Bonjour, J'ai le problème des pop up CID qui ont infecté mon ordinateur. J'ai téléchargé le logiciel Lop S&D et j'obtiens un rapport. J'aimerais que quelqu'un m'aide afin de ne pas faire de bêtises lors de l'étape suppression. Merci d'avance.

Problème Pop up CID

Réponse 1 / 7

hooligan63780 Messages postés 835 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 29 novembre 2008 5
3 oct. 2008 à 16:33

lut tu fait néttoyage et vactionation ++

Réponse 2 / 7

toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
3 oct. 2008 à 16:34

Bonjour

Poste ton rapport...

e.villain Messages postés 8 Date d'inscription vendredi 3 octobre 2008 Statut Membre Dernière intervention 6 octobre 2008
3 oct. 2008 à 19:41

Voici mon rapport:

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 1.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Emmanuel ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 37 Go Free : 13 Go
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 03/10/2008|15:57 )

--------------------\\ Listing des dossiers dans APPLIC~1

[04/03/2005|20:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[25/09/2008|23:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[04/03/2005|20:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[10/06/2007|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/01/2006|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/09/2008|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[12/10/2002|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[11/03/2007|03:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[08/10/2006|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Idledentscrteam
[12/07/2005|23:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[26/09/2008|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool
[18/02/2007|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[25/01/2006|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[25/01/2006|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!(2)
[11/03/2007|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/10/2002|13:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[11/03/2007|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[19/01/2006|10:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism
[20/06/2007|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[12/10/2002|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/07/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03/02/2006|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/10/2002|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[26/01/2006|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[19/02/2007|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[29/04/2008|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[10/02/2007|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[07/09/2008|11:32] C:\DOCUME~1\AMLIE~1\APPLIC~1\Adobe
[17/03/2007|12:43] C:\DOCUME~1\AMLIE~1\APPLIC~1\AdobeUM
[02/01/2003|11:48] C:\DOCUME~1\AMLIE~1\APPLIC~1\ArcSoft
[05/03/2004|21:03] C:\DOCUME~1\AMLIE~1\APPLIC~1\EPSON
[26/09/2008|00:07] C:\DOCUME~1\AMLIE~1\APPLIC~1\flap aim site
[02/01/2003|14:05] C:\DOCUME~1\AMLIE~1\APPLIC~1\Help
[12/10/2002|14:30] C:\DOCUME~1\AMLIE~1\APPLIC~1\Identities
[09/09/2005|13:10] C:\DOCUME~1\AMLIE~1\APPLIC~1\Jasc
[28/06/2005|21:53] C:\DOCUME~1\AMLIE~1\APPLIC~1\LockTime
[14/11/2004|12:18] C:\DOCUME~1\AMLIE~1\APPLIC~1\Macromedia
[03/03/2007|14:20] C:\DOCUME~1\AMLIE~1\APPLIC~1\Microsoft
[28/06/2005|23:29] C:\DOCUME~1\AMLIE~1\APPLIC~1\Mozilla
[27/11/2005|19:17] C:\DOCUME~1\AMLIE~1\APPLIC~1\MSN6
[03/03/2007|14:19] C:\DOCUME~1\AMLIE~1\APPLIC~1\PC Suite
[28/11/2005|21:30] C:\DOCUME~1\AMLIE~1\APPLIC~1\Real
[12/10/2002|15:12] C:\DOCUME~1\AMLIE~1\APPLIC~1\Symantec
[17/12/2002|23:47] C:\DOCUME~1\AMLIE~1\APPLIC~1\Template

[14/07/2008|18:04] C:\DOCUME~1\CHARLO~2\APPLIC~1\Adobe
[14/01/2007|20:02] C:\DOCUME~1\CHARLO~2\APPLIC~1\AdobeUM
[24/06/2004|18:56] C:\DOCUME~1\CHARLO~2\APPLIC~1\ArcSoft
[11/03/2007|16:50] C:\DOCUME~1\CHARLO~2\APPLIC~1\Datalayer
[26/07/2006|13:15] C:\DOCUME~1\CHARLO~2\APPLIC~1\EPSON
[25/08/2008|19:58] C:\DOCUME~1\CHARLO~2\APPLIC~1\flap aim site
[20/10/2004|13:03] C:\DOCUME~1\CHARLO~2\APPLIC~1\Help
[12/10/2007|20:25] C:\DOCUME~1\CHARLO~2\APPLIC~1\ICAClient
[12/10/2002|14:30] C:\DOCUME~1\CHARLO~2\APPLIC~1\Identities
[23/09/2005|09:15] C:\DOCUME~1\CHARLO~2\APPLIC~1\Jasc
[10/06/2006|19:47] C:\DOCUME~1\CHARLO~2\APPLIC~1\Leadertech
[29/06/2005|18:07] C:\DOCUME~1\CHARLO~2\APPLIC~1\LockTime
[01/11/2004|21:01] C:\DOCUME~1\CHARLO~2\APPLIC~1\Macromedia
[01/07/2007|17:03] C:\DOCUME~1\CHARLO~2\APPLIC~1\Microsoft
[02/08/2005|18:32] C:\DOCUME~1\CHARLO~2\APPLIC~1\Mozilla
[27/05/2006|23:24] C:\DOCUME~1\CHARLO~2\APPLIC~1\MSN6
[11/03/2007|17:41] C:\DOCUME~1\CHARLO~2\APPLIC~1\Nokia
[11/03/2007|16:49] C:\DOCUME~1\CHARLO~2\APPLIC~1\PC Suite
[01/02/2006|23:05] C:\DOCUME~1\CHARLO~2\APPLIC~1\Real
[23/08/2005|15:16] C:\DOCUME~1\CHARLO~2\APPLIC~1\Sun
[12/10/2002|15:12] C:\DOCUME~1\CHARLO~2\APPLIC~1\Symantec
[20/08/2006|02:14] C:\DOCUME~1\CHARLO~2\APPLIC~1\U3
[13/02/2008|17:56] C:\DOCUME~1\CHARLO~2\APPLIC~1\WinRAR

[21/06/2007|15:06] C:\DOCUME~1\CHARLO~1\APPLIC~1\Adobe
[15/02/2006|20:27] C:\DOCUME~1\CHARLO~1\APPLIC~1\AdobeUM
[23/06/2004|16:51] C:\DOCUME~1\CHARLO~1\APPLIC~1\ArcSoft
[15/05/2005|16:12] C:\DOCUME~1\CHARLO~1\APPLIC~1\EPSON
[01/04/2005|22:57] C:\DOCUME~1\CHARLO~1\APPLIC~1\flap aim site
[03/03/2004|18:57] C:\DOCUME~1\CHARLO~1\APPLIC~1\Help
[12/10/2002|14:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\Identities
[07/09/2005|10:43] C:\DOCUME~1\CHARLO~1\APPLIC~1\Jasc
[15/02/2006|16:15] C:\DOCUME~1\CHARLO~1\APPLIC~1\Leadertech
[29/06/2005|14:04] C:\DOCUME~1\CHARLO~1\APPLIC~1\LockTime
[14/11/2004|20:14] C:\DOCUME~1\CHARLO~1\APPLIC~1\Macromedia
[27/02/2007|20:23] C:\DOCUME~1\CHARLO~1\APPLIC~1\Microsoft
[29/06/2005|14:07] C:\DOCUME~1\CHARLO~1\APPLIC~1\Mozilla
[27/05/2006|23:24] C:\DOCUME~1\CHARLO~1\APPLIC~1\MSN6
[20/02/2007|11:22] C:\DOCUME~1\CHARLO~1\APPLIC~1\PC Suite
[25/09/2005|15:42] C:\DOCUME~1\CHARLO~1\APPLIC~1\Real
[23/08/2005|12:57] C:\DOCUME~1\CHARLO~1\APPLIC~1\Sun
[12/10/2002|15:12] C:\DOCUME~1\CHARLO~1\APPLIC~1\Symantec
[30/12/2002|17:02] C:\DOCUME~1\CHARLO~1\APPLIC~1\Template
[21/06/2006|16:04] C:\DOCUME~1\CHARLO~1\APPLIC~1\U3
[17/05/2006|22:58] C:\DOCUME~1\CHARLO~1\APPLIC~1\Visicom Media

[12/10/2002|14:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/10/2002|14:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/10/2002|15:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[30/04/2005|00:47] C:\DOCUME~1\Emmanuel\APPLIC~1\Adobe
[26/05/2005|22:52] C:\DOCUME~1\Emmanuel\APPLIC~1\EPSON
[22/07/2006|07:48] C:\DOCUME~1\Emmanuel\APPLIC~1\flap aim site
[27/09/2005|12:48] C:\DOCUME~1\Emmanuel\APPLIC~1\Help
[12/10/2002|14:30] C:\DOCUME~1\Emmanuel\APPLIC~1\Identities
[29/06/2005|08:17] C:\DOCUME~1\Emmanuel\APPLIC~1\LockTime
[26/07/2005|15:01] C:\DOCUME~1\Emmanuel\APPLIC~1\Macromedia
[14/12/2005|12:19] C:\DOCUME~1\Emmanuel\APPLIC~1\Microsoft
[29/06/2005|08:21] C:\DOCUME~1\Emmanuel\APPLIC~1\Mozilla
[06/11/2005|20:34] C:\DOCUME~1\Emmanuel\APPLIC~1\Real
[22/07/2006|07:48] C:\DOCUME~1\Emmanuel\APPLIC~1\stylerdr
[14/08/2005|21:53] C:\DOCUME~1\Emmanuel\APPLIC~1\Sun
[12/10/2002|15:12] C:\DOCUME~1\Emmanuel\APPLIC~1\Symantec

[16/07/2008|19:14] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Adobe
[18/02/2007|13:36] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\AdobeUM
[26/09/2008|08:04] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\AVGTOOLBAR
[16/03/2006|21:22] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\EPSON
[26/09/2008|21:41] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flap aim site
[12/10/2007|09:11] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\ICAClient
[12/10/2002|14:30] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Identities
[16/05/2006|23:15] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Leadertech
[07/05/2007|23:13] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\LimeWire
[02/02/2006|10:10] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\LockTime
[02/02/2006|18:54] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Macromedia
[19/02/2007|21:26] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Microsoft
[31/05/2006|09:42] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Mozilla
[18/02/2007|19:48] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Nokia
[11/03/2007|02:51] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Nokia Multimedia Player
[18/02/2007|19:54] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\PC Suite
[17/02/2007|12:07] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Sun
[12/10/2002|15:12] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Symantec
[20/09/2006|10:15] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\U3

[25/09/2008|23:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[11/03/2007|01:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\PC Suite

[02/01/2004|23:11] C:\DOCUME~1\MARTIN~1\APPLIC~1\Adobe
[28/10/2002|15:24] C:\DOCUME~1\MARTIN~1\APPLIC~1\Help
[12/10/2002|14:30] C:\DOCUME~1\MARTIN~1\APPLIC~1\Identities
[29/05/2004|11:52] C:\DOCUME~1\MARTIN~1\APPLIC~1\Macromedia
[28/06/2004|19:08] C:\DOCUME~1\MARTIN~1\APPLIC~1\Microsoft
[12/10/2002|15:12] C:\DOCUME~1\MARTIN~1\APPLIC~1\Symantec
[18/10/2002|20:44] C:\DOCUME~1\MARTIN~1\APPLIC~1\Template

[25/09/2008|23:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[03/10/2008 15:00][--ah-----] C:\WINDOWS\tasks\B1BB626D943115FD.job
[03/10/2008 15:00][--ah-----] C:\WINDOWS\tasks\A7EDD2F4918A4678.job
[03/10/2008 15:34][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[17/10/2002 10:09][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[03/10/2008 12:00][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 08:00][-r-h-c---] C:\WINDOWS\tasks\DESKTOP.INI

( A7EDD2F4918A4678.job )=( c:\docume~1\charlo~2\applic~1\flapai~1\multiskippeak.exe )
( B1BB626D943115FD.job )=( c:\docume~1\emmanu~1.dby\applic~1\flapai~1\multiskippeak.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[14/04/2008|11:42] C:\Program Files\3DO
[10/02/2008|13:30] C:\Program Files\Adobe
[01/12/2002|00:27] C:\Program Files\AnfyTeam
[31/12/2002|20:11] C:\Program Files\ArcSoft
[26/09/2008|12:39] C:\Program Files\a-squared Free
[25/09/2008|23:55] C:\Program Files\AVG
[16/04/2004|10:31] C:\Program Files\CA
[26/09/2008|01:23] C:\Program Files\Circle Developement
[31/05/2008|16:52] C:\Program Files\Citrix
[08/01/2006|16:16] C:\Program Files\Classic PhoneTools
[10/02/2007|00:08] C:\Program Files\Common
[10/02/2007|00:08] C:\Program Files\Common Files
[12/10/2002|14:31] C:\Program Files\ComPlus Applications
[12/10/2002|15:09] C:\Program Files\CyberLink
[26/10/2005|22:31] C:\Program Files\DC++
[12/10/2002|15:08] C:\Program Files\Dell
[07/05/2006|16:39] C:\Program Files\Dell Modem-On-Hold
[07/05/2006|16:39] C:\Program Files\Dictionnaire
[18/02/2007|19:44] C:\Program Files\DIFX
[12/10/2002|15:09] C:\Program Files\Digital Line Detect
[26/12/2002|12:44] C:\Program Files\directx
[28/06/2005|22:38] C:\Program Files\DivX
[15/06/2008|21:30] C:\Program Files\Dofus
[07/05/2006|16:39] C:\Program Files\Encore for Windows
[05/03/2004|20:57] C:\Program Files\EPSON
[14/07/2008|09:34] C:\Program Files\Fichiers communs
[14/07/2008|09:31] C:\Program Files\FileZilla
[26/09/2008|21:39] C:\Program Files\flap aim site
[21/01/2007|15:15] C:\Program Files\Google
[27/09/2005|13:01] C:\Program Files\InstallShield Installation Information
[26/08/2008|11:35] C:\Program Files\Internet Explorer
[27/09/2005|12:20] C:\Program Files\Inventel
[07/05/2006|16:39] C:\Program Files\K-Lite Codec Pack
[28/06/2005|21:47] C:\Program Files\Lavalys
[07/05/2007|23:26] C:\Program Files\LimeWire
[21/05/2005|23:49] C:\Program Files\Maxis
[25/08/2008|23:00] C:\Program Files\Messenger
[25/09/2008|21:12] C:\Program Files\Messenger Plus! Live
[18/12/2002|20:00] C:\Program Files\microsoft frontpage
[15/04/2007|13:47] C:\Program Files\Microsoft LifeCam
[04/11/2006|12:59] C:\Program Files\Microsoft Office
[02/10/2005|20:18] C:\Program Files\Microsoft Visual Studio
[02/02/2006|14:04] C:\Program Files\Microsoft.NET
[07/05/2006|16:39] C:\Program Files\Modem Helper
[07/05/2006|16:39] C:\Program Files\Movie Maker
[08/03/2008|21:14] C:\Program Files\Mozilla Firefox
[04/11/2006|12:57] C:\Program Files\MSECache
[27/05/2006|23:27] C:\Program Files\MSN
[12/10/2002|14:31] C:\Program Files\MSN Gaming Zone
[29/04/2008|21:02] C:\Program Files\MSN Messenger
[22/01/2007|04:01] C:\Program Files\MSXML 4.0
[16/01/2005|20:05] C:\Program Files\MUSICMATCH
[04/03/2005|20:40] C:\Program Files\NetMeeting
[23/09/2007|11:08] C:\Program Files\Nokia
[16/04/2004|10:28] C:\Program Files\Norton AntiVirus
[13/04/2005|18:58] C:\Program Files\Office2K
[19/04/2008|12:04] C:\Program Files\Orange
[14/06/2007|00:44] C:\Program Files\Outlook Express
[11/03/2007|16:40] C:\Program Files\PC Connectivity Solution
[26/12/2002|12:42] C:\Program Files\PIXELA
[30/09/2006|18:07] C:\Program Files\QuickTime
[25/09/2005|15:38] C:\Program Files\Real
[31/05/2003|19:48] C:\Program Files\Roxio
[28/06/2005|22:45] C:\Program Files\Satsuki Decoder Pack
[05/03/2004|20:57] C:\Program Files\SEIKO EPSON Corp
[12/10/2002|14:31] C:\Program Files\Services en ligne
[13/04/2005|18:54] C:\Program Files\Snapshot Viewer
[03/02/2006|22:20] C:\Program Files\Spybot - Search & Destroy
[16/04/2004|10:21] C:\Program Files\Symantec
[11/11/2004|19:28] C:\Program Files\Uninstall Information
[17/05/2006|22:58] C:\Program Files\Visicom Media
[25/01/2006|21:09] C:\Program Files\Wanadoo Messager
[26/09/2008|00:07] C:\Program Files\wanadoo_toolbar
[27/06/2006|17:11] C:\Program Files\Winamp
[29/04/2008|20:58] C:\Program Files\Windows Live
[01/12/2007|00:56] C:\Program Files\Windows Live Toolbar
[23/12/2006|01:14] C:\Program Files\Windows Media Connect 2
[23/12/2006|01:14] C:\Program Files\Windows Media Player
[04/03/2005|20:40] C:\Program Files\Windows NT
[12/11/2004|21:12] C:\Program Files\WindowsUpdate
[13/02/2008|17:55] C:\Program Files\WinRAR
[12/10/2002|14:31] C:\Program Files\XEROX
[28/06/2005|22:47] C:\Program Files\XviD
[10/02/2007|00:08] C:\Program Files\Yahoo!
[18/10/2005|08:29] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/04/2004|18:59] C:\Program Files\Fichiers communs\Adaptec Shared
[14/07/2008|09:30] C:\Program Files\Fichiers communs\Adobe
[22/10/2003|12:29] C:\Program Files\Fichiers communs\AOL
[22/10/2003|12:30] C:\Program Files\Fichiers communs\aolback
[15/12/2002|20:18] C:\Program Files\Fichiers communs\Designer
[31/12/2002|20:07] C:\Program Files\Fichiers communs\EPSON
[19/04/2008|12:01] C:\Program Files\Fichiers communs\France Telecom
[01/01/2006|21:45] C:\Program Files\Fichiers communs\InstallShield
[25/09/2008|23:54] C:\Program Files\Fichiers communs\Microsoft Shared
[12/10/2002|14:31] C:\Program Files\Fichiers communs\MSSoap
[27/05/2006|23:27] C:\Program Files\Fichiers communs\NSV
[12/10/2002|14:31] C:\Program Files\Fichiers communs\ODBC
[23/09/2007|11:08] C:\Program Files\Fichiers communs\PCSuite
[05/03/2004|20:58] C:\Program Files\Fichiers communs\Python
[01/02/2006|23:05] C:\Program Files\Fichiers communs\Real
[12/10/2002|14:31] C:\Program Files\Fichiers communs\Services
[12/10/2002|14:31] C:\Program Files\Fichiers communs\SpeechEngines
[11/06/2006|21:16] C:\Program Files\Fichiers communs\SWF Studio
[16/04/2004|10:28] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|00:44] C:\Program Files\Fichiers communs\System
[29/04/2008|20:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 47 Processes )

IEXPLORE.EXE ~ [PID:3164]
IEXPLORE.EXE ~ [PID:3352]
IEXPLORE.EXE ~ [PID:3360]
iexplore.exe ~ [PID:1836]
IEXPLORE.EXE ~ [PID:2192]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\AMLIE~1\APPLIC~1\FLAPAI~1

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\Bits trans.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\copy platform.exe
C:\DOCUME~1\AMLIE~1\APPLIC~1\flapai~1
C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1
C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\cpgsxheu.exe
C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\dfhxerol.exe
C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\multiskippeak.exe
C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\qpwbhqdp.exe
C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\SIZE ACE SLOW.exe
C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\uucqpxcj.exe
C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\VgaSettingsAmokDownload.exe
C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\wukufcrc.exe
C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\xymnemce.exe
C:\DOCUME~1\CHARLO~1\APPLIC~1\flapai~1
C:\DOCUME~1\Emmanuel\APPLIC~1\flapai~1
C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1
C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\asizeysb.exe
C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\cchxmjsu.exe
C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\jzahrffc.exe
C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\multiskippeak.exe
C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\SIZE ACE SLOW.exe
C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\VgaSettingsAmokDownload.exe
C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\xtfkilag.exe
C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\yojhlstp.exe
C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\zslepobt.exe
C:\Program Files\flapai~1
C:\DOCUME~1\EMMANU~1.DBY\LOCALS~1\Temp\nsgE.tmp
C:\Program Files\Circle Developement
C:\DOCUME~1\EMMANU~1.DBY\Cookies\emmanuel@adultfriendfinder[1].txt
C:\DOCUME~1\EMMANU~1.DBY\Cookies\emmanuel@pacificpoker[1].txt
C:\WINDOWS\Tasks\A7EDD2F4918A4678.job
C:\WINDOWS\Tasks\B1BB626D943115FD.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\metagridmeet]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\EMMANU~1.DBY\\APPLIC~1\\FLAPAI~1\\SIZE ACE SLOW.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PokeAnti"="C:\\DOCUME~1\\EMMANU~1.DBY\\APPLIC~1\\FLAPAI~1\\SIZE ACE SLOW.exe"
"PokeAnti"="C:\\DOCUME~1\\EMMANU~1.DBY\\APPLIC~1\\FLAPAI~1\\SIZE ACE SLOW.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"else tool title ping"="C:\\Documents and Settings\\All Users\\Application Data\\Loud spam else tool\\Bits trans.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-03 16:00:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 415

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:724][D:20]-> C:\DOCUME~1\EMMANU~1.DBY\LOCALS~1\Temp
[F:28][D:0]-> C:\DOCUME~1\EMMANU~1.DBY\Cookies
[F:916][D:26]-> C:\DOCUME~1\EMMANU~1.DBY\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 03/10/2008|16:05 - Option : [1]

--------------------\\ Fin du rapport a 16:05:17

Merci de m'indiquer la démarche à suivre.

Réponse 3 / 7

toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
3 oct. 2008 à 19:43

Relance Lop S&D

* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)

e.villain Messages postés 8 Date d'inscription vendredi 3 octobre 2008 Statut Membre Dernière intervention 6 octobre 2008
3 oct. 2008 à 19:52

c koi option 3: suppression - Hosts quelle différence avec option 2: suppression + Hosts

toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230 > e.villain Messages postés 8 Date d'inscription vendredi 3 octobre 2008 Statut Membre Dernière intervention 6 octobre 2008
3 oct. 2008 à 19:55

Ton fichiers Hosts est propre mais ce n'est pas un problème, fais l'option 2.

Réponse 4 / 7

e.villain Messages postés 8 Date d'inscription vendredi 3 octobre 2008 Statut Membre Dernière intervention 6 octobre 2008
4 oct. 2008 à 09:38

Après avoir fais l'option 2, j'obtiens le rapport suivant:

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 1.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Emmanuel ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 37 Go Free : 13 Go
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [2] ( 04/10/2008| 9:26 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\Bits trans.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\copy platform.exe
Supprime! - C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\cpgsxheu.exe
Supprime! - C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\dfhxerol.exe
Supprime! - C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\multiskippeak.exe
Supprime! - C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\qpwbhqdp.exe
Supprime! - C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\SIZE ACE SLOW.exe
Supprime! - C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\uucqpxcj.exe
Supprime! - C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\VgaSettingsAmokDownload.exe
Supprime! - C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\wukufcrc.exe
Supprime! - C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1\xymnemce.exe
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\asizeysb.exe
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\cchxmjsu.exe
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\jzahrffc.exe
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\multiskippeak.exe
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\SIZE ACE SLOW.exe
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\VgaSettingsAmokDownload.exe
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\xtfkilag.exe
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\yojhlstp.exe
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1\zslepobt.exe
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\LOCALS~1\Temp\nsgE.tmp
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\Cookies\emmanuel@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\Cookies\emmanuel@pacificpoker[1].txt
Supprime! - C:\WINDOWS\Tasks\A7EDD2F4918A4678.job
Supprime! - C:\WINDOWS\Tasks\B1BB626D943115FD.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool
Supprime! - C:\DOCUME~1\AMLIE~1\APPLIC~1\flapai~1
Supprime! - C:\DOCUME~1\CHARLO~2\APPLIC~1\flapai~1
Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\flapai~1
Supprime! - C:\DOCUME~1\Emmanuel\APPLIC~1\flapai~1
Supprime! - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\flapai~1
Supprime! - C:\Program Files\flapai~1
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[04/03/2005|20:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[25/09/2008|23:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[04/03/2005|20:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[10/06/2007|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/01/2006|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/09/2008|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[12/10/2002|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[11/03/2007|03:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[08/10/2006|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Idledentscrteam
[12/07/2005|23:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[18/02/2007|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[25/01/2006|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[25/01/2006|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!(2)
[11/03/2007|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/10/2002|13:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[11/03/2007|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[19/01/2006|10:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism
[20/06/2007|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[12/10/2002|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/07/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03/02/2006|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/10/2002|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[26/01/2006|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[19/02/2007|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[29/04/2008|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[10/02/2007|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[07/09/2008|11:32] C:\DOCUME~1\AMLIE~1\APPLIC~1\Adobe
[17/03/2007|12:43] C:\DOCUME~1\AMLIE~1\APPLIC~1\AdobeUM
[02/01/2003|11:48] C:\DOCUME~1\AMLIE~1\APPLIC~1\ArcSoft
[05/03/2004|21:03] C:\DOCUME~1\AMLIE~1\APPLIC~1\EPSON
[02/01/2003|14:05] C:\DOCUME~1\AMLIE~1\APPLIC~1\Help
[12/10/2002|14:30] C:\DOCUME~1\AMLIE~1\APPLIC~1\Identities
[09/09/2005|13:10] C:\DOCUME~1\AMLIE~1\APPLIC~1\Jasc
[28/06/2005|21:53] C:\DOCUME~1\AMLIE~1\APPLIC~1\LockTime
[14/11/2004|12:18] C:\DOCUME~1\AMLIE~1\APPLIC~1\Macromedia
[03/03/2007|14:20] C:\DOCUME~1\AMLIE~1\APPLIC~1\Microsoft
[28/06/2005|23:29] C:\DOCUME~1\AMLIE~1\APPLIC~1\Mozilla
[27/11/2005|19:17] C:\DOCUME~1\AMLIE~1\APPLIC~1\MSN6
[03/03/2007|14:19] C:\DOCUME~1\AMLIE~1\APPLIC~1\PC Suite
[28/11/2005|21:30] C:\DOCUME~1\AMLIE~1\APPLIC~1\Real
[12/10/2002|15:12] C:\DOCUME~1\AMLIE~1\APPLIC~1\Symantec
[17/12/2002|23:47] C:\DOCUME~1\AMLIE~1\APPLIC~1\Template

[14/07/2008|18:04] C:\DOCUME~1\CHARLO~2\APPLIC~1\Adobe
[14/01/2007|20:02] C:\DOCUME~1\CHARLO~2\APPLIC~1\AdobeUM
[24/06/2004|18:56] C:\DOCUME~1\CHARLO~2\APPLIC~1\ArcSoft
[11/03/2007|16:50] C:\DOCUME~1\CHARLO~2\APPLIC~1\Datalayer
[26/07/2006|13:15] C:\DOCUME~1\CHARLO~2\APPLIC~1\EPSON
[20/10/2004|13:03] C:\DOCUME~1\CHARLO~2\APPLIC~1\Help
[12/10/2007|20:25] C:\DOCUME~1\CHARLO~2\APPLIC~1\ICAClient
[12/10/2002|14:30] C:\DOCUME~1\CHARLO~2\APPLIC~1\Identities
[23/09/2005|09:15] C:\DOCUME~1\CHARLO~2\APPLIC~1\Jasc
[10/06/2006|19:47] C:\DOCUME~1\CHARLO~2\APPLIC~1\Leadertech
[29/06/2005|18:07] C:\DOCUME~1\CHARLO~2\APPLIC~1\LockTime
[01/11/2004|21:01] C:\DOCUME~1\CHARLO~2\APPLIC~1\Macromedia
[01/07/2007|17:03] C:\DOCUME~1\CHARLO~2\APPLIC~1\Microsoft
[02/08/2005|18:32] C:\DOCUME~1\CHARLO~2\APPLIC~1\Mozilla
[27/05/2006|23:24] C:\DOCUME~1\CHARLO~2\APPLIC~1\MSN6
[11/03/2007|17:41] C:\DOCUME~1\CHARLO~2\APPLIC~1\Nokia
[11/03/2007|16:49] C:\DOCUME~1\CHARLO~2\APPLIC~1\PC Suite
[01/02/2006|23:05] C:\DOCUME~1\CHARLO~2\APPLIC~1\Real
[23/08/2005|15:16] C:\DOCUME~1\CHARLO~2\APPLIC~1\Sun
[12/10/2002|15:12] C:\DOCUME~1\CHARLO~2\APPLIC~1\Symantec
[20/08/2006|02:14] C:\DOCUME~1\CHARLO~2\APPLIC~1\U3
[13/02/2008|17:56] C:\DOCUME~1\CHARLO~2\APPLIC~1\WinRAR

[21/06/2007|15:06] C:\DOCUME~1\CHARLO~1\APPLIC~1\Adobe
[15/02/2006|20:27] C:\DOCUME~1\CHARLO~1\APPLIC~1\AdobeUM
[23/06/2004|16:51] C:\DOCUME~1\CHARLO~1\APPLIC~1\ArcSoft
[15/05/2005|16:12] C:\DOCUME~1\CHARLO~1\APPLIC~1\EPSON
[03/03/2004|18:57] C:\DOCUME~1\CHARLO~1\APPLIC~1\Help
[12/10/2002|14:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\Identities
[07/09/2005|10:43] C:\DOCUME~1\CHARLO~1\APPLIC~1\Jasc
[15/02/2006|16:15] C:\DOCUME~1\CHARLO~1\APPLIC~1\Leadertech
[29/06/2005|14:04] C:\DOCUME~1\CHARLO~1\APPLIC~1\LockTime
[14/11/2004|20:14] C:\DOCUME~1\CHARLO~1\APPLIC~1\Macromedia
[27/02/2007|20:23] C:\DOCUME~1\CHARLO~1\APPLIC~1\Microsoft
[29/06/2005|14:07] C:\DOCUME~1\CHARLO~1\APPLIC~1\Mozilla
[27/05/2006|23:24] C:\DOCUME~1\CHARLO~1\APPLIC~1\MSN6
[20/02/2007|11:22] C:\DOCUME~1\CHARLO~1\APPLIC~1\PC Suite
[25/09/2005|15:42] C:\DOCUME~1\CHARLO~1\APPLIC~1\Real
[23/08/2005|12:57] C:\DOCUME~1\CHARLO~1\APPLIC~1\Sun
[12/10/2002|15:12] C:\DOCUME~1\CHARLO~1\APPLIC~1\Symantec
[30/12/2002|17:02] C:\DOCUME~1\CHARLO~1\APPLIC~1\Template
[21/06/2006|16:04] C:\DOCUME~1\CHARLO~1\APPLIC~1\U3
[17/05/2006|22:58] C:\DOCUME~1\CHARLO~1\APPLIC~1\Visicom Media

[12/10/2002|14:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/10/2002|14:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/10/2002|15:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[30/04/2005|00:47] C:\DOCUME~1\Emmanuel\APPLIC~1\Adobe
[26/05/2005|22:52] C:\DOCUME~1\Emmanuel\APPLIC~1\EPSON
[27/09/2005|12:48] C:\DOCUME~1\Emmanuel\APPLIC~1\Help
[12/10/2002|14:30] C:\DOCUME~1\Emmanuel\APPLIC~1\Identities
[29/06/2005|08:17] C:\DOCUME~1\Emmanuel\APPLIC~1\LockTime
[26/07/2005|15:01] C:\DOCUME~1\Emmanuel\APPLIC~1\Macromedia
[14/12/2005|12:19] C:\DOCUME~1\Emmanuel\APPLIC~1\Microsoft
[29/06/2005|08:21] C:\DOCUME~1\Emmanuel\APPLIC~1\Mozilla
[06/11/2005|20:34] C:\DOCUME~1\Emmanuel\APPLIC~1\Real
[22/07/2006|07:48] C:\DOCUME~1\Emmanuel\APPLIC~1\stylerdr
[14/08/2005|21:53] C:\DOCUME~1\Emmanuel\APPLIC~1\Sun
[12/10/2002|15:12] C:\DOCUME~1\Emmanuel\APPLIC~1\Symantec

[16/07/2008|19:14] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Adobe
[18/02/2007|13:36] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\AdobeUM
[26/09/2008|08:04] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\AVGTOOLBAR
[16/03/2006|21:22] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\EPSON
[12/10/2007|09:11] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\ICAClient
[12/10/2002|14:30] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Identities
[16/05/2006|23:15] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Leadertech
[07/05/2007|23:13] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\LimeWire
[02/02/2006|10:10] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\LockTime
[02/02/2006|18:54] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Macromedia
[19/02/2007|21:26] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Microsoft
[31/05/2006|09:42] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Mozilla
[18/02/2007|19:48] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Nokia
[11/03/2007|02:51] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Nokia Multimedia Player
[18/02/2007|19:54] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\PC Suite
[17/02/2007|12:07] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Sun
[12/10/2002|15:12] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\Symantec
[20/09/2006|10:15] C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\U3

[25/09/2008|23:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[11/03/2007|01:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\PC Suite

[02/01/2004|23:11] C:\DOCUME~1\MARTIN~1\APPLIC~1\Adobe
[28/10/2002|15:24] C:\DOCUME~1\MARTIN~1\APPLIC~1\Help
[12/10/2002|14:30] C:\DOCUME~1\MARTIN~1\APPLIC~1\Identities
[29/05/2004|11:52] C:\DOCUME~1\MARTIN~1\APPLIC~1\Macromedia
[28/06/2004|19:08] C:\DOCUME~1\MARTIN~1\APPLIC~1\Microsoft
[12/10/2002|15:12] C:\DOCUME~1\MARTIN~1\APPLIC~1\Symantec
[18/10/2002|20:44] C:\DOCUME~1\MARTIN~1\APPLIC~1\Template

[25/09/2008|23:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[04/10/2008 08:34][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[17/10/2002 10:09][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[03/10/2008 12:00][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 08:00][-r-h-c---] C:\WINDOWS\tasks\DESKTOP.INI

--------------------\\ Listing des dossiers dans C:\Program Files

[14/04/2008|11:42] C:\Program Files\3DO
[10/02/2008|13:30] C:\Program Files\Adobe
[01/12/2002|00:27] C:\Program Files\AnfyTeam
[31/12/2002|20:11] C:\Program Files\ArcSoft
[26/09/2008|12:39] C:\Program Files\a-squared Free
[25/09/2008|23:55] C:\Program Files\AVG
[16/04/2004|10:31] C:\Program Files\CA
[31/05/2008|16:52] C:\Program Files\Citrix
[08/01/2006|16:16] C:\Program Files\Classic PhoneTools
[10/02/2007|00:08] C:\Program Files\Common
[10/02/2007|00:08] C:\Program Files\Common Files
[12/10/2002|14:31] C:\Program Files\ComPlus Applications
[12/10/2002|15:09] C:\Program Files\CyberLink
[26/10/2005|22:31] C:\Program Files\DC++
[12/10/2002|15:08] C:\Program Files\Dell
[07/05/2006|16:39] C:\Program Files\Dell Modem-On-Hold
[07/05/2006|16:39] C:\Program Files\Dictionnaire
[18/02/2007|19:44] C:\Program Files\DIFX
[12/10/2002|15:09] C:\Program Files\Digital Line Detect
[26/12/2002|12:44] C:\Program Files\directx
[28/06/2005|22:38] C:\Program Files\DivX
[15/06/2008|21:30] C:\Program Files\Dofus
[07/05/2006|16:39] C:\Program Files\Encore for Windows
[05/03/2004|20:57] C:\Program Files\EPSON
[14/07/2008|09:34] C:\Program Files\Fichiers communs
[14/07/2008|09:31] C:\Program Files\FileZilla
[21/01/2007|15:15] C:\Program Files\Google
[27/09/2005|13:01] C:\Program Files\InstallShield Installation Information
[26/08/2008|11:35] C:\Program Files\Internet Explorer
[27/09/2005|12:20] C:\Program Files\Inventel
[07/05/2006|16:39] C:\Program Files\K-Lite Codec Pack
[28/06/2005|21:47] C:\Program Files\Lavalys
[07/05/2007|23:26] C:\Program Files\LimeWire
[21/05/2005|23:49] C:\Program Files\Maxis
[25/08/2008|23:00] C:\Program Files\Messenger
[25/09/2008|21:12] C:\Program Files\Messenger Plus! Live
[18/12/2002|20:00] C:\Program Files\microsoft frontpage
[15/04/2007|13:47] C:\Program Files\Microsoft LifeCam
[04/11/2006|12:59] C:\Program Files\Microsoft Office
[02/10/2005|20:18] C:\Program Files\Microsoft Visual Studio
[02/02/2006|14:04] C:\Program Files\Microsoft.NET
[07/05/2006|16:39] C:\Program Files\Modem Helper
[07/05/2006|16:39] C:\Program Files\Movie Maker
[08/03/2008|21:14] C:\Program Files\Mozilla Firefox
[04/11/2006|12:57] C:\Program Files\MSECache
[27/05/2006|23:27] C:\Program Files\MSN
[12/10/2002|14:31] C:\Program Files\MSN Gaming Zone
[29/04/2008|21:02] C:\Program Files\MSN Messenger
[22/01/2007|04:01] C:\Program Files\MSXML 4.0
[16/01/2005|20:05] C:\Program Files\MUSICMATCH
[04/03/2005|20:40] C:\Program Files\NetMeeting
[23/09/2007|11:08] C:\Program Files\Nokia
[16/04/2004|10:28] C:\Program Files\Norton AntiVirus
[13/04/2005|18:58] C:\Program Files\Office2K
[19/04/2008|12:04] C:\Program Files\Orange
[14/06/2007|00:44] C:\Program Files\Outlook Express
[11/03/2007|16:40] C:\Program Files\PC Connectivity Solution
[26/12/2002|12:42] C:\Program Files\PIXELA
[30/09/2006|18:07] C:\Program Files\QuickTime
[25/09/2005|15:38] C:\Program Files\Real
[31/05/2003|19:48] C:\Program Files\Roxio
[28/06/2005|22:45] C:\Program Files\Satsuki Decoder Pack
[05/03/2004|20:57] C:\Program Files\SEIKO EPSON Corp
[12/10/2002|14:31] C:\Program Files\Services en ligne
[13/04/2005|18:54] C:\Program Files\Snapshot Viewer
[03/02/2006|22:20] C:\Program Files\Spybot - Search & Destroy
[16/04/2004|10:21] C:\Program Files\Symantec
[11/11/2004|19:28] C:\Program Files\Uninstall Information
[17/05/2006|22:58] C:\Program Files\Visicom Media
[25/01/2006|21:09] C:\Program Files\Wanadoo Messager
[26/09/2008|00:07] C:\Program Files\wanadoo_toolbar
[27/06/2006|17:11] C:\Program Files\Winamp
[29/04/2008|20:58] C:\Program Files\Windows Live
[01/12/2007|00:56] C:\Program Files\Windows Live Toolbar
[23/12/2006|01:14] C:\Program Files\Windows Media Connect 2
[23/12/2006|01:14] C:\Program Files\Windows Media Player
[04/03/2005|20:40] C:\Program Files\Windows NT
[12/11/2004|21:12] C:\Program Files\WindowsUpdate
[13/02/2008|17:55] C:\Program Files\WinRAR
[12/10/2002|14:31] C:\Program Files\XEROX
[28/06/2005|22:47] C:\Program Files\XviD
[10/02/2007|00:08] C:\Program Files\Yahoo!
[18/10/2005|08:29] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/04/2004|18:59] C:\Program Files\Fichiers communs\Adaptec Shared
[14/07/2008|09:30] C:\Program Files\Fichiers communs\Adobe
[22/10/2003|12:29] C:\Program Files\Fichiers communs\AOL
[22/10/2003|12:30] C:\Program Files\Fichiers communs\aolback
[15/12/2002|20:18] C:\Program Files\Fichiers communs\Designer
[31/12/2002|20:07] C:\Program Files\Fichiers communs\EPSON
[19/04/2008|12:01] C:\Program Files\Fichiers communs\France Telecom
[01/01/2006|21:45] C:\Program Files\Fichiers communs\InstallShield
[25/09/2008|23:54] C:\Program Files\Fichiers communs\Microsoft Shared
[12/10/2002|14:31] C:\Program Files\Fichiers communs\MSSoap
[27/05/2006|23:27] C:\Program Files\Fichiers communs\NSV
[12/10/2002|14:31] C:\Program Files\Fichiers communs\ODBC
[23/09/2007|11:08] C:\Program Files\Fichiers communs\PCSuite
[05/03/2004|20:58] C:\Program Files\Fichiers communs\Python
[01/02/2006|23:05] C:\Program Files\Fichiers communs\Real
[12/10/2002|14:31] C:\Program Files\Fichiers communs\Services
[12/10/2002|14:31] C:\Program Files\Fichiers communs\SpeechEngines
[11/06/2006|21:16] C:\Program Files\Fichiers communs\SWF Studio
[16/04/2004|10:28] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|00:44] C:\Program Files\Fichiers communs\System
[29/04/2008|20:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 38 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\EMMANU~1.DBY\Cookies\emmanuel@adopt.euroclick[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-04 09:30:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 415

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:723][D:20]-> C:\DOCUME~1\EMMANU~1.DBY\LOCALS~1\Temp
[F:44][D:0]-> C:\DOCUME~1\EMMANU~1.DBY\Cookies
[F:1382][D:26]-> C:\DOCUME~1\EMMANU~1.DBY\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 03/10/2008|16:05 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 04/10/2008| 9:33 - Option : [2]

--------------------\\ Fin du rapport a 9:33:27

Que dois-je faire maintenant ?

Réponse 5 / 7

toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
4 oct. 2008 à 11:46

Refais un Hijackthis stp

e.villain Messages postés 8 Date d'inscription vendredi 3 octobre 2008 Statut Membre Dernière intervention 6 octobre 2008
4 oct. 2008 à 13:01

Voici l'hijackthis que j'obtiens:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:31, on 04/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://side.search.ke.voila.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.gmx.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://side.search.ke.voila.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Toolbar Orange - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~2\WANADO~1.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {F23E1154-D458-9FAF-A15D-3B1A36E8FBE5} - C:\DOCUME~1\EMMANU~1.DBY\APPLIC~1\stylerdr\vc poll.exe (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Toolbar Orange - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~2\WANADO~1.DLL (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Office2K\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\WANADOO_TOOLBAR\Cache\SelectedContextSearch.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Office2K\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{83322C18-F583-49FE-997C-F942E2B23922}: NameServer = 192.168.0.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\Program Files\Inventel\Gateway\wlancfg.exe (file missing)
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/EMMANU~1.DBY/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

Réponse 6 / 7

hooligan63780 Messages postés 835 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 29 novembre 2008 5
4 oct. 2008 à 12:41

salut il jamais poster de rapport hijackthis ^^ télécharge le la :https://www.commentcamarche.net/telecharger/ 159 hijackthis
- Lance le programme, puis sélectionne < do a system scan and save a logfile >
- Enregistre le rapport sur ton bureau.
Et envoie, par copier/coller, ton log Hijackthis sur le forum,

Réponse 7 / 7

hooligan63780 Messages postés 835 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 29 novembre 2008 5
4 oct. 2008 à 13:04

re , Télécharge ComboFix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe (par sUBs) sur ton Bureau.

et enregistre le sur le Bureau.

désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
ferme internet =====>panneau de configuration======>connection reseau======> clique gauche sur les deux et desactive

NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Attention : n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer la machine.

et poste un autre rapport hijackthis stp

e.villain Messages postés 8 Date d'inscription vendredi 3 octobre 2008 Statut Membre Dernière intervention 6 octobre 2008
4 oct. 2008 à 16:45

voici mon autre rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:43:24, on 04/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\internet explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.gmx.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Toolbar Orange - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~2\WANADO~1.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Toolbar Orange - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~2\WANADO~1.DLL (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Office2K\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\WANADOO_TOOLBAR\Cache\SelectedContextSearch.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Office2K\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{83322C18-F583-49FE-997C-F942E2B23922}: NameServer = 192.168.0.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\Program Files\Inventel\Gateway\wlancfg.exe (file missing)
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/EMMANU~1.DBY/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

e.villain Messages postés 8 Date d'inscription vendredi 3 octobre 2008 Statut Membre Dernière intervention 6 octobre 2008
5 oct. 2008 à 12:39

Que dois je faire maintenant ?

La procédure de désinfection est elle terminée ?

^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
5 oct. 2008 à 22:17

hooligan63780,

STOP d'utiliser ComboFix a tout vent...

Tu ne sais pas l'interpréter ...

e.villain Messages postés 8 Date d'inscription vendredi 3 octobre 2008 Statut Membre Dernière intervention 6 octobre 2008 > ^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020
6 oct. 2008 à 19:55

Peux tu m'aider ?

Problème Pop up CID

7 réponses

Discussions similaires