Pub cid
Résolu
crevette
-
rom1 -
rom1 -
Bonjour,
je viens de voir qu'il y avais plusieurs topic la dessus mais je comprend pas ce qu'il faut faire pour supprimer mes pub "cid" j'ai bien désinstallé le sponsor msn + et toujours rien
pouvez vous me donner un coup de main si je vous envoie un rapport ?
m'erci d'avance
je viens de voir qu'il y avais plusieurs topic la dessus mais je comprend pas ce qu'il faut faire pour supprimer mes pub "cid" j'ai bien désinstallé le sponsor msn + et toujours rien
pouvez vous me donner un coup de main si je vous envoie un rapport ?
m'erci d'avance
A voir également:
- Pub cid
- Supprimer pub youtube - Accueil - Streaming
- Stop pub gratuit - Télécharger - Divers Utilitaires
- Supprimer la pub - Guide
- Musique pub italienne lalala - Forum Musique / Radio / Clip
- Pub par sms - Guide
10 réponses
bizzard je vois toujours les lignes
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\Desktop\VIDE INCOMING\Incredimail.Xe.Premium.v5.85.3718.FR.Incl-Crack.[eMule-DivX.com].rar
pourtoant j'ai fait comme tu ma dit pour les virer
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
" clique sur MoveIt! pour lancer la suppression. "
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\Desktop\VIDE INCOMING\Incredimail.Xe.Premium.v5.85.3718.FR.Incl-Crack.[eMule-DivX.com].rar
pourtoant j'ai fait comme tu ma dit pour les virer
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
" clique sur MoveIt! pour lancer la suppression. "
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
MOI j ai compris hijack met je sais pas quoi supprimer dans mon rapport de scan :
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:02, on 11/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Windows\BR040286.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\rundll32.exe
C:\Users\romain\AppData\Local\ssqww.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Users\romain\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\eMule\emule.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\romain\Downloads\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [BisonInst0402] C:\Windows\BR040286.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [drv acid] "C:\ProgramData\EncCopyCopy.xdc7r"
O4 - HKCU\..\Run: [SHIM LINK FREE BALL] "C:\ProgramData\open wipe four.u4mfvan"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ssqww] "c:\users\romain\appdata\local\ssqww.exe" ssqww
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdc_device - - C:\Windows\system32\lxdccoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 7763 bytes
Merci d avances pour vos reponsesss merci
rom1
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:02, on 11/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Windows\BR040286.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\rundll32.exe
C:\Users\romain\AppData\Local\ssqww.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Users\romain\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\eMule\emule.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\romain\Downloads\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [BisonInst0402] C:\Windows\BR040286.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [drv acid] "C:\ProgramData\EncCopyCopy.xdc7r"
O4 - HKCU\..\Run: [SHIM LINK FREE BALL] "C:\ProgramData\open wipe four.u4mfvan"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ssqww] "c:\users\romain\appdata\local\ssqww.exe" ssqww
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdc_device - - C:\Windows\system32\lxdccoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 7763 bytes
Merci d avances pour vos reponsesss merci
rom1
slt,
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
voici le fameux rapport
-------------------\\ Lop S&D 4.2.4-5 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
BIOS : Default System BIOS
USER : Solo ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081004-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 141 Go Free : 88 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 05/10/2008|19:16 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[12/04/2008|21:38] C:\Users\Solo\AppData\Local\Adobe
[31/03/2008|20:37] C:\Users\Solo\AppData\Local\Apple
[05/08/2008|12:25] C:\Users\Solo\AppData\Local\Apple Computer
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Application Data
[05/10/2008|11:08] C:\Users\Solo\AppData\Local\ApplicationHistory
[02/10/2008|20:41] C:\Users\Solo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[04/05/2008|20:50] C:\Users\Solo\AppData\Local\Downloaded Installations
[25/03/2008|04:28] C:\Users\Solo\AppData\Local\eMule
[25/03/2008|00:38] C:\Users\Solo\AppData\Local\fusioncache.dat
[11/09/2008|12:49] C:\Users\Solo\AppData\Local\GDIPFONTCACHEV1.DAT
[09/08/2008|21:54] C:\Users\Solo\AppData\Local\Google
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Historique
[04/10/2008|23:13] C:\Users\Solo\AppData\Local\IconCache.db
[15/04/2008|13:48] C:\Users\Solo\AppData\Local\IM
[30/05/2008|19:42] C:\Users\Solo\AppData\Local\Microsoft
[17/05/2008|14:25] C:\Users\Solo\AppData\Local\Microsoft Games
[08/04/2008|21:44] C:\Users\Solo\AppData\Local\Microsoft Help
[25/03/2008|00:40] C:\Users\Solo\AppData\Local\Packard Bell
[25/03/2008|00:46] C:\Users\Solo\AppData\Local\PowerCinema
[05/10/2008|19:15] C:\Users\Solo\AppData\Local\Temp
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Temporary Internet Files
[25/03/2008|00:38] C:\Users\Solo\AppData\Local\VirtualStore
[30/09/2008|21:36] C:\Users\Solo\AppData\Local\Zylom Games
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[04/10/2008 19:41][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{E7F2F4BA-F16E-481A-9661-EFF72FB2B692}.job
[05/10/2008 19:00][--a------] C:\Windows\tasks\Extension de garantie.job
[05/10/2008 19:00][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[05/10/2008 11:08][--ah-----] C:\Windows\tasks\SA.DAT
[04/10/2008 23:13][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[23/10/2007|23:59] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[04/05/2008|20:50] C:\ProgramData\Adobe
[02/09/2008|21:39] C:\ProgramData\aim rect help creative
[25/04/2008|16:45] C:\ProgramData\Apple
[06/08/2008|00:38] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[27/09/2008|23:30] C:\ProgramData\Bone Iso 01
[25/03/2008|00:27] C:\ProgramData\Bureau
[02/09/2008|21:38] C:\ProgramData\chiclicenselicense.23xfa4b
[02/09/2008|21:38] C:\ProgramData\chiclicenselicense.x1jf7h
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/03/2008|04:28] C:\ProgramData\eMule
[05/06/2008|11:03] C:\ProgramData\ezsid.dat
[25/03/2008|00:27] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[25/03/2008|00:43] C:\ProgramData\Google
[25/03/2008|01:21] C:\ProgramData\IM
[25/03/2008|01:21] C:\ProgramData\IncrediMail
[15/05/2008|02:57] C:\ProgramData\Installations
[23/10/2007|23:49] C:\ProgramData\InstallShield
[09/06/2008|23:55] C:\ProgramData\LauncherAccess.dt
[25/03/2008|05:51] C:\ProgramData\Lavasoft
[25/03/2008|03:24] C:\ProgramData\Logishrd
[25/03/2008|02:43] C:\ProgramData\Logitech
[25/03/2008|00:27] C:\ProgramData\Menu D‚marrer
[23/05/2008|23:53] C:\ProgramData\Messenger Plus!
[11/09/2008|01:18] C:\ProgramData\Microsoft
[11/09/2008|01:19] C:\ProgramData\Microsoft Help
[25/03/2008|00:27] C:\ProgramData\ModŠles
[15/05/2008|03:00] C:\ProgramData\Nokia
[27/07/2008|14:12] C:\ProgramData\ntuser.pol
[23/10/2007|23:42] C:\ProgramData\NVIDIA
[15/05/2008|01:07] C:\ProgramData\PC Suite
[22/08/2008|13:33] C:\ProgramData\Roxio
[05/04/2008|21:23] C:\ProgramData\Skype
[23/10/2007|23:49] C:\ProgramData\Sonic
[05/09/2008|03:10] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[25/03/2008|00:57] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[02/09/2008|21:39] C:\ProgramData\test roam eq.eddol4
[25/03/2008|01:38] C:\ProgramData\WLInstaller
[30/09/2008|20:34] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[23/10/2007|23:59] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[28/07/2008|19:25] C:\Program Files\Adobe
[25/03/2008|17:07] C:\Program Files\AIDA32 - Personal System Information
[28/03/2008|23:27] C:\Program Files\Alcohol Soft
[25/03/2008|01:14] C:\Program Files\Alwil Software
[25/04/2008|16:45] C:\Program Files\Apple Software Update
[04/05/2008|20:50] C:\Program Files\Canal
[02/09/2008|21:38] C:\Program Files\Circle Developement
[25/09/2008|21:46] C:\Program Files\Common Files
[25/03/2008|00:47] C:\Program Files\CyberLink
[30/03/2008|20:48] C:\Program Files\DAMN NFO Viewer
[30/09/2008|22:01] C:\Program Files\Delicious 2 Deluxe
[15/05/2008|01:01] C:\Program Files\DIFX
[31/03/2008|18:39] C:\Program Files\DivX
[01/05/2008|13:01] C:\Program Files\DNA
[25/03/2008|04:28] C:\Program Files\eMule
[25/03/2008|00:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[25/03/2008|00:57] C:\Program Files\Google
[23/10/2007|23:43] C:\Program Files\HDReg
[19/08/2008|14:27] C:\Program Files\IncrediMail
[30/05/2008|19:47] C:\Program Files\InstallShield Installation Information
[04/07/2008|15:12] C:\Program Files\Internet Explorer
[07/08/2008|19:20] C:\Program Files\Java
[31/03/2008|20:55] C:\Program Files\K-Lite Codec Pack
[14/08/2008|02:41] C:\Program Files\Lavasoft
[03/06/2008|21:14] C:\Program Files\licenses
[25/03/2008|03:13] C:\Program Files\Logitech
[02/09/2008|21:38] C:\Program Files\Messenger Plus! Live
[25/03/2008|04:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[11/09/2008|01:18] C:\Program Files\Microsoft Office
[23/10/2007|23:58] C:\Program Files\Microsoft Works
[23/10/2007|23:57] C:\Program Files\Microsoft.NET
[04/07/2008|15:12] C:\Program Files\Movie Maker
[25/03/2008|00:55] C:\Program Files\Mozilla Firefox
[11/09/2008|01:18] C:\Program Files\MSBuild
[25/03/2008|01:25] C:\Program Files\MSXML 4.0
[16/05/2008|02:34] C:\Program Files\Nokia
[25/03/2008|00:53] C:\Program Files\Norton 360
[05/09/2008|16:17] C:\Program Files\OpenOffice.org 2.4
[06/08/2008|00:39] C:\Program Files\Packard Bell
[15/05/2008|01:00] C:\Program Files\PC Connectivity Solution
[03/08/2008|22:41] C:\Program Files\QuickTime
[03/06/2008|21:14] C:\Program Files\readmes
[23/10/2007|23:38] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[23/10/2007|23:49] C:\Program Files\Roxio
[06/08/2008|20:03] C:\Program Files\Safari
[30/05/2008|19:36] C:\Program Files\Samsung
[25/03/2008|16:40] C:\Program Files\Seagate
[05/04/2008|21:23] C:\Program Files\Skype
[05/09/2008|00:39] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[31/03/2008|21:01] C:\Program Files\VideoLAN
[10/06/2008|14:32] C:\Program Files\WinAVI MP4 Converter
[04/07/2008|15:12] C:\Program Files\Windows Calendar
[04/07/2008|15:12] C:\Program Files\Windows Collaboration
[04/07/2008|15:12] C:\Program Files\Windows Defender
[04/07/2008|15:12] C:\Program Files\Windows Journal
[16/05/2008|02:35] C:\Program Files\Windows Live
[12/08/2008|22:00] C:\Program Files\Windows Mail
[04/07/2008|15:12] C:\Program Files\Windows Media Player
[25/03/2008|00:27] C:\Program Files\Windows NT
[04/07/2008|15:12] C:\Program Files\Windows Photo Gallery
[04/07/2008|15:12] C:\Program Files\Windows Sidebar
[25/03/2008|05:34] C:\Program Files\WinRAR
[31/03/2008|21:08] C:\Program Files\WMV9_VCM
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[22/04/2008|12:16] C:\Program Files\Common Files\Adobe
[12/07/2008|14:39] C:\Program Files\Common Files\Adobe AIR
[23/10/2007|23:57] C:\Program Files\Common Files\DESIGNER
[25/03/2008|00:47] C:\Program Files\Common Files\InstallShield
[01/06/2008|23:56] C:\Program Files\Common Files\Java
[25/03/2008|03:14] C:\Program Files\Common Files\logishrd
[11/09/2008|01:18] C:\Program Files\Common Files\microsoft shared
[25/09/2008|21:46] C:\Program Files\Common Files\Nullsoft
[31/03/2008|18:39] C:\Program Files\Common Files\PX Storage Engine
[23/10/2007|23:49] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[05/04/2008|21:23] C:\Program Files\Common Files\Skype
[23/10/2007|23:49] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[23/10/2007|23:49] C:\Program Files\Common Files\SureThing Shared
[25/03/2008|00:53] C:\Program Files\Common Files\Symantec Shared
[11/09/2008|01:16] C:\Program Files\Common Files\System
[25/03/2008|01:48] C:\Program Files\Common Files\WindowsLiveInstaller
[01/04/2008|21:22] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 70 Processes )
iexplore.exe ~ [PID:2308]
iexplore.exe ~ [PID:10228]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\chiclicenselicense.x1jf7h
C:\ProgramData\test roam eq.eddol4
C:\ProgramData\chiclicenselicense.23xfa4b
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\aim rect help creative
C:\ProgramData\aim rect help creative\Title Bin.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\Users\Solo\AppData\Roaming\MICROS~1\Windows\Cookies\solo@adopt.euroclick[1].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"thisuser"="\"C:\\ProgramData\\chiclicenselicense.x1jf7h\""
"Help Creative Meow City"="\"C:\\ProgramData\\test roam eq.eddol4\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-05 19:16:55
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
C:\Users\Solo\AppData\Local\IM\Runtime\Message\{52E070F2-B9FA-4E30-867E-9FDD67764877}
scan completed successfully
hidden processes: 0
hidden files: 33
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\Desktop\VIDE INCOMING\Delicious 2 Deluxe Crack.rar
C:\Users\Solo\Desktop\VIDE INCOMING\Incredimail.Xe.Premium.v5.85.3718.FR.Incl-Crack.[eMule-DivX.com].rar
[F:4428][D:27]-> C:\Users\Solo\AppData\Local\Temp
[F:173][D:1]-> C:\Users\Solo\AppData\Roaming\MICROS~1\Windows\Cookies
[F:7008][D:8]-> C:\Users\Solo\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:10][D:3]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 05/10/2008|19:24 - Option : [1]
--------------------\\ Fin du rapport a 19:24:37
[ UAC => 1 ]
-------------------\\ Lop S&D 4.2.4-5 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
BIOS : Default System BIOS
USER : Solo ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081004-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 141 Go Free : 88 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 05/10/2008|19:16 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[12/04/2008|21:38] C:\Users\Solo\AppData\Local\Adobe
[31/03/2008|20:37] C:\Users\Solo\AppData\Local\Apple
[05/08/2008|12:25] C:\Users\Solo\AppData\Local\Apple Computer
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Application Data
[05/10/2008|11:08] C:\Users\Solo\AppData\Local\ApplicationHistory
[02/10/2008|20:41] C:\Users\Solo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[04/05/2008|20:50] C:\Users\Solo\AppData\Local\Downloaded Installations
[25/03/2008|04:28] C:\Users\Solo\AppData\Local\eMule
[25/03/2008|00:38] C:\Users\Solo\AppData\Local\fusioncache.dat
[11/09/2008|12:49] C:\Users\Solo\AppData\Local\GDIPFONTCACHEV1.DAT
[09/08/2008|21:54] C:\Users\Solo\AppData\Local\Google
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Historique
[04/10/2008|23:13] C:\Users\Solo\AppData\Local\IconCache.db
[15/04/2008|13:48] C:\Users\Solo\AppData\Local\IM
[30/05/2008|19:42] C:\Users\Solo\AppData\Local\Microsoft
[17/05/2008|14:25] C:\Users\Solo\AppData\Local\Microsoft Games
[08/04/2008|21:44] C:\Users\Solo\AppData\Local\Microsoft Help
[25/03/2008|00:40] C:\Users\Solo\AppData\Local\Packard Bell
[25/03/2008|00:46] C:\Users\Solo\AppData\Local\PowerCinema
[05/10/2008|19:15] C:\Users\Solo\AppData\Local\Temp
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Temporary Internet Files
[25/03/2008|00:38] C:\Users\Solo\AppData\Local\VirtualStore
[30/09/2008|21:36] C:\Users\Solo\AppData\Local\Zylom Games
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[04/10/2008 19:41][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{E7F2F4BA-F16E-481A-9661-EFF72FB2B692}.job
[05/10/2008 19:00][--a------] C:\Windows\tasks\Extension de garantie.job
[05/10/2008 19:00][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[05/10/2008 11:08][--ah-----] C:\Windows\tasks\SA.DAT
[04/10/2008 23:13][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[23/10/2007|23:59] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[04/05/2008|20:50] C:\ProgramData\Adobe
[02/09/2008|21:39] C:\ProgramData\aim rect help creative
[25/04/2008|16:45] C:\ProgramData\Apple
[06/08/2008|00:38] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[27/09/2008|23:30] C:\ProgramData\Bone Iso 01
[25/03/2008|00:27] C:\ProgramData\Bureau
[02/09/2008|21:38] C:\ProgramData\chiclicenselicense.23xfa4b
[02/09/2008|21:38] C:\ProgramData\chiclicenselicense.x1jf7h
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/03/2008|04:28] C:\ProgramData\eMule
[05/06/2008|11:03] C:\ProgramData\ezsid.dat
[25/03/2008|00:27] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[25/03/2008|00:43] C:\ProgramData\Google
[25/03/2008|01:21] C:\ProgramData\IM
[25/03/2008|01:21] C:\ProgramData\IncrediMail
[15/05/2008|02:57] C:\ProgramData\Installations
[23/10/2007|23:49] C:\ProgramData\InstallShield
[09/06/2008|23:55] C:\ProgramData\LauncherAccess.dt
[25/03/2008|05:51] C:\ProgramData\Lavasoft
[25/03/2008|03:24] C:\ProgramData\Logishrd
[25/03/2008|02:43] C:\ProgramData\Logitech
[25/03/2008|00:27] C:\ProgramData\Menu D‚marrer
[23/05/2008|23:53] C:\ProgramData\Messenger Plus!
[11/09/2008|01:18] C:\ProgramData\Microsoft
[11/09/2008|01:19] C:\ProgramData\Microsoft Help
[25/03/2008|00:27] C:\ProgramData\ModŠles
[15/05/2008|03:00] C:\ProgramData\Nokia
[27/07/2008|14:12] C:\ProgramData\ntuser.pol
[23/10/2007|23:42] C:\ProgramData\NVIDIA
[15/05/2008|01:07] C:\ProgramData\PC Suite
[22/08/2008|13:33] C:\ProgramData\Roxio
[05/04/2008|21:23] C:\ProgramData\Skype
[23/10/2007|23:49] C:\ProgramData\Sonic
[05/09/2008|03:10] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[25/03/2008|00:57] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[02/09/2008|21:39] C:\ProgramData\test roam eq.eddol4
[25/03/2008|01:38] C:\ProgramData\WLInstaller
[30/09/2008|20:34] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[23/10/2007|23:59] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[28/07/2008|19:25] C:\Program Files\Adobe
[25/03/2008|17:07] C:\Program Files\AIDA32 - Personal System Information
[28/03/2008|23:27] C:\Program Files\Alcohol Soft
[25/03/2008|01:14] C:\Program Files\Alwil Software
[25/04/2008|16:45] C:\Program Files\Apple Software Update
[04/05/2008|20:50] C:\Program Files\Canal
[02/09/2008|21:38] C:\Program Files\Circle Developement
[25/09/2008|21:46] C:\Program Files\Common Files
[25/03/2008|00:47] C:\Program Files\CyberLink
[30/03/2008|20:48] C:\Program Files\DAMN NFO Viewer
[30/09/2008|22:01] C:\Program Files\Delicious 2 Deluxe
[15/05/2008|01:01] C:\Program Files\DIFX
[31/03/2008|18:39] C:\Program Files\DivX
[01/05/2008|13:01] C:\Program Files\DNA
[25/03/2008|04:28] C:\Program Files\eMule
[25/03/2008|00:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[25/03/2008|00:57] C:\Program Files\Google
[23/10/2007|23:43] C:\Program Files\HDReg
[19/08/2008|14:27] C:\Program Files\IncrediMail
[30/05/2008|19:47] C:\Program Files\InstallShield Installation Information
[04/07/2008|15:12] C:\Program Files\Internet Explorer
[07/08/2008|19:20] C:\Program Files\Java
[31/03/2008|20:55] C:\Program Files\K-Lite Codec Pack
[14/08/2008|02:41] C:\Program Files\Lavasoft
[03/06/2008|21:14] C:\Program Files\licenses
[25/03/2008|03:13] C:\Program Files\Logitech
[02/09/2008|21:38] C:\Program Files\Messenger Plus! Live
[25/03/2008|04:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[11/09/2008|01:18] C:\Program Files\Microsoft Office
[23/10/2007|23:58] C:\Program Files\Microsoft Works
[23/10/2007|23:57] C:\Program Files\Microsoft.NET
[04/07/2008|15:12] C:\Program Files\Movie Maker
[25/03/2008|00:55] C:\Program Files\Mozilla Firefox
[11/09/2008|01:18] C:\Program Files\MSBuild
[25/03/2008|01:25] C:\Program Files\MSXML 4.0
[16/05/2008|02:34] C:\Program Files\Nokia
[25/03/2008|00:53] C:\Program Files\Norton 360
[05/09/2008|16:17] C:\Program Files\OpenOffice.org 2.4
[06/08/2008|00:39] C:\Program Files\Packard Bell
[15/05/2008|01:00] C:\Program Files\PC Connectivity Solution
[03/08/2008|22:41] C:\Program Files\QuickTime
[03/06/2008|21:14] C:\Program Files\readmes
[23/10/2007|23:38] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[23/10/2007|23:49] C:\Program Files\Roxio
[06/08/2008|20:03] C:\Program Files\Safari
[30/05/2008|19:36] C:\Program Files\Samsung
[25/03/2008|16:40] C:\Program Files\Seagate
[05/04/2008|21:23] C:\Program Files\Skype
[05/09/2008|00:39] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[31/03/2008|21:01] C:\Program Files\VideoLAN
[10/06/2008|14:32] C:\Program Files\WinAVI MP4 Converter
[04/07/2008|15:12] C:\Program Files\Windows Calendar
[04/07/2008|15:12] C:\Program Files\Windows Collaboration
[04/07/2008|15:12] C:\Program Files\Windows Defender
[04/07/2008|15:12] C:\Program Files\Windows Journal
[16/05/2008|02:35] C:\Program Files\Windows Live
[12/08/2008|22:00] C:\Program Files\Windows Mail
[04/07/2008|15:12] C:\Program Files\Windows Media Player
[25/03/2008|00:27] C:\Program Files\Windows NT
[04/07/2008|15:12] C:\Program Files\Windows Photo Gallery
[04/07/2008|15:12] C:\Program Files\Windows Sidebar
[25/03/2008|05:34] C:\Program Files\WinRAR
[31/03/2008|21:08] C:\Program Files\WMV9_VCM
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[22/04/2008|12:16] C:\Program Files\Common Files\Adobe
[12/07/2008|14:39] C:\Program Files\Common Files\Adobe AIR
[23/10/2007|23:57] C:\Program Files\Common Files\DESIGNER
[25/03/2008|00:47] C:\Program Files\Common Files\InstallShield
[01/06/2008|23:56] C:\Program Files\Common Files\Java
[25/03/2008|03:14] C:\Program Files\Common Files\logishrd
[11/09/2008|01:18] C:\Program Files\Common Files\microsoft shared
[25/09/2008|21:46] C:\Program Files\Common Files\Nullsoft
[31/03/2008|18:39] C:\Program Files\Common Files\PX Storage Engine
[23/10/2007|23:49] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[05/04/2008|21:23] C:\Program Files\Common Files\Skype
[23/10/2007|23:49] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[23/10/2007|23:49] C:\Program Files\Common Files\SureThing Shared
[25/03/2008|00:53] C:\Program Files\Common Files\Symantec Shared
[11/09/2008|01:16] C:\Program Files\Common Files\System
[25/03/2008|01:48] C:\Program Files\Common Files\WindowsLiveInstaller
[01/04/2008|21:22] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 70 Processes )
iexplore.exe ~ [PID:2308]
iexplore.exe ~ [PID:10228]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\chiclicenselicense.x1jf7h
C:\ProgramData\test roam eq.eddol4
C:\ProgramData\chiclicenselicense.23xfa4b
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\aim rect help creative
C:\ProgramData\aim rect help creative\Title Bin.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\Users\Solo\AppData\Roaming\MICROS~1\Windows\Cookies\solo@adopt.euroclick[1].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"thisuser"="\"C:\\ProgramData\\chiclicenselicense.x1jf7h\""
"Help Creative Meow City"="\"C:\\ProgramData\\test roam eq.eddol4\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-05 19:16:55
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
C:\Users\Solo\AppData\Local\IM\Runtime\Message\{52E070F2-B9FA-4E30-867E-9FDD67764877}
scan completed successfully
hidden processes: 0
hidden files: 33
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\Desktop\VIDE INCOMING\Delicious 2 Deluxe Crack.rar
C:\Users\Solo\Desktop\VIDE INCOMING\Incredimail.Xe.Premium.v5.85.3718.FR.Incl-Crack.[eMule-DivX.com].rar
[F:4428][D:27]-> C:\Users\Solo\AppData\Local\Temp
[F:173][D:1]-> C:\Users\Solo\AppData\Roaming\MICROS~1\Windows\Cookies
[F:7008][D:8]-> C:\Users\Solo\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:10][D:3]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 05/10/2008|19:24 - Option : [1]
--------------------\\ Fin du rapport a 19:24:37
[ UAC => 1 ]
Télécharges Spybot et fais un scan. Cliques ensuite sur Corriger les erreurs.
bonjour joujou
tout d'abord merci de ton aide
pour le moment je suis en train de faire un rapport avec le programme que l'on viens de me donner
ensuite je doit le faire avec ton programme ?
car tu me dit "fais un scan. Cliques ensuite sur Corriger les erreurs"
je ne saurrais pas corrigé mes érreurs car si je le savais comment faire je ne serais pas la ..
tout d'abord merci de ton aide
pour le moment je suis en train de faire un rapport avec le programme que l'on viens de me donner
ensuite je doit le faire avec ton programme ?
car tu me dit "fais un scan. Cliques ensuite sur Corriger les erreurs"
je ne saurrais pas corrigé mes érreurs car si je le savais comment faire je ne serais pas la ..
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
il faudrait virer ces cracks
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\Desktop\VIDE INCOMING\Delicious 2 Deluxe Crack.rar
C:\Users\Solo\Desktop\VIDE INCOMING\Incredimail.Xe.Premium.v5.85.3718.FR.Incl-Crack.[eMule-DivX.com].rar
__________________
refais lop sd:
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\Desktop\VIDE INCOMING\Delicious 2 Deluxe Crack.rar
C:\Users\Solo\Desktop\VIDE INCOMING\Incredimail.Xe.Premium.v5.85.3718.FR.Incl-Crack.[eMule-DivX.com].rar
__________________
refais lop sd:
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
je ne sais pas si c'est comme ça ou pas mais je fait directement comme tu me dit c'est a dire
refais lop sd:
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
mais je ne comprend pas comment supprimé les fichiers ?
refais lop sd:
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
mais je ne comprend pas comment supprimé les fichiers ?
slt
si tu parle des cracks tu suis les liens pour les virer
sinon fais ceci
télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\Desktop\VIDE INCOMING\Delicious 2 Deluxe Crack.rar
C:\Users\Solo\Desktop\VIDE INCOMING\Incredimail.Xe.Premium.v5.85.3718.FR.Incl-Crack.[eMule-DivX.com].rar
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
si tu parle des cracks tu suis les liens pour les virer
sinon fais ceci
télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\Desktop\VIDE INCOMING\Delicious 2 Deluxe Crack.rar
C:\Users\Solo\Desktop\VIDE INCOMING\Incredimail.Xe.Premium.v5.85.3718.FR.Incl-Crack.[eMule-DivX.com].rar
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
-------------------\\ Listing des dossiers dans Local
[12/04/2008|21:38] C:\Users\Solo\AppData\Local\Adobe
[31/03/2008|20:37] C:\Users\Solo\AppData\Local\Apple
[05/08/2008|12:25] C:\Users\Solo\AppData\Local\Apple Computer
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Application Data
[05/10/2008|11:08] C:\Users\Solo\AppData\Local\ApplicationHistory
[05/10/2008|19:57] C:\Users\Solo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[04/05/2008|20:50] C:\Users\Solo\AppData\Local\Downloaded Installations
[25/03/2008|04:28] C:\Users\Solo\AppData\Local\eMule
[25/03/2008|00:38] C:\Users\Solo\AppData\Local\fusioncache.dat
[11/09/2008|12:49] C:\Users\Solo\AppData\Local\GDIPFONTCACHEV1.DAT
[09/08/2008|21:54] C:\Users\Solo\AppData\Local\Google
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Historique
[04/10/2008|23:13] C:\Users\Solo\AppData\Local\IconCache.db
[15/04/2008|13:48] C:\Users\Solo\AppData\Local\IM
[30/05/2008|19:42] C:\Users\Solo\AppData\Local\Microsoft
[17/05/2008|14:25] C:\Users\Solo\AppData\Local\Microsoft Games
[08/04/2008|21:44] C:\Users\Solo\AppData\Local\Microsoft Help
[25/03/2008|00:40] C:\Users\Solo\AppData\Local\Packard Bell
[25/03/2008|00:46] C:\Users\Solo\AppData\Local\PowerCinema
[05/10/2008|20:22] C:\Users\Solo\AppData\Local\Temp
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Temporary Internet Files
[25/03/2008|00:38] C:\Users\Solo\AppData\Local\VirtualStore
[30/09/2008|21:36] C:\Users\Solo\AppData\Local\Zylom Games
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[05/10/2008 20:22][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{E7F2F4BA-F16E-481A-9661-EFF72FB2B692}.job
[05/10/2008 20:00][--a------] C:\Windows\tasks\Extension de garantie.job
[05/10/2008 20:00][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[05/10/2008 11:08][--ah-----] C:\Windows\tasks\SA.DAT
[04/10/2008 23:13][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[23/10/2007|23:59] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[04/05/2008|20:50] C:\ProgramData\Adobe
[25/04/2008|16:45] C:\ProgramData\Apple
[06/08/2008|00:38] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[27/09/2008|23:30] C:\ProgramData\Bone Iso 01
[25/03/2008|00:27] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/03/2008|04:28] C:\ProgramData\eMule
[05/06/2008|11:03] C:\ProgramData\ezsid.dat
[25/03/2008|00:27] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[25/03/2008|00:43] C:\ProgramData\Google
[25/03/2008|01:21] C:\ProgramData\IM
[25/03/2008|01:21] C:\ProgramData\IncrediMail
[15/05/2008|02:57] C:\ProgramData\Installations
[23/10/2007|23:49] C:\ProgramData\InstallShield
[09/06/2008|23:55] C:\ProgramData\LauncherAccess.dt
[25/03/2008|05:51] C:\ProgramData\Lavasoft
[25/03/2008|03:24] C:\ProgramData\Logishrd
[25/03/2008|02:43] C:\ProgramData\Logitech
[25/03/2008|00:27] C:\ProgramData\Menu D‚marrer
[23/05/2008|23:53] C:\ProgramData\Messenger Plus!
[11/09/2008|01:18] C:\ProgramData\Microsoft
[11/09/2008|01:19] C:\ProgramData\Microsoft Help
[25/03/2008|00:27] C:\ProgramData\ModŠles
[15/05/2008|03:00] C:\ProgramData\Nokia
[27/07/2008|14:12] C:\ProgramData\ntuser.pol
[23/10/2007|23:42] C:\ProgramData\NVIDIA
[15/05/2008|01:07] C:\ProgramData\PC Suite
[22/08/2008|13:33] C:\ProgramData\Roxio
[05/04/2008|21:23] C:\ProgramData\Skype
[23/10/2007|23:49] C:\ProgramData\Sonic
[05/09/2008|03:10] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[25/03/2008|00:57] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[25/03/2008|01:38] C:\ProgramData\WLInstaller
[30/09/2008|20:34] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[23/10/2007|23:59] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[28/07/2008|19:25] C:\Program Files\Adobe
[25/03/2008|17:07] C:\Program Files\AIDA32 - Personal System Information
[28/03/2008|23:27] C:\Program Files\Alcohol Soft
[25/03/2008|01:14] C:\Program Files\Alwil Software
[25/04/2008|16:45] C:\Program Files\Apple Software Update
[04/05/2008|20:50] C:\Program Files\Canal
[25/09/2008|21:46] C:\Program Files\Common Files
[25/03/2008|00:47] C:\Program Files\CyberLink
[30/03/2008|20:48] C:\Program Files\DAMN NFO Viewer
[30/09/2008|22:01] C:\Program Files\Delicious 2 Deluxe
[15/05/2008|01:01] C:\Program Files\DIFX
[31/03/2008|18:39] C:\Program Files\DivX
[01/05/2008|13:01] C:\Program Files\DNA
[25/03/2008|04:28] C:\Program Files\eMule
[25/03/2008|00:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[25/03/2008|00:57] C:\Program Files\Google
[23/10/2007|23:43] C:\Program Files\HDReg
[19/08/2008|14:27] C:\Program Files\IncrediMail
[30/05/2008|19:47] C:\Program Files\InstallShield Installation Information
[04/07/2008|15:12] C:\Program Files\Internet Explorer
[07/08/2008|19:20] C:\Program Files\Java
[31/03/2008|20:55] C:\Program Files\K-Lite Codec Pack
[14/08/2008|02:41] C:\Program Files\Lavasoft
[03/06/2008|21:14] C:\Program Files\licenses
[25/03/2008|03:13] C:\Program Files\Logitech
[02/09/2008|21:38] C:\Program Files\Messenger Plus! Live
[25/03/2008|04:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[11/09/2008|01:18] C:\Program Files\Microsoft Office
[23/10/2007|23:58] C:\Program Files\Microsoft Works
[23/10/2007|23:57] C:\Program Files\Microsoft.NET
[04/07/2008|15:12] C:\Program Files\Movie Maker
[25/03/2008|00:55] C:\Program Files\Mozilla Firefox
[11/09/2008|01:18] C:\Program Files\MSBuild
[25/03/2008|01:25] C:\Program Files\MSXML 4.0
[16/05/2008|02:34] C:\Program Files\Nokia
[25/03/2008|00:53] C:\Program Files\Norton 360
[05/09/2008|16:17] C:\Program Files\OpenOffice.org 2.4
[06/08/2008|00:39] C:\Program Files\Packard Bell
[15/05/2008|01:00] C:\Program Files\PC Connectivity Solution
[03/08/2008|22:41] C:\Program Files\QuickTime
[03/06/2008|21:14] C:\Program Files\readmes
[23/10/2007|23:38] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[23/10/2007|23:49] C:\Program Files\Roxio
[06/08/2008|20:03] C:\Program Files\Safari
[30/05/2008|19:36] C:\Program Files\Samsung
[25/03/2008|16:40] C:\Program Files\Seagate
[05/04/2008|21:23] C:\Program Files\Skype
[05/09/2008|00:39] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[31/03/2008|21:01] C:\Program Files\VideoLAN
[10/06/2008|14:32] C:\Program Files\WinAVI MP4 Converter
[04/07/2008|15:12] C:\Program Files\Windows Calendar
[04/07/2008|15:12] C:\Program Files\Windows Collaboration
[04/07/2008|15:12] C:\Program Files\Windows Defender
[04/07/2008|15:12] C:\Program Files\Windows Journal
[16/05/2008|02:35] C:\Program Files\Windows Live
[12/08/2008|22:00] C:\Program Files\Windows Mail
[04/07/2008|15:12] C:\Program Files\Windows Media Player
[25/03/2008|00:27] C:\Program Files\Windows NT
[04/07/2008|15:12] C:\Program Files\Windows Photo Gallery
[04/07/2008|15:12] C:\Program Files\Windows Sidebar
[25/03/2008|05:34] C:\Program Files\WinRAR
[31/03/2008|21:08] C:\Program Files\WMV9_VCM
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[22/04/2008|12:16] C:\Program Files\Common Files\Adobe
[12/07/2008|14:39] C:\Program Files\Common Files\Adobe AIR
[23/10/2007|23:57] C:\Program Files\Common Files\DESIGNER
[25/03/2008|00:47] C:\Program Files\Common Files\InstallShield
[01/06/2008|23:56] C:\Program Files\Common Files\Java
[25/03/2008|03:14] C:\Program Files\Common Files\logishrd
[11/09/2008|01:18] C:\Program Files\Common Files\microsoft shared
[25/09/2008|21:46] C:\Program Files\Common Files\Nullsoft
[31/03/2008|18:39] C:\Program Files\Common Files\PX Storage Engine
[23/10/2007|23:49] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[05/04/2008|21:23] C:\Program Files\Common Files\Skype
[23/10/2007|23:49] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[23/10/2007|23:49] C:\Program Files\Common Files\SureThing Shared
[25/03/2008|00:53] C:\Program Files\Common Files\Symantec Shared
[11/09/2008|01:16] C:\Program Files\Common Files\System
[25/03/2008|01:48] C:\Program Files\Common Files\WindowsLiveInstaller
[01/04/2008|21:22] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 68 Processes )
iexplore.exe ~ [PID:30560]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-05 20:27:41
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 32
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\Desktop\VIDE INCOMING\Incredimail.Xe.Premium.v5.85.3718.FR.Incl-Crack.[eMule-DivX.com].rar
[F:4489][D:27]-> C:\Users\Solo\AppData\Local\Temp
[F:195][D:1]-> C:\Users\Solo\AppData\Roaming\MICROS~1\Windows\Cookies
[F:7034][D:8]-> C:\Users\Solo\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:8][D:3]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 05/10/2008|19:24 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 05/10/2008|20:04 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 05/10/2008|20:19 - Option : [2]
4 - "C:\Lop SD\LopR_4.txt" - 05/10/2008|20:34 - Option : [1]
--------------------\\ Fin du rapport a 20:34:21
[12/04/2008|21:38] C:\Users\Solo\AppData\Local\Adobe
[31/03/2008|20:37] C:\Users\Solo\AppData\Local\Apple
[05/08/2008|12:25] C:\Users\Solo\AppData\Local\Apple Computer
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Application Data
[05/10/2008|11:08] C:\Users\Solo\AppData\Local\ApplicationHistory
[05/10/2008|19:57] C:\Users\Solo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[04/05/2008|20:50] C:\Users\Solo\AppData\Local\Downloaded Installations
[25/03/2008|04:28] C:\Users\Solo\AppData\Local\eMule
[25/03/2008|00:38] C:\Users\Solo\AppData\Local\fusioncache.dat
[11/09/2008|12:49] C:\Users\Solo\AppData\Local\GDIPFONTCACHEV1.DAT
[09/08/2008|21:54] C:\Users\Solo\AppData\Local\Google
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Historique
[04/10/2008|23:13] C:\Users\Solo\AppData\Local\IconCache.db
[15/04/2008|13:48] C:\Users\Solo\AppData\Local\IM
[30/05/2008|19:42] C:\Users\Solo\AppData\Local\Microsoft
[17/05/2008|14:25] C:\Users\Solo\AppData\Local\Microsoft Games
[08/04/2008|21:44] C:\Users\Solo\AppData\Local\Microsoft Help
[25/03/2008|00:40] C:\Users\Solo\AppData\Local\Packard Bell
[25/03/2008|00:46] C:\Users\Solo\AppData\Local\PowerCinema
[05/10/2008|20:22] C:\Users\Solo\AppData\Local\Temp
[25/03/2008|00:31] C:\Users\Solo\AppData\Local\Temporary Internet Files
[25/03/2008|00:38] C:\Users\Solo\AppData\Local\VirtualStore
[30/09/2008|21:36] C:\Users\Solo\AppData\Local\Zylom Games
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[05/10/2008 20:22][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{E7F2F4BA-F16E-481A-9661-EFF72FB2B692}.job
[05/10/2008 20:00][--a------] C:\Windows\tasks\Extension de garantie.job
[05/10/2008 20:00][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[05/10/2008 11:08][--ah-----] C:\Windows\tasks\SA.DAT
[04/10/2008 23:13][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[23/10/2007|23:59] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[04/05/2008|20:50] C:\ProgramData\Adobe
[25/04/2008|16:45] C:\ProgramData\Apple
[06/08/2008|00:38] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[27/09/2008|23:30] C:\ProgramData\Bone Iso 01
[25/03/2008|00:27] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/03/2008|04:28] C:\ProgramData\eMule
[05/06/2008|11:03] C:\ProgramData\ezsid.dat
[25/03/2008|00:27] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[25/03/2008|00:43] C:\ProgramData\Google
[25/03/2008|01:21] C:\ProgramData\IM
[25/03/2008|01:21] C:\ProgramData\IncrediMail
[15/05/2008|02:57] C:\ProgramData\Installations
[23/10/2007|23:49] C:\ProgramData\InstallShield
[09/06/2008|23:55] C:\ProgramData\LauncherAccess.dt
[25/03/2008|05:51] C:\ProgramData\Lavasoft
[25/03/2008|03:24] C:\ProgramData\Logishrd
[25/03/2008|02:43] C:\ProgramData\Logitech
[25/03/2008|00:27] C:\ProgramData\Menu D‚marrer
[23/05/2008|23:53] C:\ProgramData\Messenger Plus!
[11/09/2008|01:18] C:\ProgramData\Microsoft
[11/09/2008|01:19] C:\ProgramData\Microsoft Help
[25/03/2008|00:27] C:\ProgramData\ModŠles
[15/05/2008|03:00] C:\ProgramData\Nokia
[27/07/2008|14:12] C:\ProgramData\ntuser.pol
[23/10/2007|23:42] C:\ProgramData\NVIDIA
[15/05/2008|01:07] C:\ProgramData\PC Suite
[22/08/2008|13:33] C:\ProgramData\Roxio
[05/04/2008|21:23] C:\ProgramData\Skype
[23/10/2007|23:49] C:\ProgramData\Sonic
[05/09/2008|03:10] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[25/03/2008|00:57] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[25/03/2008|01:38] C:\ProgramData\WLInstaller
[30/09/2008|20:34] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[23/10/2007|23:59] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[28/07/2008|19:25] C:\Program Files\Adobe
[25/03/2008|17:07] C:\Program Files\AIDA32 - Personal System Information
[28/03/2008|23:27] C:\Program Files\Alcohol Soft
[25/03/2008|01:14] C:\Program Files\Alwil Software
[25/04/2008|16:45] C:\Program Files\Apple Software Update
[04/05/2008|20:50] C:\Program Files\Canal
[25/09/2008|21:46] C:\Program Files\Common Files
[25/03/2008|00:47] C:\Program Files\CyberLink
[30/03/2008|20:48] C:\Program Files\DAMN NFO Viewer
[30/09/2008|22:01] C:\Program Files\Delicious 2 Deluxe
[15/05/2008|01:01] C:\Program Files\DIFX
[31/03/2008|18:39] C:\Program Files\DivX
[01/05/2008|13:01] C:\Program Files\DNA
[25/03/2008|04:28] C:\Program Files\eMule
[25/03/2008|00:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[25/03/2008|00:57] C:\Program Files\Google
[23/10/2007|23:43] C:\Program Files\HDReg
[19/08/2008|14:27] C:\Program Files\IncrediMail
[30/05/2008|19:47] C:\Program Files\InstallShield Installation Information
[04/07/2008|15:12] C:\Program Files\Internet Explorer
[07/08/2008|19:20] C:\Program Files\Java
[31/03/2008|20:55] C:\Program Files\K-Lite Codec Pack
[14/08/2008|02:41] C:\Program Files\Lavasoft
[03/06/2008|21:14] C:\Program Files\licenses
[25/03/2008|03:13] C:\Program Files\Logitech
[02/09/2008|21:38] C:\Program Files\Messenger Plus! Live
[25/03/2008|04:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[11/09/2008|01:18] C:\Program Files\Microsoft Office
[23/10/2007|23:58] C:\Program Files\Microsoft Works
[23/10/2007|23:57] C:\Program Files\Microsoft.NET
[04/07/2008|15:12] C:\Program Files\Movie Maker
[25/03/2008|00:55] C:\Program Files\Mozilla Firefox
[11/09/2008|01:18] C:\Program Files\MSBuild
[25/03/2008|01:25] C:\Program Files\MSXML 4.0
[16/05/2008|02:34] C:\Program Files\Nokia
[25/03/2008|00:53] C:\Program Files\Norton 360
[05/09/2008|16:17] C:\Program Files\OpenOffice.org 2.4
[06/08/2008|00:39] C:\Program Files\Packard Bell
[15/05/2008|01:00] C:\Program Files\PC Connectivity Solution
[03/08/2008|22:41] C:\Program Files\QuickTime
[03/06/2008|21:14] C:\Program Files\readmes
[23/10/2007|23:38] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[23/10/2007|23:49] C:\Program Files\Roxio
[06/08/2008|20:03] C:\Program Files\Safari
[30/05/2008|19:36] C:\Program Files\Samsung
[25/03/2008|16:40] C:\Program Files\Seagate
[05/04/2008|21:23] C:\Program Files\Skype
[05/09/2008|00:39] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[31/03/2008|21:01] C:\Program Files\VideoLAN
[10/06/2008|14:32] C:\Program Files\WinAVI MP4 Converter
[04/07/2008|15:12] C:\Program Files\Windows Calendar
[04/07/2008|15:12] C:\Program Files\Windows Collaboration
[04/07/2008|15:12] C:\Program Files\Windows Defender
[04/07/2008|15:12] C:\Program Files\Windows Journal
[16/05/2008|02:35] C:\Program Files\Windows Live
[12/08/2008|22:00] C:\Program Files\Windows Mail
[04/07/2008|15:12] C:\Program Files\Windows Media Player
[25/03/2008|00:27] C:\Program Files\Windows NT
[04/07/2008|15:12] C:\Program Files\Windows Photo Gallery
[04/07/2008|15:12] C:\Program Files\Windows Sidebar
[25/03/2008|05:34] C:\Program Files\WinRAR
[31/03/2008|21:08] C:\Program Files\WMV9_VCM
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[22/04/2008|12:16] C:\Program Files\Common Files\Adobe
[12/07/2008|14:39] C:\Program Files\Common Files\Adobe AIR
[23/10/2007|23:57] C:\Program Files\Common Files\DESIGNER
[25/03/2008|00:47] C:\Program Files\Common Files\InstallShield
[01/06/2008|23:56] C:\Program Files\Common Files\Java
[25/03/2008|03:14] C:\Program Files\Common Files\logishrd
[11/09/2008|01:18] C:\Program Files\Common Files\microsoft shared
[25/09/2008|21:46] C:\Program Files\Common Files\Nullsoft
[31/03/2008|18:39] C:\Program Files\Common Files\PX Storage Engine
[23/10/2007|23:49] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[05/04/2008|21:23] C:\Program Files\Common Files\Skype
[23/10/2007|23:49] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[23/10/2007|23:49] C:\Program Files\Common Files\SureThing Shared
[25/03/2008|00:53] C:\Program Files\Common Files\Symantec Shared
[11/09/2008|01:16] C:\Program Files\Common Files\System
[25/03/2008|01:48] C:\Program Files\Common Files\WindowsLiveInstaller
[01/04/2008|21:22] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 68 Processes )
iexplore.exe ~ [PID:30560]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-05 20:27:41
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 32
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\AppData\Roaming\Microsoft\Office\Recent\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione seriali Ita Eng de fr ru 32 64 bit.LNK
C:\Users\Solo\Desktop\VIDE INCOMING\Incredimail.Xe.Premium.v5.85.3718.FR.Incl-Crack.[eMule-DivX.com].rar
[F:4489][D:27]-> C:\Users\Solo\AppData\Local\Temp
[F:195][D:1]-> C:\Users\Solo\AppData\Roaming\MICROS~1\Windows\Cookies
[F:7034][D:8]-> C:\Users\Solo\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:8][D:3]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 05/10/2008|19:24 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 05/10/2008|20:04 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 05/10/2008|20:19 - Option : [2]
4 - "C:\Lop SD\LopR_4.txt" - 05/10/2008|20:34 - Option : [1]
--------------------\\ Fin du rapport a 20:34:21
alors vire les cracks manuellement
puis dis nous si encore des pubs CID
puis dis nous si encore des pubs CID
je viens de virer les fichiers concerné et il est vrai que depuis que j'ai fait le scan + OTMoveIt j'ai plus de pubs
merci pour ton aide car cela fait environ 15mn que j'ai plus rien alors que je surf volontairement pour voir si c'est bon .... en l'occurence rien a dire ça a bien marché
bonne soirée a toi et encore merci de ton aide
merci pour ton aide car cela fait environ 15mn que j'ai plus rien alors que je surf volontairement pour voir si c'est bon .... en l'occurence rien a dire ça a bien marché
bonne soirée a toi et encore merci de ton aide
slt tu es infécté par navipromo et search setting
merci de créer ton post et d'expliquer tes soucis et quelqu'un t'aidera
merci de créer ton post et d'expliquer tes soucis et quelqu'un t'aidera
MOI j ai compris hijack met je sais pas quoi supprimer dans mon rapport de scan :
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:02, on 11/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Windows\BR040286.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\rundll32.exe
C:\Users\romain\AppData\Local\ssqww.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Users\romain\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\eMule\emule.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\romain\Downloads\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [BisonInst0402] C:\Windows\BR040286.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [drv acid] "C:\ProgramData\EncCopyCopy.xdc7r"
O4 - HKCU\..\Run: [SHIM LINK FREE BALL] "C:\ProgramData\open wipe four.u4mfvan"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ssqww] "c:\users\romain\appdata\local\ssqww.exe" ssqww
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdc_device - - C:\Windows\system32\lxdccoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 7763 bytes
j ai deja tester 2 logiciel qui ont trouver msn avec les pub met ne l ont pas supprimer c est bizzarre quand je supprimer sa me disait que c etait bien supprimer... met le cauchemar continue......
Merci d avances pour vos reponsesss merci
rom1
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:02, on 11/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Windows\BR040286.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\rundll32.exe
C:\Users\romain\AppData\Local\ssqww.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Users\romain\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\eMule\emule.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\romain\Downloads\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [BisonInst0402] C:\Windows\BR040286.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [drv acid] "C:\ProgramData\EncCopyCopy.xdc7r"
O4 - HKCU\..\Run: [SHIM LINK FREE BALL] "C:\ProgramData\open wipe four.u4mfvan"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ssqww] "c:\users\romain\appdata\local\ssqww.exe" ssqww
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdc_device - - C:\Windows\system32\lxdccoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 7763 bytes
j ai deja tester 2 logiciel qui ont trouver msn avec les pub met ne l ont pas supprimer c est bizzarre quand je supprimer sa me disait que c etait bien supprimer... met le cauchemar continue......
Merci d avances pour vos reponsesss merci
rom1
