Se connecter / S'enregistrer
Votre question

Iexplore.exe en double + pop-up

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Avril 2011 15:41:15

Bonjour à toutes et à tous,
j'ai un problème avec iexplore.exe qui se trouve deux fois dans le gestionnaires des tâches (et je me dis que c'est louche) sans que je ne puisse le supprimer et en plus il n'arrête pas de m'ouvrir des fenêtres de pub alors que je ne l'utilise pas. Que faire??
Voici le rapport de HiJackThis si quelqu'un peut me dire d'où vient le problème parce que moi je ne vois pas.
En vous remerciant par avance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:36:13, on 14/04/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Acronis\TrueImageWorkstation\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\PrintKey2000\Printkey2000.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\lotus\notes\ntmulti.exe
C:\PROGRA~1\Agilent\XPI\Common\bin\NTCWebTier.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\nipalsm.exe
C:\Documents and Settings\admin\Mes documents\Tests_SGACON\LabVIEW6i\MAX\nimax.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\admin\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
R3 - URLSearchHook: WhiteSmoke Tools Toolbar - {011f9246-da13-4555-9998-6e4805bd533f} - C:\Program Files\WhiteSmoke_Tools\prxtbWhi0.dll
O2 - BHO: WhiteSmoke Tools - {011f9246-da13-4555-9998-6e4805bd533f} - C:\Program Files\WhiteSmoke_Tools\prxtbWhi0.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: WhiteSmoke Tools Toolbar - {011f9246-da13-4555-9998-6e4805bd533f} - C:\Program Files\WhiteSmoke_Tools\prxtbWhi0.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageWorkstation\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [IMAQBoot] C:\Documents and Settings\admin\Mes documents\Tests_SGACON\LabVIEW6i\NI-IMAQ\bin\ImaqBoot.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Cake Wipe Inside Wma] C:\Documents and Settings\All Users\Application Data\flag barb cake wipe\dumb help.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [4 Grey] C:\DOCUME~1\admin\APPLIC~1\ABOUTV~1\TypeBrowseHope.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Printkey2000.lnk = C:\Program Files\PrintKey2000\Printkey2000.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = aes.alcatel.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = aes.alcatel.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = aes.alcatel.fr
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Multi-user Cleanup Service - Unknown owner - C:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: nipxirmu - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NTC Database Server - Solid Information Technology - C:\PROGRA~1\Agilent\XPI\NTC\solid\solee.exe
O23 - Service: NTC Measurement Server - Alexandria Software Consulting - C:\PROGRA~1\Agilent\XPI\NTC\util\NTCMeas.exe
O23 - Service: NTC WebTier Server - Alexandria Software Consulting - C:\PROGRA~1\Agilent\XPI\Common\bin\NTCWebTier.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

--
End of file - 12920 bytes

Autres pages sur : iexplore exe double pop

a c 267 8 Sécurité
14 Avril 2011 18:16:02

Bonjour,

Je vois une infection Lop/Swizzor. C'est bizarre car c'est une infection qu'on ne trouve plus normalement.

  • Télécharge Lop S&D (par Eric_71) sur ton Bureau.
  • Puis double-clique sur Lop S&D présent sur ton Bureau.
    (Sous Vista/Win7, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    14 Avril 2011 18:18:11

    hello,


    Citation :
    C'est bizarre car c'est une infection qu'on ne trouve plus normalement



    comme tu dis ! ... un bail que je n'ai pas vu ce niak sur les forums ....



    Pour suivre ... ;) 


    ++
    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    15 Avril 2011 13:32:14

    Disons que j'ai un peu traîner afin de résoudre ce petit problème.
    En tout cas c'est sympa de m'aider à le régler.

    Voici le rapport généré par Lop S&D


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
    BIOS : EPP runtime BIOS - Version 1.1
    USER : admin ( Administrator )
    BOOT : Normal boot
    Firewall : ZoneAlarm Firewall 9.2.106.000 (Not Activated)
    C:\ (Local Disk) - NTFS - Total:55 Go (Free:12 Go)
    D:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 15/04/2011|13:16 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [17/12/2009|10:38] C:\DOCUME~1\admin\APPLIC~1\about vga boob
    [02/02/2006|11:55] C:\DOCUME~1\admin\APPLIC~1\ACD Systems
    [29/06/2007|17:23] C:\DOCUME~1\admin\APPLIC~1\Adobe
    [29/06/2007|17:11] C:\DOCUME~1\admin\APPLIC~1\AdobeUM
    [01/12/2009|21:22] C:\DOCUME~1\admin\APPLIC~1\AOL
    [29/01/2011|11:27] C:\DOCUME~1\admin\APPLIC~1\Canon
    [18/12/2006|20:47] C:\DOCUME~1\admin\APPLIC~1\Ethereal
    [28/11/2009|00:58] C:\DOCUME~1\admin\APPLIC~1\FileZilla
    [23/03/2006|12:49] C:\DOCUME~1\admin\APPLIC~1\Help
    [20/10/2005|22:36] C:\DOCUME~1\admin\APPLIC~1\Identities
    [16/01/2008|13:51] C:\DOCUME~1\admin\APPLIC~1\InterVideo
    [12/03/2006|19:50] C:\DOCUME~1\admin\APPLIC~1\Leadertech
    [17/06/2007|18:48] C:\DOCUME~1\admin\APPLIC~1\Macromedia
    [01/12/2009|10:14] C:\DOCUME~1\admin\APPLIC~1\Malwarebytes
    [23/05/2007|20:48] C:\DOCUME~1\admin\APPLIC~1\MathWorks
    [17/04/2010|02:39] C:\DOCUME~1\admin\APPLIC~1\Microsoft
    [18/06/2008|19:23] C:\DOCUME~1\admin\APPLIC~1\Mozilla
    [27/11/2009|11:00] C:\DOCUME~1\admin\APPLIC~1\MySQL
    [14/10/2009|16:38] C:\DOCUME~1\admin\APPLIC~1\Notepad++
    [05/09/2007|23:05] C:\DOCUME~1\admin\APPLIC~1\OfficeUpdate12
    [22/05/2006|18:07] C:\DOCUME~1\admin\APPLIC~1\Roxio
    [12/03/2006|19:50] C:\DOCUME~1\admin\APPLIC~1\Sonic
    [17/06/2007|18:56] C:\DOCUME~1\admin\APPLIC~1\Sun
    [22/11/2005|15:42] C:\DOCUME~1\admin\APPLIC~1\Symantec
    [04/03/2010|01:18] C:\DOCUME~1\admin\APPLIC~1\WinRAR
    [17/06/2007|18:46] C:\DOCUME~1\admin\APPLIC~1\You've Got Pictures Screensaver

    [24/11/2005|17:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [24/11/2005|17:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
    [25/11/2005|17:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ethereal
    [21/10/2005|09:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
    [20/10/2005|22:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [24/11/2005|09:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [20/10/2005|16:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft Web Folders
    [20/10/2005|22:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
    [22/11/2005|15:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

    [03/02/2006|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
    [20/10/2005|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis
    [02/03/2010|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [25/06/2007|23:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
    [19/09/2008|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
    [17/12/2009|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe
    [20/10/2005|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
    [01/12/2009|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [13/03/2009|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [27/12/2008|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [24/11/2005|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
    [15/03/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [20/10/2005|22:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [14/04/2011|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [23/11/2005|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [17/06/2007|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [19/06/2007|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [02/11/2010|23:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [01/03/2008|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [20/10/2005|22:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [20/10/2005|22:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [20/10/2005|22:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
    [20/10/2005|22:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [20/10/2005|22:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [20/10/2005|22:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft


    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [14/04/2011 17:00][--ah-----] C:\WINDOWS\tasks\ABB3086B9184BDEB.job
    [15/04/2011 13:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 10:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

    ( ABB3086B9184BDEB.job )=( c:\docume~1\admin\applic~1\aboutv~1\FastItchTool.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [25/11/2005|17:34] C:\Program Files\7-Zip
    [17/12/2009|10:37] C:\Program Files\about vga boob
    [20/10/2005|14:56] C:\Program Files\Acronis
    [20/10/2005|15:25] C:\Program Files\Acterna
    [02/03/2010|00:37] C:\Program Files\Adobe
    [20/10/2005|15:41] C:\Program Files\Agilent
    [20/10/2005|22:36] C:\Program Files\Altiris
    [20/10/2005|22:36] C:\Program Files\Analog Devices
    [09/01/2006|11:07] C:\Program Files\Anritsu
    [01/12/2009|21:23] C:\Program Files\AOL
    [26/06/2007|15:57] C:\Program Files\AOL Toolbar
    [30/11/2009|13:39] C:\Program Files\Ask Search Assistant
    [29/01/2011|11:14] C:\Program Files\Canon
    [14/04/2011|12:07] C:\Program Files\CCleaner
    [20/10/2005|18:07] C:\Program Files\CE_Link
    [20/10/2005|15:14] C:\Program Files\Cisco Systems
    [20/10/2005|22:36] C:\Program Files\ComPlus Applications
    [10/08/2009|15:01] C:\Program Files\Conduit
    [13/03/2011|14:57] C:\Program Files\ConduitEngine
    [21/10/2005|08:49] C:\Program Files\Connectix
    [20/10/2005|18:04] C:\Program Files\Dranview
    [08/05/2007|12:54] C:\Program Files\easetech
    [20/10/2005|22:36] C:\Program Files\Easy Internet signup
    [13/02/2011|19:41] C:\Program Files\eMule
    [24/01/2010|20:53] C:\Program Files\eToro
    [01/12/2009|21:23] C:\Program Files\Fichiers communs
    [20/10/2005|15:13] C:\Program Files\FileZilla
    [27/11/2009|12:40] C:\Program Files\FileZilla FTP Client
    [25/11/2005|17:28] C:\Program Files\FlukeView
    [10/03/2006|12:29] C:\Program Files\HP_Bench
    [20/10/2005|13:38] C:\Program Files\HPQ
    [10/08/2009|15:00] C:\Program Files\InstallShield Installation Information
    [20/10/2005|22:36] C:\Program Files\Intel
    [27/12/2008|20:37] C:\Program Files\Internet Explorer
    [20/10/2005|13:45] C:\Program Files\InterVideo
    [20/10/2005|14:12] C:\Program Files\Lavasoft
    [17/06/2007|18:46] C:\Program Files\Learn2.com
    [19/01/2008|00:56] C:\Program Files\lotus
    [14/04/2011|15:21] C:\Program Files\Malwarebytes' Anti-Malware
    [21/06/2007|16:24] C:\Program Files\MATLAB
    [27/12/2008|16:22] C:\Program Files\Messenger
    [13/03/2009|18:57] C:\Program Files\Microsoft
    [23/03/2008|21:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [20/10/2005|22:36] C:\Program Files\microsoft frontpage
    [11/05/2009|19:57] C:\Program Files\Microsoft Office
    [08/11/2009|15:01] C:\Program Files\Microsoft Silverlight
    [13/03/2009|19:00] C:\Program Files\Microsoft SQL Server Compact Edition
    [13/03/2009|19:01] C:\Program Files\Microsoft Sync Framework
    [23/03/2008|20:08] C:\Program Files\Microsoft Works
    [23/03/2008|20:07] C:\Program Files\Microsoft.NET
    [20/10/2005|22:36] C:\Program Files\Movie Maker
    [15/04/2011|13:13] C:\Program Files\Mozilla Firefox
    [20/10/2005|22:36] C:\Program Files\MSN
    [20/10/2005|22:36] C:\Program Files\MSN Gaming Zone
    [27/11/2009|10:58] C:\Program Files\MySQL
    [25/11/2005|16:59] C:\Program Files\National Instruments
    [20/10/2005|22:36] C:\Program Files\NetMeeting
    [24/11/2005|16:54] C:\Program Files\Network Associates
    [14/10/2009|16:38] C:\Program Files\Notepad++
    [20/10/2005|22:36] C:\Program Files\Online Services
    [19/06/2007|00:55] C:\Program Files\Outlook Express
    [20/10/2005|15:01] C:\Program Files\PrintKey2000
    [17/06/2007|18:45] C:\Program Files\QuickTime
    [20/10/2005|13:42] C:\Program Files\Raccourcis de programmes
    [17/06/2007|18:45] C:\Program Files\Real
    [24/11/2005|17:28] C:\Program Files\Rohde&Schwarz
    [20/10/2005|18:10] C:\Program Files\Roxio
    [20/10/2005|15:26] C:\Program Files\Seagate Software
    [20/10/2005|22:36] C:\Program Files\Services en ligne
    [27/10/2009|23:03] C:\Program Files\SFR
    [20/10/2005|22:36] C:\Program Files\Sonic
    [27/03/2010|20:42] C:\Program Files\Spybot - Search & Destroy
    [20/10/2005|22:36] C:\Program Files\Synaptics
    [17/06/2007|18:42] C:\Program Files\TechCity Solutions
    [17/06/2007|18:41] C:\Program Files\Thomson
    [30/11/2009|13:44] C:\Program Files\TorrentSpeeder
    [18/03/2008|23:44] C:\Program Files\UltraISO
    [20/10/2005|22:36] C:\Program Files\Uninstall Information
    [10/03/2006|11:30] C:\Program Files\VBench
    [17/06/2007|18:46] C:\Program Files\Viewpoint
    [13/03/2011|14:57] C:\Program Files\WhiteSmoke_Tools
    [20/10/2005|13:46] C:\Program Files\WIDCOMM
    [30/07/2010|20:57] C:\Program Files\Windows Live
    [13/03/2009|18:56] C:\Program Files\Windows Live SkyDrive
    [22/06/2007|19:59] C:\Program Files\Windows Media Connect
    [22/06/2007|20:03] C:\Program Files\Windows Media Connect 2
    [22/06/2007|20:03] C:\Program Files\Windows Media Player
    [20/10/2005|22:36] C:\Program Files\Windows NT
    [20/10/2005|22:36] C:\Program Files\WindowsUpdate
    [25/11/2005|17:18] C:\Program Files\WinPcap
    [04/03/2010|01:17] C:\Program Files\WinRAR
    [13/04/2010|21:15] C:\Program Files\WinZip
    [20/10/2005|22:36] C:\Program Files\xerox
    [20/10/2005|15:19] C:\Program Files\Xnview
    [20/10/2005|15:47] C:\Program Files\Zero G Registry
    [27/03/2010|19:27] C:\Program Files\ZHPDiag

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [20/10/2005|14:56] C:\Program Files\Fichiers communs\Acronis
    [02/03/2010|00:38] C:\Program Files\Fichiers communs\Adobe
    [02/12/2009|23:01] C:\Program Files\Fichiers communs\AOL
    [17/06/2007|18:46] C:\Program Files\Fichiers communs\aolback
    [24/11/2005|16:57] C:\Program Files\Fichiers communs\Designer
    [18/03/2008|23:44] C:\Program Files\Fichiers communs\EZB Systems
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\InstallShield
    [11/05/2009|19:58] C:\Program Files\Fichiers communs\Microsoft Shared
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\MSSoap
    [24/11/2005|16:54] C:\Program Files\Fichiers communs\Network Associates
    [20/10/2005|15:27] C:\Program Files\Fichiers communs\Novel Shared
    [17/06/2007|18:45] C:\Program Files\Fichiers communs\Nullsoft
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\ODBC
    [17/06/2007|18:45] C:\Program Files\Fichiers communs\Real
    [20/10/2005|18:10] C:\Program Files\Fichiers communs\Roxio Shared
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\Services
    [20/10/2005|15:27] C:\Program Files\Fichiers communs\Software FX Shared
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\Sonic
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\SpeechEngines
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\SureThing Shared
    [11/05/2009|19:56] C:\Program Files\Fichiers communs\System
    [24/11/2005|17:01] C:\Program Files\Fichiers communs\Visio Shared
    [20/10/2005|15:25] C:\Program Files\Fichiers communs\Wg
    [13/03/2009|18:39] C:\Program Files\Fichiers communs\Windows Live
    [01/03/2008|20:32] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 62 Processes )

    IEXPLORE.EXE ~ [PID:1484]
    IEXPLORE.EXE ~ [PID:1836]

    --------------------\\ Recherche avec S_Lop

    C:\DOCUME~1\admin\APPLIC~1\ABOUTV~1
    C:\DOCUME~1\admin\APPLIC~1\ABOUTV~1\Fast Itch Tool.exe
    C:\DOCUME~1\admin\APPLIC~1\ABOUTV~1\oepdiiqz.exe
    C:\DOCUME~1\admin\APPLIC~1\ABOUTV~1\TypeBrowseHope.exe
    C:\DOCUME~1\admin\APPLIC~1\ABOUTV~1\ynscqzhq.exe
    C:\DOCUME~1\admin\APPLIC~1\ABOUTV~1\zprluqku.exe

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\dumb help.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\dumb help.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\heck hide.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\heck hide.exe
    C:\DOCUME~1\admin\APPLIC~1\aboutv~1
    C:\DOCUME~1\admin\APPLIC~1\aboutv~1\Fast Itch Tool.exe
    C:\DOCUME~1\admin\APPLIC~1\aboutv~1\oepdiiqz.exe
    C:\DOCUME~1\admin\APPLIC~1\aboutv~1\TypeBrowseHope.exe
    C:\DOCUME~1\admin\APPLIC~1\aboutv~1\ynscqzhq.exe
    C:\DOCUME~1\admin\APPLIC~1\aboutv~1\zprluqku.exe
    C:\Program Files\aboutv~1
    C:\Program Files\TorrentSpeeder
    C:\Program Files\TorrentSpeeder\config
    C:\Program Files\TorrentSpeeder\data
    C:\Program Files\TorrentSpeeder\torrentspeeder.exe
    C:\Program Files\TorrentSpeeder\TorrentSpeeder.url
    C:\WINDOWS\Tasks\ABB3086B9184BDEB.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\move upload road]
    "DisplayName"="CiD Help"
    "UninstallString"="C:\\DOCUME~1\\admin\\APPLIC~1\\ABOUTV~1\\TypeBrowseHope.exe -uninstall"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "4 Grey"="C:\\DOCUME~1\\admin\\APPLIC~1\\ABOUTV~1\\TypeBrowseHope.exe"
    "4 Grey"="C:\\DOCUME~1\\admin\\APPLIC~1\\ABOUTV~1\\TypeBrowseHope.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Cake Wipe Inside Wma"="C:\\Documents and Settings\\All Users\\Application Data\\flag barb cake wipe\\dumb help.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-04-15 13:17:39
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 7

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\admin\Mes documents\ENORA\SONS eno\Let's do it again leela james crack [2009]
    C:\DOCUME~1\admin\Mes documents\ENORA\SONS eno\Let's do it again leela james crack [2009]\patch
    C:\DOCUME~1\admin\Mes documents\ENORA\SONS eno\Let's do it again leela james crack [2009]\readme.url
    C:\DOCUME~1\admin\Mes documents\ENORA\SONS eno\Let's do it again leela james crack [2009]\Setup.exe
    C:\DOCUME~1\admin\Mes documents\ENORA\SONS eno\Let's do it again leela james crack [2009]\patch\keygen.exe
    C:\DOCUME~1\admin\Mes documents\Tests_SGACON\Logiciels\Microsoft Office 2007 Entreprise French KEYGEN Cd Key Version Pro, Visio, Project,.iso
    C:\DOCUME~1\admin\Mes documents\Tests_SGACON\MATLAB\Matlab v7 keygen.exe


    [F:19][D:3]-> C:\DOCUME~1\admin\LOCALS~1\Temp
    [F:6][D:0]-> C:\DOCUME~1\admin\Cookies
    [F:40][D:4]-> C:\DOCUME~1\admin\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 15/04/2011|13:23 - Option : [1]

    --------------------\\ Fin du rapport a 13:23:31

    Alors qu'est ce qui déconne sur mon ordi???
    a c 267 8 Sécurité
    15 Avril 2011 14:08:30

  • Relance Lop S&D.
    (Sous Vista/Win7, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    15 Avril 2011 15:05:06

    Voici le rapport:

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
    BIOS : EPP runtime BIOS - Version 1.1
    USER : admin ( Administrator )
    BOOT : Normal boot
    Firewall : ZoneAlarm Firewall 9.2.106.000 (Not Activated)
    C:\ (Local Disk) - NTFS - Total:55 Go (Free:12 Go)
    D:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 15/04/2011|14:59 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\dumb help.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\dumb help.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\heck hide.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\heck hide.exe
    Supprime! - C:\DOCUME~1\admin\APPLIC~1\aboutv~1\Fast Itch Tool.exe
    Supprime! - C:\DOCUME~1\admin\APPLIC~1\aboutv~1\oepdiiqz.exe
    Supprime! - C:\DOCUME~1\admin\APPLIC~1\aboutv~1\TypeBrowseHope.exe
    Supprime! - C:\DOCUME~1\admin\APPLIC~1\aboutv~1\ynscqzhq.exe
    Supprime! - C:\DOCUME~1\admin\APPLIC~1\aboutv~1\zprluqku.exe
    Supprime! - C:\Program Files\TorrentSpeeder\config
    Supprime! - C:\Program Files\TorrentSpeeder\data
    Supprime! - C:\Program Files\TorrentSpeeder\torrentspeeder.exe
    Supprime! - C:\Program Files\TorrentSpeeder\TorrentSpeeder.url
    Supprime! - C:\WINDOWS\Tasks\ABB3086B9184BDEB.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe
    Supprime! - C:\DOCUME~1\admin\APPLIC~1\aboutv~1
    Supprime! - C:\Program Files\aboutv~1
    Supprime! - C:\Program Files\TorrentSpeeder
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\Program Files\Viewpoint
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [02/02/2006|11:55] C:\DOCUME~1\admin\APPLIC~1\ACD Systems
    [29/06/2007|17:23] C:\DOCUME~1\admin\APPLIC~1\Adobe
    [29/06/2007|17:11] C:\DOCUME~1\admin\APPLIC~1\AdobeUM
    [01/12/2009|21:22] C:\DOCUME~1\admin\APPLIC~1\AOL
    [29/01/2011|11:27] C:\DOCUME~1\admin\APPLIC~1\Canon
    [18/12/2006|20:47] C:\DOCUME~1\admin\APPLIC~1\Ethereal
    [28/11/2009|00:58] C:\DOCUME~1\admin\APPLIC~1\FileZilla
    [23/03/2006|12:49] C:\DOCUME~1\admin\APPLIC~1\Help
    [20/10/2005|22:36] C:\DOCUME~1\admin\APPLIC~1\Identities
    [16/01/2008|13:51] C:\DOCUME~1\admin\APPLIC~1\InterVideo
    [12/03/2006|19:50] C:\DOCUME~1\admin\APPLIC~1\Leadertech
    [17/06/2007|18:48] C:\DOCUME~1\admin\APPLIC~1\Macromedia
    [01/12/2009|10:14] C:\DOCUME~1\admin\APPLIC~1\Malwarebytes
    [23/05/2007|20:48] C:\DOCUME~1\admin\APPLIC~1\MathWorks
    [17/04/2010|02:39] C:\DOCUME~1\admin\APPLIC~1\Microsoft
    [18/06/2008|19:23] C:\DOCUME~1\admin\APPLIC~1\Mozilla
    [27/11/2009|11:00] C:\DOCUME~1\admin\APPLIC~1\MySQL
    [14/10/2009|16:38] C:\DOCUME~1\admin\APPLIC~1\Notepad++
    [05/09/2007|23:05] C:\DOCUME~1\admin\APPLIC~1\OfficeUpdate12
    [22/05/2006|18:07] C:\DOCUME~1\admin\APPLIC~1\Roxio
    [12/03/2006|19:50] C:\DOCUME~1\admin\APPLIC~1\Sonic
    [17/06/2007|18:56] C:\DOCUME~1\admin\APPLIC~1\Sun
    [22/11/2005|15:42] C:\DOCUME~1\admin\APPLIC~1\Symantec
    [04/03/2010|01:18] C:\DOCUME~1\admin\APPLIC~1\WinRAR
    [17/06/2007|18:46] C:\DOCUME~1\admin\APPLIC~1\You've Got Pictures Screensaver

    [24/11/2005|17:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [24/11/2005|17:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
    [25/11/2005|17:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ethereal
    [21/10/2005|09:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
    [20/10/2005|22:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [24/11/2005|09:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [20/10/2005|16:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft Web Folders
    [20/10/2005|22:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
    [22/11/2005|15:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

    [03/02/2006|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
    [20/10/2005|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis
    [02/03/2010|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [25/06/2007|23:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
    [19/09/2008|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
    [20/10/2005|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
    [01/12/2009|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [13/03/2009|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [27/12/2008|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [24/11/2005|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
    [15/03/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [20/10/2005|22:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [14/04/2011|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [23/11/2005|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [19/06/2007|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [02/11/2010|23:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [01/03/2008|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [20/10/2005|22:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [20/10/2005|22:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [20/10/2005|22:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
    [20/10/2005|22:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [20/10/2005|22:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [20/10/2005|22:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft


    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [15/04/2011 13:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 10:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [25/11/2005|17:34] C:\Program Files\7-Zip
    [20/10/2005|14:56] C:\Program Files\Acronis
    [20/10/2005|15:25] C:\Program Files\Acterna
    [02/03/2010|00:37] C:\Program Files\Adobe
    [20/10/2005|15:41] C:\Program Files\Agilent
    [20/10/2005|22:36] C:\Program Files\Altiris
    [20/10/2005|22:36] C:\Program Files\Analog Devices
    [09/01/2006|11:07] C:\Program Files\Anritsu
    [01/12/2009|21:23] C:\Program Files\AOL
    [26/06/2007|15:57] C:\Program Files\AOL Toolbar
    [30/11/2009|13:39] C:\Program Files\Ask Search Assistant
    [29/01/2011|11:14] C:\Program Files\Canon
    [14/04/2011|12:07] C:\Program Files\CCleaner
    [20/10/2005|18:07] C:\Program Files\CE_Link
    [20/10/2005|15:14] C:\Program Files\Cisco Systems
    [20/10/2005|22:36] C:\Program Files\ComPlus Applications
    [10/08/2009|15:01] C:\Program Files\Conduit
    [13/03/2011|14:57] C:\Program Files\ConduitEngine
    [21/10/2005|08:49] C:\Program Files\Connectix
    [20/10/2005|18:04] C:\Program Files\Dranview
    [08/05/2007|12:54] C:\Program Files\easetech
    [20/10/2005|22:36] C:\Program Files\Easy Internet signup
    [13/02/2011|19:41] C:\Program Files\eMule
    [24/01/2010|20:53] C:\Program Files\eToro
    [01/12/2009|21:23] C:\Program Files\Fichiers communs
    [20/10/2005|15:13] C:\Program Files\FileZilla
    [27/11/2009|12:40] C:\Program Files\FileZilla FTP Client
    [25/11/2005|17:28] C:\Program Files\FlukeView
    [10/03/2006|12:29] C:\Program Files\HP_Bench
    [20/10/2005|13:38] C:\Program Files\HPQ
    [10/08/2009|15:00] C:\Program Files\InstallShield Installation Information
    [20/10/2005|22:36] C:\Program Files\Intel
    [27/12/2008|20:37] C:\Program Files\Internet Explorer
    [20/10/2005|13:45] C:\Program Files\InterVideo
    [20/10/2005|14:12] C:\Program Files\Lavasoft
    [17/06/2007|18:46] C:\Program Files\Learn2.com
    [19/01/2008|00:56] C:\Program Files\lotus
    [14/04/2011|15:21] C:\Program Files\Malwarebytes' Anti-Malware
    [21/06/2007|16:24] C:\Program Files\MATLAB
    [27/12/2008|16:22] C:\Program Files\Messenger
    [13/03/2009|18:57] C:\Program Files\Microsoft
    [23/03/2008|21:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [20/10/2005|22:36] C:\Program Files\microsoft frontpage
    [11/05/2009|19:57] C:\Program Files\Microsoft Office
    [08/11/2009|15:01] C:\Program Files\Microsoft Silverlight
    [13/03/2009|19:00] C:\Program Files\Microsoft SQL Server Compact Edition
    [13/03/2009|19:01] C:\Program Files\Microsoft Sync Framework
    [23/03/2008|20:08] C:\Program Files\Microsoft Works
    [23/03/2008|20:07] C:\Program Files\Microsoft.NET
    [20/10/2005|22:36] C:\Program Files\Movie Maker
    [15/04/2011|13:13] C:\Program Files\Mozilla Firefox
    [20/10/2005|22:36] C:\Program Files\MSN
    [20/10/2005|22:36] C:\Program Files\MSN Gaming Zone
    [27/11/2009|10:58] C:\Program Files\MySQL
    [25/11/2005|16:59] C:\Program Files\National Instruments
    [20/10/2005|22:36] C:\Program Files\NetMeeting
    [24/11/2005|16:54] C:\Program Files\Network Associates
    [14/10/2009|16:38] C:\Program Files\Notepad++
    [20/10/2005|22:36] C:\Program Files\Online Services
    [19/06/2007|00:55] C:\Program Files\Outlook Express
    [20/10/2005|15:01] C:\Program Files\PrintKey2000
    [17/06/2007|18:45] C:\Program Files\QuickTime
    [20/10/2005|13:42] C:\Program Files\Raccourcis de programmes
    [17/06/2007|18:45] C:\Program Files\Real
    [24/11/2005|17:28] C:\Program Files\Rohde&Schwarz
    [20/10/2005|18:10] C:\Program Files\Roxio
    [20/10/2005|15:26] C:\Program Files\Seagate Software
    [20/10/2005|22:36] C:\Program Files\Services en ligne
    [27/10/2009|23:03] C:\Program Files\SFR
    [20/10/2005|22:36] C:\Program Files\Sonic
    [27/03/2010|20:42] C:\Program Files\Spybot - Search & Destroy
    [20/10/2005|22:36] C:\Program Files\Synaptics
    [17/06/2007|18:42] C:\Program Files\TechCity Solutions
    [17/06/2007|18:41] C:\Program Files\Thomson
    [18/03/2008|23:44] C:\Program Files\UltraISO
    [20/10/2005|22:36] C:\Program Files\Uninstall Information
    [10/03/2006|11:30] C:\Program Files\VBench
    [13/03/2011|14:57] C:\Program Files\WhiteSmoke_Tools
    [20/10/2005|13:46] C:\Program Files\WIDCOMM
    [30/07/2010|20:57] C:\Program Files\Windows Live
    [13/03/2009|18:56] C:\Program Files\Windows Live SkyDrive
    [22/06/2007|19:59] C:\Program Files\Windows Media Connect
    [22/06/2007|20:03] C:\Program Files\Windows Media Connect 2
    [22/06/2007|20:03] C:\Program Files\Windows Media Player
    [20/10/2005|22:36] C:\Program Files\Windows NT
    [20/10/2005|22:36] C:\Program Files\WindowsUpdate
    [25/11/2005|17:18] C:\Program Files\WinPcap
    [04/03/2010|01:17] C:\Program Files\WinRAR
    [13/04/2010|21:15] C:\Program Files\WinZip
    [20/10/2005|22:36] C:\Program Files\xerox
    [20/10/2005|15:19] C:\Program Files\Xnview
    [20/10/2005|15:47] C:\Program Files\Zero G Registry
    [27/03/2010|19:27] C:\Program Files\ZHPDiag

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [20/10/2005|14:56] C:\Program Files\Fichiers communs\Acronis
    [02/03/2010|00:38] C:\Program Files\Fichiers communs\Adobe
    [02/12/2009|23:01] C:\Program Files\Fichiers communs\AOL
    [17/06/2007|18:46] C:\Program Files\Fichiers communs\aolback
    [24/11/2005|16:57] C:\Program Files\Fichiers communs\Designer
    [18/03/2008|23:44] C:\Program Files\Fichiers communs\EZB Systems
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\InstallShield
    [11/05/2009|19:58] C:\Program Files\Fichiers communs\Microsoft Shared
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\MSSoap
    [24/11/2005|16:54] C:\Program Files\Fichiers communs\Network Associates
    [20/10/2005|15:27] C:\Program Files\Fichiers communs\Novel Shared
    [17/06/2007|18:45] C:\Program Files\Fichiers communs\Nullsoft
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\ODBC
    [17/06/2007|18:45] C:\Program Files\Fichiers communs\Real
    [20/10/2005|18:10] C:\Program Files\Fichiers communs\Roxio Shared
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\Services
    [20/10/2005|15:27] C:\Program Files\Fichiers communs\Software FX Shared
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\Sonic
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\SpeechEngines
    [20/10/2005|22:36] C:\Program Files\Fichiers communs\SureThing Shared
    [11/05/2009|19:56] C:\Program Files\Fichiers communs\System
    [24/11/2005|17:01] C:\Program Files\Fichiers communs\Visio Shared
    [20/10/2005|15:25] C:\Program Files\Fichiers communs\Wg
    [13/03/2009|18:39] C:\Program Files\Fichiers communs\Windows Live
    [01/03/2008|20:32] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 58 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-04-15 15:00:23
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 7

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\admin\Mes documents\ENORA\SONS eno\Let's do it again leela james crack [2009]
    C:\DOCUME~1\admin\Mes documents\ENORA\SONS eno\Let's do it again leela james crack [2009]\patch
    C:\DOCUME~1\admin\Mes documents\ENORA\SONS eno\Let's do it again leela james crack [2009]\readme.url
    C:\DOCUME~1\admin\Mes documents\ENORA\SONS eno\Let's do it again leela james crack [2009]\Setup.exe
    C:\DOCUME~1\admin\Mes documents\ENORA\SONS eno\Let's do it again leela james crack [2009]\patch\keygen.exe
    C:\DOCUME~1\admin\Mes documents\Tests_SGACON\Logiciels\Microsoft Office 2007 Entreprise French KEYGEN Cd Key Version Pro, Visio, Project,.iso
    C:\DOCUME~1\admin\Mes documents\Tests_SGACON\MATLAB\Matlab v7 keygen.exe


    [F:19][D:3]-> C:\DOCUME~1\admin\LOCALS~1\Temp
    [F:25][D:0]-> C:\DOCUME~1\admin\Cookies
    [F:316][D:4]-> C:\DOCUME~1\admin\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 15/04/2011|13:23 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 15/04/2011|15:01 - Option : [2]

    --------------------\\ Fin du rapport a 15:01:16
    15 Avril 2011 16:36:54

    Je n'ai plus deux iexplore.exe dans le gestionnaire des tâches et aucune fenêtre IE ne s'est ouverte depuis que j'ai fait la suppression.
    :) 
    Mon ordi serait-il guérit??
    a c 267 8 Sécurité
    15 Avril 2011 18:58:37

    Au vue du rapport, oui.

    Tu peux mettre à jour Malwarebytes' Anti-Malware et faire un scan rapide.
    16 Avril 2011 14:16:42

    Et bien c'est super, merci à toi Destrio5 et bon week end.
    a c 267 8 Sécurité
    16 Avril 2011 15:49:42

    1/

  • Télécharge DelFix sur ton Bureau.
  • Lance DelFix puis clique sur le bouton Suppression.
  • Poste le rapport (C:\DelFixSuppr.txt).
  • Supprime DelFix.


    2/

  • Télécharge et installe CCleaner.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Voici un dossier sur la prévention et sécurité sur Internet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS