-w C:\Documents and Settings\jerome soulet\Application Data\ezpinst.exe
2008-06-05 08:11 47,360 -c--a-w C:\Documents and Settings\jerome soulet\Application Data\pcouffin.sys
2007-08-13 12:30 2,380 -c--a-w C:\Program Files\firebird.log
2007-02-27 18:21 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
2008-06-05 08:21 168 --sh--r C:\WINDOWS\system32\3C0EB1F9CA.sys
2008-06-05 08:21 5,018 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2006-08-28 395776]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-02 68856]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-10-09 202544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-16 7323648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-01 1838592]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-10 57393]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-10 40960]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-06-15 229376]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2007-03-05 36904]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 286720]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-10-09 16384]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-12-22 185896]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2006-08-14 462336]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"WrtMon.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-10-09 202544]
"SigmatelSysTrayApp"="stsystra.exe" [2006-08-15 C:\WINDOWS\stsystra.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]

C:\Documents and Settings\jerome soulet\Menu D‚marrer\Programmes\D‚marrage\
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe [2007-12-12 3746856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.dvsd"= dvc.dll
"VIDC.VQJ1"= V1300dec.dll
"vidc.yv12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Visiodis\\visiodi2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"=
"C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"=
"C:\\isr\\ISRClients\\DanaClient348_fr_ver6.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7061:TCP"= 7061:TCP:BitComet 7061 TCP
"7061:UDP"= 7061:UDP:BitComet 7061 UDP

R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2004-12-13 65536]
R2 Scan4;Scan4;C:\WINDOWS\system32\drivers\Scan4.sys [2003-10-28 7040]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2004-12-13 1527893]
R3 TAK2PL;Pilote Puits de déchargement TakFlash;C:\WINDOWS\system32\DRIVERS\TAK2pl.SYS [2004-06-28 42752]
R3 USB TAKCardReader;USB TAKCardReader;C:\WINDOWS\system32\DRIVERS\TAKCR2K.sys [2005-06-08 47215]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver;C:\WINDOWS\system32\Drivers\BrSerIf.sys [2004-06-12 51712]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\WINDOWS\system32\Drivers\BrUsbSer.sys [2004-01-10 11648]
S3 CS780BLK;Mega Camera 1300(Bulk);C:\WINDOWS\system32\DRIVERS\V1300Blk.sys [ ]
S3 V1300;Mega Camera 1300;C:\WINDOWS\system32\DRIVERS\V1300vid.sys [ ]
.
Contenu du dossier 'Tâches planifiées'
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-22 13:15:58
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0
-1
js11 Messages postés 24 Date d'inscription lundi 22 septembre 2008 Statut Membre Dernière intervention 4 novembre 2008
22 sept. 2008 à 13:18
et voila le rapport hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:21:54, on 22/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=3070220
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5382/mcfscan.cab
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
-1
Réponse 7 / 8
js11 Messages postés 24 Date d'inscription lundi 22 septembre 2008 Statut Membre Dernière intervention 4 novembre 2008
22 sept. 2008 à 13:04
rapport lop pour le reste galere ça vient


--------------------\\ Lop S&D 4.2.4-4 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : jerome soulet ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
C:\ (Local Disk) - NTFS - Total : 145 Go Free : 123 Go
D:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
F:\ (USB) - FAT - Total : 1961 Mo Free : 1 Go

"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [2] ( 22/09/2008|13:04 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\proxy upload.exe
Supprime! - C:\DOCUME~1\JEROME~1\APPLIC~1\upload~1\RdrLongMpegProc.exe
Supprime! - C:\DOCUME~1\JEROME~1\APPLIC~1\upload~1\web meal style.exe
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@advertstream[2].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@advertising[2].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@ero-advertising[1].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@bigpoint[2].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@fr.bigpoint[2].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@fr.xblaster.bigpoint[1].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@casinoking[1].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@partypoker[1].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@32vegas[1].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@www.2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@888[2].txt
Supprime! - C:\WINDOWS\Tasks\B449E20893B68BF8.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
Supprime! - C:\DOCUME~1\JEROME~1\APPLIC~1\upload~1
Supprime! - C:\Program Files\upload~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[20/02/2007|11:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\GTek
[19/08/2004|15:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[20/02/2007|11:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[11/03/2008|16:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/09/2007|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[10/09/2007|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/02/2007|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[20/02/2007|11:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[21/11/2007|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dell
[06/03/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[25/02/2007|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[20/02/2007|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GTek
[20/02/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[12/09/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[14/03/2007|08:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[14/03/2007|08:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[14/07/2008|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[04/06/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGI
[01/12/2007|00:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[11/07/2008|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/09/2007|01:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
[06/03/2007|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[12/09/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\qfqdwnmt
[19/08/2004|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[24/02/2007|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[30/08/2007|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[20/02/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[06/11/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SupportSoft
[12/09/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[19/04/2007|07:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/07/2007|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[11/07/2008|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/02/2008|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[20/02/2007|11:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Gtek
[19/08/2004|15:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[20/02/2007|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[16/04/2008|21:09] C:\DOCUME~1\JEROME~1\APPLIC~1\Adobe
[26/02/2007|13:53] C:\DOCUME~1\JEROME~1\APPLIC~1\AdobeUM
[29/04/2008|19:08] C:\DOCUME~1\JEROME~1\APPLIC~1\Apple Computer
[26/02/2007|11:03] C:\DOCUME~1\JEROME~1\APPLIC~1\Brother
[05/06/2008|10:21] C:\DOCUME~1\JEROME~1\APPLIC~1\Corel
[06/03/2007|18:09] C:\DOCUME~1\JEROME~1\APPLIC~1\Datalayer
[21/04/2007|00:22] C:\DOCUME~1\JEROME~1\APPLIC~1\Google
[20/02/2007|11:23] C:\DOCUME~1\JEROME~1\APPLIC~1\Gtek
[26/02/2007|11:08] C:\DOCUME~1\JEROME~1\APPLIC~1\Help
[19/08/2004|15:24] C:\DOCUME~1\JEROME~1\APPLIC~1\Identities
[26/03/2008|22:33] C:\DOCUME~1\JEROME~1\APPLIC~1\InstallShield
[26/02/2007|14:30] C:\DOCUME~1\JEROME~1\APPLIC~1\Leadertech
[17/09/2008|13:33] C:\DOCUME~1\JEROME~1\APPLIC~1\LimeWire
[24/02/2007|15:35] C:\DOCUME~1\JEROME~1\APPLIC~1\Macromedia
[12/09/2008|20:32] C:\DOCUME~1\JEROME~1\APPLIC~1\Malwarebytes
[12/09/2008|19:16] C:\DOCUME~1\JEROME~1\APPLIC~1\McAfee
[04/02/2008|21:44] C:\DOCUME~1\JEROME~1\APPLIC~1\Microsoft
[22/12/2007|13:33] C:\DOCUME~1\JEROME~1\APPLIC~1\Mozilla
[23/03/2007|16:11] C:\DOCUME~1\JEROME~1\APPLIC~1\MSNInstaller
[27/03/2008|08:25] C:\DOCUME~1\JEROME~1\APPLIC~1\NewSoft
[06/03/2007|18:47] C:\DOCUME~1\JEROME~1\APPLIC~1\Nokia
[29/04/2008|19:06] C:\DOCUME~1\JEROME~1\APPLIC~1\Nokia Multimedia Player
[07/02/2008|15:48] C:\DOCUME~1\JEROME~1\APPLIC~1\ntr
[12/09/2008|09:14] C:\DOCUME~1\JEROME~1\APPLIC~1\OpenOffice.org2
[06/03/2007|18:47] C:\DOCUME~1\JEROME~1\APPLIC~1\PC Suite
[22/12/2007|13:35] C:\DOCUME~1\JEROME~1\APPLIC~1\Real
[21/09/2008|16:40] C:\DOCUME~1\JEROME~1\APPLIC~1\SiteAdvisor
[26/02/2007|14:31] C:\DOCUME~1\JEROME~1\APPLIC~1\Sonic
[18/03/2007|10:41] C:\DOCUME~1\JEROME~1\APPLIC~1\Sun
[22/12/2007|13:33] C:\DOCUME~1\JEROME~1\APPLIC~1\Talkback
[13/05/2008|21:44] C:\DOCUME~1\JEROME~1\APPLIC~1\vlc
[05/06/2008|10:11] C:\DOCUME~1\JEROME~1\APPLIC~1\Vso
[01/02/2008|01:49] C:\DOCUME~1\JEROME~1\APPLIC~1\Yahoo!

[04/03/2008|09:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/03/2008|22:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Monotype Imaging
[01/12/2007|01:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor

[11/07/2008|19:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[11/07/2008|19:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\SiteAdvisor

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[19/09/2008 11:02][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/07/2008 01:29][--a------] C:\WINDOWS\tasks\McDefragTask.job
[01/09/2008 01:00][--a------] C:\WINDOWS\tasks\McQcTask.job
[22/09/2008 12:55][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[25/06/2008|10:15] C:\Program Files\Adobe
[10/09/2007|11:37] C:\Program Files\Apple Software Update
[15/01/2008|22:02] C:\Program Files\AtomixMP3
[04/06/2008|20:22] C:\Program Files\AviSynth 2.5
[11/05/2008|08:40] C:\Program Files\Axis Communications
[20/02/2007|11:23] C:\Program Files\BAE
[22/09/2008|12:55] C:\Program Files\BitComet
[20/02/2007|11:15] C:\Program Files\Broadcom
[12/09/2008|09:11] C:\Program Files\Brother
[20/06/2007|16:14] C:\Program Files\CD Natation
[11/09/2008|07:54] C:\Program Files\Common Files
[19/08/2004|15:15] C:\Program Files\ComPlus Applications
[20/02/2007|11:00] C:\Program Files\CONEXANT
[14/03/2007|08:23] C:\Program Files\Controle Parental
[20/02/2007|11:19] C:\Program Files\Corel
[21/01/2008|19:11] C:\Program Files\Dcads Games Collection
[20/02/2007|11:15] C:\Program Files\Dell
[20/02/2007|11:23] C:\Program Files\Dell Support
[06/11/2007|18:49] C:\Program Files\Dell Support Center
[26/03/2008|22:40] C:\Program Files\Device Setting Utility
[06/03/2007|17:56] C:\Program Files\DIFX
[20/02/2007|11:15] C:\Program Files\Digital Line Detect
[04/06/2008|18:11] C:\Program Files\directx
[28/03/2008|22:14] C:\Program Files\DJ show
[04/06/2008|23:11] C:\Program Files\DVDx
[19/09/2008|15:15] C:\Program Files\eMule
[26/02/2007|14:54] C:\Program Files\epson
[22/09/2008|11:41] C:\Program Files\Fichiers communs
[26/02/2007|14:48] C:\Program Files\Firebird
[17/09/2008|11:42] C:\Program Files\Freeciv-2.0.8-gtk2
[22/12/2007|13:32] C:\Program Files\Google
[25/02/2007|10:13] C:\Program Files\i-Media
[09/09/2008|10:04] C:\Program Files\InstallShield Installation Information
[20/02/2007|11:15] C:\Program Files\InterActual
[15/08/2008|18:14] C:\Program Files\Internet Explorer
[25/02/2007|10:14] C:\Program Files\i-Timtel
[22/07/2008|15:44] C:\Program Files\Java
[16/09/2008|19:38] C:\Program Files\LimeWire
[20/02/2007|11:24] C:\Program Files\MAKEMSI Package Documentation
[12/09/2008|09:11] C:\Program Files\McAfee
[14/03/2007|08:23] C:\Program Files\McAfee.com
[15/08/2008|12:27] C:\Program Files\Messenger
[12/09/2008|23:59] C:\Program Files\Messenger Plus! Live
[04/06/2008|18:13] C:\Program Files\MGI
[19/08/2004|15:18] C:\Program Files\microsoft frontpage
[28/11/2007|15:21] C:\Program Files\Microsoft Office
[19/04/2007|07:59] C:\Program Files\Microsoft Sites publics fran‡ais
[20/02/2007|11:17] C:\Program Files\Microsoft Visual Studio
[30/01/2008|17:08] C:\Program Files\Microsoft Works
[20/02/2007|11:16] C:\Program Files\Microsoft.NET
[19/08/2004|15:16] C:\Program Files\Movie Maker
[22/12/2007|13:33] C:\Program Files\Mozilla Firefox
[09/08/2007|14:06] C:\Program Files\MSN
[19/08/2004|15:14] C:\Program Files\MSN Gaming Zone
[24/02/2007|15:15] C:\Program Files\MSXML 4.0
[19/08/2004|15:16] C:\Program Files\NetMeeting
[20/02/2007|11:15] C:\Program Files\NetWaiting
[27/03/2008|08:23] C:\Program Files\NewSoft
[01/09/2007|01:27] C:\Program Files\Nokia
[19/08/2004|15:15] C:\Program Files\Online Services
[22/07/2008|15:44] C:\Program Files\OpenOffice.org 2.4
[20/02/2007|11:24] C:\Program Files\Orange
[25/02/2007|10:08] C:\Program Files\Outil de diagnostic de modem
[20/06/2007|09:31] C:\Program Files\Outlook Express
[10/09/2007|11:38] C:\Program Files\QuickTime
[26/03/2008|22:33] C:\Program Files\R_Manual
[22/12/2007|13:32] C:\Program Files\Real
[22/09/2008|10:59] C:\Program Files\RogueRemover FREE
[20/02/2007|11:19] C:\Program Files\Roxio
[22/09/2008|12:56] C:\Program Files\SAV
[24/02/2007|15:05] C:\Program Files\ScanSoft
[19/08/2004|15:16] C:\Program Files\Services en ligne
[20/02/2007|11:13] C:\Program Files\Sigmatel
[27/05/2008|09:28] C:\Program Files\SiteAdvisor
[20/02/2007|11:20] C:\Program Files\Sonic
[19/08/2004|15:24] C:\Program Files\Uninstall Information
[09/09/2008|10:04] C:\Program Files\Veoh Networks
[19/06/2008|07:46] C:\Program Files\Video Convert Master
[13/05/2008|20:34] C:\Program Files\VideoLAN
[11/03/2008|17:43] C:\Program Files\VirginMega
[07/02/2008|15:12] C:\Program Files\VisioArc
[22/09/2008|12:59] C:\Program Files\Wanadoo
[04/06/2008|20:15] C:\Program Files\WinASPI
[15/09/2008|19:13] C:\Program Files\Windows Live
[09/08/2007|14:08] C:\Program Files\Windows Live Toolbar
[29/05/2007|07:29] C:\Program Files\Windows Media Connect 2
[29/05/2007|07:29] C:\Program Files\Windows Media Player
[19/08/2004|15:14] C:\Program Files\Windows NT
[19/08/2004|15:16] C:\Program Files\WindowsUpdate
[19/08/2004|15:18] C:\Program Files\xerox
[28/08/2008|15:36] C:\Program Files\Yahoo!
[12/09/2008|22:34] C:\Program Files\zcbtknc

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[28/03/2008|20:03] C:\Program Files\Fichiers communs\Adobe
[20/02/2007|11:19] C:\Program Files\Fichiers communs\Corel
[20/02/2007|11:17] C:\Program Files\Fichiers communs\DESIGNER
[11/09/2008|07:54] C:\Program Files\Fichiers communs\InstallShield
[20/02/2007|11:11] C:\Program Files\Fichiers communs\Java
[13/03/2008|16:51] C:\Program Files\Fichiers communs\McAfee
[04/06/2008|18:11] C:\Program Files\Fichiers communs\MGI Shared
[08/07/2008|10:09] C:\Program Files\Fichiers communs\Microsoft Shared
[19/08/2004|15:16] C:\Program Files\Fichiers communs\MSSoap
[27/03/2008|08:24] C:\Program Files\Fichiers communs\NewSoft
[01/09/2007|01:27] C:\Program Files\Fichiers communs\Nokia
[19/08/2004|15:10] C:\Program Files\Fichiers communs\ODBC
[06/03/2007|17:56] C:\Program Files\Fichiers communs\PCSuite
[22/12/2007|13:33] C:\Program Files\Fichiers communs\Real
[20/02/2007|11:19] C:\Program Files\Fichiers communs\Roxio Shared
[24/02/2007|15:06] C:\Program Files\Fichiers communs\ScanSoft Shared
[19/08/2004|15:16] C:\Program Files\Fichiers communs\Services
[20/02/2007|11:20] C:\Program Files\Fichiers communs\Sonic Shared
[19/08/2004|15:10] C:\Program Files\Fichiers communs\SpeechEngines
[06/11/2007|18:49] C:\Program Files\Fichiers communs\supportsoft
[20/06/2007|09:31] C:\Program Files\Fichiers communs\System
[20/02/2007|11:19] C:\Program Files\Fichiers communs\TiVo Shared
[11/07/2008|12:17] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[22/12/2007|13:33] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 73 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-22 13:05:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\JEROME~1\Cookies\jerome_soulet@likecrack[1].txt


[F:19][D:4]-> C:\DOCUME~1\JEROME~1\LOCALS~1\Temp
[F:679][D:0]-> C:\DOCUME~1\JEROME~1\Cookies
[F:481][D:12]-> C:\DOCUME~1\JEROME~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 22/09/2008|12:28 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 22/09/2008|13:06 - Option : [2]

--------------------\\ Fin du rapport a 13:06:06
-1
Réponse 8 / 8
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
22 sept. 2008 à 14:13
utilise pour supprimer tes traces

CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo
(dans les options désactive la case: effacer les fichiers de plus de 48 heures)
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html


_____________________


mets a jour adobe reader avec la version 9

https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html


________________________

encore des soucis??????????,
-1
js11
22 sept. 2008 à 15:49
a priori plus de soucis même les pubs CID ont disparus
merci merci merci beaucoup .
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
Erreur la zone de données passée à un appel système est insu
Vincent -
Panth33ra -

5 réponses