Se connecter / S'enregistrer
Votre question

désinfection pub CID

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Novembre 2008 12:02:20

Bonjour,

Depuis quelque temps je recevai des pub CID a chaque fois que je me connaictai à internet. je pense que c'est terminé mais je n'en suis pas sur.
Voici mon rapport HijackThis.
Pouvez vous me dire si mon PC est infecté SVP?
D'avance merci à tous.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:39, on 10/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\eMule\emule.exe
C:\PROGRA~1\IBM\CLIENT~1\cwblmsrv.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\IBM\CLIENT~1\Emulator\pcsws.exe
C:\PROGRA~1\IBM\CLIENT~1\Emulator\PCSCM.EXE
C:\PROGRAM FILES\IBM\CLIENT ACCESS\EMULATOR\pcsws.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qk...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60001
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60001
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TerraTec Scheduler] "C:\Program Files\Fichiers communs\TerraTec\Scheduler\TTTimer.exe"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe"
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\CwbSvStr.Exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (User 'Default user')
O4 - .DEFAULT User Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrob...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Fonction Commande à distance de Client Access Express (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

Autres pages sur : desinfection pub cid

10 Novembre 2008 17:44:10

Hello,

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    29 Juillet 2009 15:25:30

    voici mon rapport :


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
    BIOS : BIOS Date: 06/19/06 16:27:06 Ver: 08.00.12
    USER : eric ( Administrator )
    BOOT : Normal boot
    Antivirus : Avira AntiVir PersonalEdition 8.0.1.15 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:153 Go (Free:16 Go)
    D:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( 29/07/2009|15:24 )

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Bar"="http://search.ke.voila.fr/S/voila?kw="
    "Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
    "Url"="http://go.microsoft.com/fwlink/?LinkID=44406"
    "Url"="http://go.microsoft.com/fwlink/?LinkID=68929"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\eric\Bureau\jeux\popcap\EASYCRACKS.NET.NFO



    1 - "C:\ToolBar SD\TB_1.txt" - 29/07/2009|15:24 - Option : [1]

    -----------\\ Fin du rapport a 15:24:49,51


    que dois-je faire apres sa ?

    merci
    Contenus similaires
    a c 267 8 Sécurité
    a b , Internet Explorer
    29 Juillet 2009 16:06:06

    Bonjour erpayen,

  • Télécharge Lop S&D sur ton Bureau.
  • Double-clique dessus pour lancer l'installation.
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur le raccourci Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    2 Août 2009 16:17:49

    voici le rapport
    que dois je faire
    merci
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
    BIOS : BIOS Date: 06/19/06 16:27:06 Ver: 08.00.12
    USER : eric ( Administrator )
    BOOT : Normal boot
    Antivirus : Avira AntiVir PersonalEdition 8.0.1.15 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:153 Go (Free:15 Go)
    D:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 02/08/2009|16:03 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [05/12/2006|10:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [27/09/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [22/05/2009|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [05/12/2006|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [27/09/2008|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [27/09/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [02/01/2009|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [23/07/2009|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web
    [26/04/2009|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [27/07/2009|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
    [27/07/2009|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonIJPLM
    [04/01/2007|17:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [19/04/2009|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eGames
    [19/03/2009|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EscapeTheMuseum
    [28/03/2009|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flood Light Games
    [05/09/2007|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
    [25/11/2007|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
    [08/04/2009|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
    [25/09/2008|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [05/05/2009|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [25/11/2007|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
    [05/05/2009|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [05/05/2009|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
    [14/03/2007|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
    [30/12/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [09/04/2009|16:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/09/2008|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
    [12/12/2006|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
    [23/06/2007|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
    [28/11/2007|22:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
    [15/04/2009|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [01/12/2007|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Playtonium Games
    [10/02/2007|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [12/02/2008|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SimCity Societies
    [12/12/2006|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
    [29/07/2009|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [19/04/2009|09:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [05/05/2009|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
    [05/12/2006|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [09/04/2009|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [21/09/2008|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [26/04/2009|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [21/09/2008|20:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [24/11/2008|08:10] C:\DOCUME~1\eric\APPLIC~1\Adobe
    [24/11/2008|08:11] C:\DOCUME~1\eric\APPLIC~1\AdobeUM
    [13/05/2009|07:12] C:\DOCUME~1\eric\APPLIC~1\Apple Computer
    [26/07/2009|12:26] C:\DOCUME~1\eric\APPLIC~1\ATI
    [19/07/2009|19:56] C:\DOCUME~1\eric\APPLIC~1\Canon
    [24/11/2008|14:14] C:\DOCUME~1\eric\APPLIC~1\HP
    [25/07/2009|22:01] C:\DOCUME~1\eric\APPLIC~1\HPAppData
    [26/10/2008|19:37] C:\DOCUME~1\eric\APPLIC~1\Identities
    [26/10/2008|19:40] C:\DOCUME~1\eric\APPLIC~1\Macromedia
    [26/07/2009|18:33] C:\DOCUME~1\eric\APPLIC~1\Microsoft
    [24/11/2008|15:27] C:\DOCUME~1\eric\APPLIC~1\Sun
    [08/03/2009|23:54] C:\DOCUME~1\eric\APPLIC~1\vlc

    [05/12/2006|10:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft


    [05/12/2006|10:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [05/12/2006|10:59] C:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
    [05/12/2006|11:04] C:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia
    [05/12/2006|13:00] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [02/08/2009 16:00][--ah-----] C:\WINDOWS\tasks\AA08F249918B62D1.job
    [29/07/2009 19:26][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [02/08/2009 13:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( AA08F249918B62D1.job )=( c:\docume~1\marion\applic~1\slowpl~1\IdleLoadDefault.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [24/01/2009|12:42] C:\Program Files\7-Zip
    [08/12/2007|17:32] C:\Program Files\Activision
    [11/01/2009|20:53] C:\Program Files\Adobe
    [05/12/2006|11:32] C:\Program Files\Ahead
    [07/09/2008|12:06] C:\Program Files\Alwil Software
    [05/12/2006|11:47] C:\Program Files\Analog Devices
    [27/07/2009|15:00] C:\Program Files\Antipub
    [27/09/2008|14:03] C:\Program Files\Apple Software Update
    [05/12/2006|12:01] C:\Program Files\ATI Technologies
    [02/01/2009|12:34] C:\Program Files\Avira
    [19/07/2009|19:56] C:\Program Files\Canon
    [28/08/2008|15:15] C:\Program Files\CCleaner
    [05/12/2006|10:54] C:\Program Files\ComPlus Applications
    [05/12/2006|11:33] C:\Program Files\CyberLink
    [26/04/2009|18:21] C:\Program Files\Fichiers communs
    [25/09/2008|20:07] C:\Program Files\Google
    [21/07/2009|15:14] C:\Program Files\gPotato.eu
    [05/12/2006|11:18] C:\Program Files\HighMAT CD Writing Wizard
    [05/05/2009|18:09] C:\Program Files\HP
    [19/07/2009|19:26] C:\Program Files\InstallShield Installation Information
    [29/07/2009|08:54] C:\Program Files\Internet Explorer
    [27/09/2008|14:04] C:\Program Files\iPod
    [27/09/2008|14:05] C:\Program Files\iTunes
    [08/05/2009|11:49] C:\Program Files\Java
    [30/12/2008|19:40] C:\Program Files\Logitech
    [28/07/2009|17:14] C:\Program Files\Maxis
    [01/10/2008|07:18] C:\Program Files\Messenger
    [09/04/2009|16:23] C:\Program Files\Microsoft
    [16/11/2008|21:53] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [05/12/2006|10:56] C:\Program Files\microsoft frontpage
    [11/05/2008|21:29] C:\Program Files\Microsoft Office
    [09/04/2009|16:23] C:\Program Files\Microsoft Office Outlook Connector
    [31/07/2009|21:00] C:\Program Files\Microsoft Silverlight
    [21/09/2008|20:19] C:\Program Files\Microsoft SQL Server Compact Edition
    [09/04/2009|16:22] C:\Program Files\Microsoft Sync Framework
    [11/05/2008|21:28] C:\Program Files\Microsoft.NET
    [01/10/2008|07:14] C:\Program Files\Movie Maker
    [18/05/2009|19:52] C:\Program Files\MP3 Player Utilities 1.51
    [16/02/2009|20:18] C:\Program Files\MPMAN
    [01/10/2008|07:14] C:\Program Files\msn
    [28/08/2008|13:06] C:\Program Files\MSN Games
    [05/12/2006|10:53] C:\Program Files\MSN Gaming Zone
    [26/06/2007|21:43] C:\Program Files\MSXML 4.0
    [28/07/2009|15:36] C:\Program Files\Navilog1
    [01/10/2008|07:12] C:\Program Files\NetMeeting
    [19/07/2009|20:01] C:\Program Files\Oberon Media
    [28/08/2008|13:31] C:\Program Files\OpenOffice.org 2.0
    [21/02/2009|12:49] C:\Program Files\orange
    [21/09/2008|15:55] C:\Program Files\OrangeHSS
    [01/10/2008|07:12] C:\Program Files\Outlook Express
    [27/07/2009|14:59] C:\Program Files\Panda Security
    [26/07/2009|18:21] C:\Program Files\Panicware
    [26/04/2009|15:11] C:\Program Files\Recuva
    [21/09/2008|15:53] C:\Program Files\Securitoo
    [05/12/2006|10:55] C:\Program Files\Services en ligne
    [23/07/2009|17:19] C:\Program Files\SLOW PLATFORM SECT
    [28/07/2009|14:54] C:\Program Files\Spybot - Search & Destroy
    [30/07/2009|17:14] C:\Program Files\Steam
    [31/10/2008|16:27] C:\Program Files\TeamSpeak3
    [29/07/2009|15:08] C:\Program Files\Trend Micro
    [05/12/2006|10:59] C:\Program Files\Uninstall Information
    [05/12/2006|11:43] C:\Program Files\VIA
    [10/01/2007|10:12] C:\Program Files\VideoLAN
    [05/12/2006|11:25] C:\Program Files\Windows Journal Viewer
    [09/04/2009|16:22] C:\Program Files\Windows Live
    [09/04/2009|16:19] C:\Program Files\Windows Live SkyDrive
    [09/04/2009|16:22] C:\Program Files\Windows Live Toolbar
    [05/12/2006|11:13] C:\Program Files\Windows Media Connect 2
    [01/10/2008|07:12] C:\Program Files\Windows Media Player
    [01/10/2008|07:12] C:\Program Files\Windows NT
    [05/12/2006|10:55] C:\Program Files\WindowsUpdate
    [02/06/2007|22:08] C:\Program Files\WinRAR
    [05/12/2006|10:56] C:\Program Files\xerox
    [26/04/2009|15:11] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [22/05/2009|15:34] C:\Program Files\Fichiers communs\Adobe
    [05/12/2006|11:32] C:\Program Files\Fichiers communs\Ahead
    [28/07/2009|21:01] C:\Program Files\Fichiers communs\Apple
    [26/04/2009|18:21] C:\Program Files\Fichiers communs\BOONTY Shared
    [03/01/2009|14:19] C:\Program Files\Fichiers communs\CANON
    [27/11/2008|07:59] C:\Program Files\Fichiers communs\Cisco Systems
    [11/05/2008|21:29] C:\Program Files\Fichiers communs\DESIGNER
    [21/09/2008|15:52] C:\Program Files\Fichiers communs\France Telecom
    [15/11/2008|15:05] C:\Program Files\Fichiers communs\Hewlett-Packard
    [15/11/2008|15:09] C:\Program Files\Fichiers communs\HP
    [05/12/2006|11:46] C:\Program Files\Fichiers communs\InstallShield
    [25/06/2007|13:32] C:\Program Files\Fichiers communs\Labtec
    [05/03/2009|23:03] C:\Program Files\Fichiers communs\Microsoft Shared
    [05/12/2006|10:54] C:\Program Files\Fichiers communs\MSSoap
    [21/02/2009|12:49] C:\Program Files\Fichiers communs\Oberon Media
    [05/12/2006|11:48] C:\Program Files\Fichiers communs\ODBC
    [05/12/2006|10:54] C:\Program Files\Fichiers communs\Services
    [05/12/2006|11:48] C:\Program Files\Fichiers communs\SpeechEngines
    [09/04/2009|16:23] C:\Program Files\Fichiers communs\System
    [09/04/2009|16:13] C:\Program Files\Fichiers communs\Windows Live
    [21/09/2008|20:17] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 56 Processes )

    IEXPLORE.EXE ~ [PID:204]
    iexplore.exe ~ [PID:1748]
    iexplore.exe ~ [PID:1244]
    iexplore.exe ~ [PID:484]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web\Drive bold.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web\Drive bold.exe
    C:\Program Files\slowpl~1
    C:\DOCUME~1\eric\LOCALS~1\Temp\msgpl_1524.tmp
    C:\DOCUME~1\eric\LOCALS~1\Temp\stadistic.log
    C:\DOCUME~1\eric\Cookies\eric@www.adserver5[1].txt
    C:\DOCUME~1\eric\Cookies\eric@cotedazurpalace[2].txt
    C:\DOCUME~1\eric\Cookies\eric@serve.cotedazurpalace[1].txt
    C:\DOCUME~1\eric\Cookies\eric@serve.cotedazurpalace[2].txt
    C:\DOCUME~1\eric\Cookies\eric@www.cotedazurpalace[1].txt
    C:\DOCUME~1\eric\Cookies\eric@www.cotedazurpalace[3].txt
    C:\WINDOWS\Tasks\AA08F249918B62D1.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "axis web cake second"="C:\\Documents and Settings\\All Users\\Application Data\\Book Slow Axis Web\\Drive bold.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-08-02 16:03:51
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\eric\Bureau\jeux\popcap\EASYCRACKS.NET.NFO


    [F:159][D:39]-> C:\DOCUME~1\eric\LOCALS~1\Temp
    [F:173][D:0]-> C:\DOCUME~1\eric\Cookies
    [F:7629][D:20]-> C:\DOCUME~1\eric\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 02/08/2009|16:04 - Option : [1]

    --------------------\\ Fin du rapport a 16:04:35
    a c 267 8 Sécurité
    a b , Internet Explorer
    2 Août 2009 16:29:59

  • Relance Lop S&D.
    (Sous Vista, il faut cliquer droit sur le raccourci Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    3 Août 2009 14:15:36


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
    BIOS : BIOS Date: 06/19/06 16:27:06 Ver: 08.00.12
    USER : eric ( Administrator )
    BOOT : Normal boot
    Antivirus : Avira AntiVir PersonalEdition 8.0.1.15 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:153 Go (Free:15 Go)
    D:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 03/08/2009|14:15 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web\Drive bold.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web\Drive bold.exe
    Supprime! - C:\DOCUME~1\eric\LOCALS~1\Temp\msgpl_1524.tmp
    Supprime! - C:\DOCUME~1\eric\LOCALS~1\Temp\stadistic.log
    Supprime! - C:\DOCUME~1\eric\Cookies\eric@www.adserver5[1].txt
    Supprime! - C:\DOCUME~1\eric\Cookies\eric@serve.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\eric\Cookies\eric@www.cotedazurpalace[1].txt
    Supprime! - C:\WINDOWS\Tasks\AA08F249918B62D1.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web
    Supprime! - C:\Program Files\slowpl~1
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [05/12/2006|10:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [27/09/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [22/05/2009|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [05/12/2006|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [27/09/2008|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [27/09/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [02/01/2009|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [26/04/2009|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [27/07/2009|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
    [27/07/2009|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonIJPLM
    [04/01/2007|17:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [19/04/2009|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eGames
    [19/03/2009|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EscapeTheMuseum
    [28/03/2009|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flood Light Games
    [05/09/2007|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
    [25/11/2007|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
    [08/04/2009|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
    [25/09/2008|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [05/05/2009|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [25/11/2007|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
    [05/05/2009|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [05/05/2009|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
    [14/03/2007|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
    [30/12/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [09/04/2009|16:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/09/2008|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
    [12/12/2006|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
    [23/06/2007|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
    [28/11/2007|22:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
    [15/04/2009|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [01/12/2007|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Playtonium Games
    [10/02/2007|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [12/02/2008|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SimCity Societies
    [12/12/2006|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
    [29/07/2009|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [19/04/2009|09:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [05/05/2009|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
    [05/12/2006|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [09/04/2009|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [21/09/2008|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [26/04/2009|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [21/09/2008|20:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [24/11/2008|08:10] C:\DOCUME~1\eric\APPLIC~1\Adobe
    [24/11/2008|08:11] C:\DOCUME~1\eric\APPLIC~1\AdobeUM
    [13/05/2009|07:12] C:\DOCUME~1\eric\APPLIC~1\Apple Computer
    [26/07/2009|12:26] C:\DOCUME~1\eric\APPLIC~1\ATI
    [19/07/2009|19:56] C:\DOCUME~1\eric\APPLIC~1\Canon
    [24/11/2008|14:14] C:\DOCUME~1\eric\APPLIC~1\HP
    [25/07/2009|22:01] C:\DOCUME~1\eric\APPLIC~1\HPAppData
    [26/10/2008|19:37] C:\DOCUME~1\eric\APPLIC~1\Identities
    [26/10/2008|19:40] C:\DOCUME~1\eric\APPLIC~1\Macromedia
    [26/07/2009|18:33] C:\DOCUME~1\eric\APPLIC~1\Microsoft
    [24/11/2008|15:27] C:\DOCUME~1\eric\APPLIC~1\Sun
    [08/03/2009|23:54] C:\DOCUME~1\eric\APPLIC~1\vlc

    [05/12/2006|10:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft


    [05/12/2006|10:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [05/12/2006|10:59] C:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
    [05/12/2006|11:04] C:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia
    [05/12/2006|13:00] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [29/07/2009 19:26][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [03/08/2009 12:40][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [24/01/2009|12:42] C:\Program Files\7-Zip
    [08/12/2007|17:32] C:\Program Files\Activision
    [11/01/2009|20:53] C:\Program Files\Adobe
    [05/12/2006|11:32] C:\Program Files\Ahead
    [07/09/2008|12:06] C:\Program Files\Alwil Software
    [05/12/2006|11:47] C:\Program Files\Analog Devices
    [27/07/2009|15:00] C:\Program Files\Antipub
    [27/09/2008|14:03] C:\Program Files\Apple Software Update
    [05/12/2006|12:01] C:\Program Files\ATI Technologies
    [02/01/2009|12:34] C:\Program Files\Avira
    [19/07/2009|19:56] C:\Program Files\Canon
    [28/08/2008|15:15] C:\Program Files\CCleaner
    [05/12/2006|10:54] C:\Program Files\ComPlus Applications
    [05/12/2006|11:33] C:\Program Files\CyberLink
    [26/04/2009|18:21] C:\Program Files\Fichiers communs
    [25/09/2008|20:07] C:\Program Files\Google
    [21/07/2009|15:14] C:\Program Files\gPotato.eu
    [05/12/2006|11:18] C:\Program Files\HighMAT CD Writing Wizard
    [05/05/2009|18:09] C:\Program Files\HP
    [19/07/2009|19:26] C:\Program Files\InstallShield Installation Information
    [29/07/2009|08:54] C:\Program Files\Internet Explorer
    [27/09/2008|14:04] C:\Program Files\iPod
    [27/09/2008|14:05] C:\Program Files\iTunes
    [08/05/2009|11:49] C:\Program Files\Java
    [30/12/2008|19:40] C:\Program Files\Logitech
    [28/07/2009|17:14] C:\Program Files\Maxis
    [01/10/2008|07:18] C:\Program Files\Messenger
    [09/04/2009|16:23] C:\Program Files\Microsoft
    [16/11/2008|21:53] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [05/12/2006|10:56] C:\Program Files\microsoft frontpage
    [11/05/2008|21:29] C:\Program Files\Microsoft Office
    [09/04/2009|16:23] C:\Program Files\Microsoft Office Outlook Connector
    [31/07/2009|21:00] C:\Program Files\Microsoft Silverlight
    [21/09/2008|20:19] C:\Program Files\Microsoft SQL Server Compact Edition
    [09/04/2009|16:22] C:\Program Files\Microsoft Sync Framework
    [11/05/2008|21:28] C:\Program Files\Microsoft.NET
    [01/10/2008|07:14] C:\Program Files\Movie Maker
    [18/05/2009|19:52] C:\Program Files\MP3 Player Utilities 1.51
    [16/02/2009|20:18] C:\Program Files\MPMAN
    [01/10/2008|07:14] C:\Program Files\msn
    [28/08/2008|13:06] C:\Program Files\MSN Games
    [05/12/2006|10:53] C:\Program Files\MSN Gaming Zone
    [26/06/2007|21:43] C:\Program Files\MSXML 4.0
    [28/07/2009|15:36] C:\Program Files\Navilog1
    [01/10/2008|07:12] C:\Program Files\NetMeeting
    [19/07/2009|20:01] C:\Program Files\Oberon Media
    [28/08/2008|13:31] C:\Program Files\OpenOffice.org 2.0
    [21/02/2009|12:49] C:\Program Files\orange
    [21/09/2008|15:55] C:\Program Files\OrangeHSS
    [01/10/2008|07:12] C:\Program Files\Outlook Express
    [27/07/2009|14:59] C:\Program Files\Panda Security
    [26/07/2009|18:21] C:\Program Files\Panicware
    [26/04/2009|15:11] C:\Program Files\Recuva
    [21/09/2008|15:53] C:\Program Files\Securitoo
    [05/12/2006|10:55] C:\Program Files\Services en ligne
    [28/07/2009|14:54] C:\Program Files\Spybot - Search & Destroy
    [30/07/2009|17:14] C:\Program Files\Steam
    [31/10/2008|16:27] C:\Program Files\TeamSpeak3
    [29/07/2009|15:08] C:\Program Files\Trend Micro
    [05/12/2006|10:59] C:\Program Files\Uninstall Information
    [05/12/2006|11:43] C:\Program Files\VIA
    [10/01/2007|10:12] C:\Program Files\VideoLAN
    [05/12/2006|11:25] C:\Program Files\Windows Journal Viewer
    [09/04/2009|16:22] C:\Program Files\Windows Live
    [09/04/2009|16:19] C:\Program Files\Windows Live SkyDrive
    [09/04/2009|16:22] C:\Program Files\Windows Live Toolbar
    [05/12/2006|11:13] C:\Program Files\Windows Media Connect 2
    [01/10/2008|07:12] C:\Program Files\Windows Media Player
    [01/10/2008|07:12] C:\Program Files\Windows NT
    [05/12/2006|10:55] C:\Program Files\WindowsUpdate
    [02/06/2007|22:08] C:\Program Files\WinRAR
    [05/12/2006|10:56] C:\Program Files\xerox
    [26/04/2009|15:11] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [22/05/2009|15:34] C:\Program Files\Fichiers communs\Adobe
    [05/12/2006|11:32] C:\Program Files\Fichiers communs\Ahead
    [28/07/2009|21:01] C:\Program Files\Fichiers communs\Apple
    [26/04/2009|18:21] C:\Program Files\Fichiers communs\BOONTY Shared
    [03/01/2009|14:19] C:\Program Files\Fichiers communs\CANON
    [27/11/2008|07:59] C:\Program Files\Fichiers communs\Cisco Systems
    [11/05/2008|21:29] C:\Program Files\Fichiers communs\DESIGNER
    [21/09/2008|15:52] C:\Program Files\Fichiers communs\France Telecom
    [15/11/2008|15:05] C:\Program Files\Fichiers communs\Hewlett-Packard
    [15/11/2008|15:09] C:\Program Files\Fichiers communs\HP
    [05/12/2006|11:46] C:\Program Files\Fichiers communs\InstallShield
    [25/06/2007|13:32] C:\Program Files\Fichiers communs\Labtec
    [05/03/2009|23:03] C:\Program Files\Fichiers communs\Microsoft Shared
    [05/12/2006|10:54] C:\Program Files\Fichiers communs\MSSoap
    [21/02/2009|12:49] C:\Program Files\Fichiers communs\Oberon Media
    [05/12/2006|11:48] C:\Program Files\Fichiers communs\ODBC
    [05/12/2006|10:54] C:\Program Files\Fichiers communs\Services
    [05/12/2006|11:48] C:\Program Files\Fichiers communs\SpeechEngines
    [09/04/2009|16:23] C:\Program Files\Fichiers communs\System
    [09/04/2009|16:13] C:\Program Files\Fichiers communs\Windows Live
    [21/09/2008|20:17] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 51 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\eric\Cookies\eric@cotedazurpalace[1].txt
    C:\DOCUME~1\eric\Cookies\eric@serve.cotedazurpalace[3].txt
    C:\DOCUME~1\eric\Cookies\eric@www.cotedazurpalace[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-08-03 14:15:54
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\eric\Bureau\jeux\popcap\EASYCRACKS.NET.NFO


    [F:160][D:39]-> C:\DOCUME~1\eric\LOCALS~1\Temp
    [F:203][D:0]-> C:\DOCUME~1\eric\Cookies
    [F:8120][D:20]-> C:\DOCUME~1\eric\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 02/08/2009|16:04 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 03/08/2009|14:16 - Option : [2]

    --------------------\\ Fin du rapport a 14:16:39




    Merci pour ces informations.
    a c 267 8 Sécurité
    a b , Internet Explorer
    3 Août 2009 16:16:42

    Infection Lop/Swizzor supprimée.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS