Se connecter / S'enregistrer
Votre question

[RESOLU]Plein de fenetre pop up qui s'ouvrent !!!

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
28 Décembre 2008 14:50:02

Bonjour,
Voila j'ai plein de fenetres qui s'ouvrent tout le temps , du style PMU, CASINO ...c'est ttrés agassant .
Pouvez vous svp m :wahoo:  'aidez a bloquer ceci

Autres pages sur : resolu plein fenetre pop ouvrent

28 Décembre 2008 22:07:55

Bonsoir , merci beaucoup de m'avoir répondu alors voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:06:33, on 28/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Powercinema\PCMService.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\aol\1165354343\ee\aolsoftware.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Jean Pierre\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\Jean Pierre\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {D282D975-81A5-46C6-B3E2-D49621652D98} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCMService] "c:\Program Files\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1165354343\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SURF 64] "C:\ProgramData\Stupid Blah Blah.wr1kjtw"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\New dvd info.1xl0q"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = Jean Pierre\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D57A919-4A96-4702-82C6-010B24DEDC39}: NameServer = 213.36.80.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5D57A919-4A96-4702-82C6-010B24DEDC39}: NameServer = 213.36.80.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5D57A919-4A96-4702-82C6-010B24DEDC39}: NameServer = 213.36.80.1
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\Program Files\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\Program Files\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9788 bytes
Contenus similaires
29 Décembre 2008 00:40:44

Bonsoir halloum77,

*Télécharge LOP S&D (merci Team Idn) : http://eric.71.mespages.googlepages.com/lop.sd.exe
-Double-clique dessus pour l' installer, puis sur le raccourci Lop S&D présent sur ton Bureau
-Sélectionne la langue souhaitée et choisis l' option 1 (Recherche).
-Patiente jusqu' à la fin du scan.
-Poste le rapport (situé également ici : C:\lopR.txt).

A+ tard;).
29 Décembre 2008 13:14:22

Bonjour j'espére l'avoir fait correctement car tout les 2 minutes un message de windows apparaissait comme quoi une erreur s'était produite bref...et sinon l'ordi rame de plus en plus et beaucoup de fenetre"CID internet explorer" voici le rapport :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) D CPU 3.33GHz )
BIOS : Default System BIOS
USER : Jean Pierre ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:141 Go (Free:44 Go)
D:\ (CD or DVD)
E:\ (USB)
J:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 29/12/2008| 1:07 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[30/11/2007|18:19] C:\Users\JEANPI~1\AppData\Local\ABBYY
[19/07/2007|17:46] C:\Users\JEANPI~1\AppData\Local\Adobe
[18/11/2007|18:10] C:\Users\JEANPI~1\AppData\Local\Ahead
[18/03/2007|12:09] C:\Users\JEANPI~1\AppData\Local\AOL
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Application Data
[11/03/2008|14:11] C:\Users\JEANPI~1\AppData\Local\Ares
[18/03/2007|12:10] C:\Users\JEANPI~1\AppData\Local\ATI
[28/12/2008|20:27] C:\Users\JEANPI~1\AppData\Local\Axialis
[22/11/2007|22:29] C:\Users\JEANPI~1\AppData\Local\d3d9caps.dat
[27/12/2008|23:54] C:\Users\JEANPI~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2008|09:32] C:\Users\JEANPI~1\AppData\Local\erheaqf.bat
[13/11/2007|20:53] C:\Users\JEANPI~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19/10/2008|22:05] C:\Users\JEANPI~1\AppData\Local\Google
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Historique
[28/12/2008|12:10] C:\Users\JEANPI~1\AppData\Local\IconCache.db
[21/12/2008|22:17] C:\Users\JEANPI~1\AppData\Local\Microsoft
[28/02/2008|20:48] C:\Users\JEANPI~1\AppData\Local\Microsoft Games
[18/01/2008|20:45] C:\Users\JEANPI~1\AppData\Local\Microsoft Help
[13/11/2008|09:48] C:\Users\JEANPI~1\AppData\Local\mouuq.dat
[11/11/2008|13:22] C:\Users\JEANPI~1\AppData\Local\mouuq.exe
[09/11/2008|13:05] C:\Users\JEANPI~1\AppData\Local\mouuq_nav.dat
[13/11/2008|09:48] C:\Users\JEANPI~1\AppData\Local\mouuq_navps.dat
[18/03/2007|13:26] C:\Users\JEANPI~1\AppData\Local\Mozilla
[15/11/2007|18:14] C:\Users\JEANPI~1\AppData\Local\Nero
[10/03/2008|12:23] C:\Users\JEANPI~1\AppData\Local\PowerCinema
[16/06/2008|11:38] C:\Users\JEANPI~1\AppData\Local\Shareaza
[29/12/2008|01:06] C:\Users\JEANPI~1\AppData\Local\Temp
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Temporary Internet Files
[21/03/2007|20:04] C:\Users\JEANPI~1\AppData\Local\VirtualStore
[05/04/2007|16:15] C:\Users\JEANPI~1\AppData\Local\WindowsUpdate

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[29/12/2008 01:00][--a------] C:\Windows\tasks\Extension de garantie.job
[28/12/2008 12:46][--ah-----] C:\Windows\tasks\SA.DAT
[28/12/2008 12:10][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[16/03/2008|21:14] C:\ProgramData\addr_file.html
[09/11/2008|23:16] C:\ProgramData\Adobe
[18/11/2007|18:07] C:\ProgramData\Ahead
[26/11/2007|23:35] C:\ProgramData\AOL
[02/11/2006|13:59] C:\ProgramData\Application Data
[12/11/2008|22:45] C:\ProgramData\Avira
[30/11/2007|15:05] C:\ProgramData\Brother
[18/03/2007|12:03] C:\ProgramData\Bureau
[10/11/2007|20:31] C:\ProgramData\CanonBJ
[09/11/2007|21:01] C:\ProgramData\CyberLink
[02/11/2006|13:59] C:\ProgramData\Desktop
[02/11/2006|13:59] C:\ProgramData\Documents
[16/07/2008|22:20] C:\ProgramData\eMule
[18/03/2007|12:03] C:\ProgramData\Favoris
[02/11/2006|13:59] C:\ProgramData\Favorites
[21/03/2007|19:41] C:\ProgramData\FaxCtr
[26/11/2007|23:15] C:\ProgramData\Google
[05/12/2006|22:38] C:\ProgramData\InstallShield
[18/03/2007|12:53] C:\ProgramData\LUInstall.LiveUpdate
[15/03/2008|22:13] C:\ProgramData\Malwarebytes
[18/03/2007|12:03] C:\ProgramData\Menu Démarrer
[16/03/2008|19:06] C:\ProgramData\Messenger Plus!
[21/12/2008|23:06] C:\ProgramData\Microsoft
[30/11/2007|17:35] C:\ProgramData\Microsoft Help
[18/03/2007|12:03] C:\ProgramData\Modèles
[29/05/2008|10:37] C:\ProgramData\muvee Technologies
[18/11/2007|18:01] C:\ProgramData\Nero
[26/12/2008|12:56] C:\ProgramData\New dvd info.1xl0q
[20/03/2007|17:28] C:\ProgramData\QuickTime
[30/11/2007|15:45] C:\ProgramData\ScanSoft
[05/12/2006|22:38] C:\ProgramData\Sonic
[02/11/2006|13:59] C:\ProgramData\Start Menu
[23/12/2008|22:57] C:\ProgramData\Stupid Blah Blah.35lp9i1
[26/12/2008|12:55] C:\ProgramData\Stupid Blah Blah.wr1kjtw
[26/12/2008|12:55] C:\ProgramData\Stupid Blah Blah.y1lwcef
[23/12/2008|23:12] C:\ProgramData\Stupid Blah Blah.zw5d5
[05/04/2007|15:22] C:\ProgramData\Symantec
[02/11/2006|13:59] C:\ProgramData\Templates
[26/12/2008|12:56] C:\ProgramData\third lies itch ford
[26/12/2008|12:56] C:\ProgramData\thirdping
[05/12/2006|22:33] C:\ProgramData\Viewpoint
[05/11/2008|11:01] C:\ProgramData\vlc-0.9.4-win32.exe
[23/12/2008|22:30] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[09/11/2008|23:16] C:\Program Files\Adobe
[08/03/2008|23:46] C:\Program Files\Adobe(0)
[01/04/2007|10:52] C:\Program Files\Alwil Software
[05/04/2007|17:52] C:\Program Files\AOL
[24/03/2008|14:27] C:\Program Files\a-squared Free
[14/11/2007|18:57] C:\Program Files\Athan
[05/12/2006|22:31] C:\Program Files\ATI Technologies
[12/11/2008|22:45] C:\Program Files\Avira
[30/11/2007|15:14] C:\Program Files\Brother
[23/12/2008|22:55] C:\Program Files\Circle Developement
[21/12/2008|22:02] C:\Program Files\Common Files
[11/09/2008|10:59] C:\Program Files\Cyberlink
[24/11/2007|23:47] C:\Program Files\DVDVideoSoft
[22/04/2007|15:06] C:\Program Files\Elaborate Bytes
[06/02/2008|00:00] C:\Program Files\FlashGet
[19/10/2008|22:00] C:\Program Files\Google
[13/04/2008|19:12] C:\Program Files\InstallShield Installation Information
[01/12/2007|13:03] C:\Program Files\Internet Explorer
[11/11/2007|22:24] C:\Program Files\Islam
[11/12/2008|10:20] C:\Program Files\Java
[21/03/2007|19:42] C:\Program Files\Lexmark 3400 Series
[21/03/2007|19:39] C:\Program Files\Lexmark Toolbar
[17/06/2008|20:19] C:\Program Files\LimeWire
[11/06/2007|20:44] C:\Program Files\lx_cats
[15/03/2008|20:10] C:\Program Files\ma-config.com
[23/12/2008|23:10] C:\Program Files\Messenger Plus! Live
[14/11/2008|14:54] C:\Program Files\MessengerDiscovery
[23/12/2008|22:48] C:\Program Files\Microsoft
[13/05/2007|13:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:35] C:\Program Files\Microsoft Games
[29/03/2007|20:14] C:\Program Files\Microsoft Office
[21/12/2008|23:39] C:\Program Files\Microsoft Office Outlook Connector
[10/12/2007|14:08] C:\Program Files\Microsoft SQL Server Compact Edition
[29/03/2007|20:14] C:\Program Files\Microsoft Visual Studio
[26/11/2007|23:31] C:\Program Files\Microsoft Visual Studio 8
[29/03/2007|20:15] C:\Program Files\Microsoft Works
[29/03/2007|20:13] C:\Program Files\Microsoft.NET
[06/12/2006|07:17] C:\Program Files\Movie Maker
[21/12/2008|13:24] C:\Program Files\Mozilla Firefox
[29/03/2007|20:14] C:\Program Files\MSBuild
[02/11/2006|13:35] C:\Program Files\MSN
[18/11/2007|18:01] C:\Program Files\Nero
[05/12/2006|22:48] C:\Program Files\Packard Bell
[13/12/2007|22:52] C:\Program Files\Paltalk Messenger
[28/05/2008|13:31] C:\Program Files\PhotoFiltre
[05/12/2006|22:48] C:\Program Files\Powercinema
[20/03/2007|17:28] C:\Program Files\QuickTime
[20/03/2007|17:27] C:\Program Files\Real
[05/12/2006|22:30] C:\Program Files\Realtek
[02/11/2006|13:35] C:\Program Files\Reference Assemblies
[05/12/2006|22:38] C:\Program Files\Roxio
[30/11/2007|15:45] C:\Program Files\ScanSoft
[26/08/2008|12:21] C:\Program Files\Sun
[05/04/2007|15:21] C:\Program Files\Symantec
[11/03/2008|17:26] C:\Program Files\Trend Micro
[09/11/2007|21:13] C:\Program Files\uTorrent
[19/09/2008|10:29] C:\Program Files\VideoLAN
[05/12/2006|22:33] C:\Program Files\Viewpoint
[02/09/2007|11:35] C:\Program Files\Windows Calendar
[06/12/2006|07:17] C:\Program Files\Windows Collaboration
[11/04/2007|15:44] C:\Program Files\Windows Defender
[23/12/2008|22:48] C:\Program Files\Windows Live
[23/12/2008|22:46] C:\Program Files\Windows Live SkyDrive
[13/11/2007|19:49] C:\Program Files\Windows Mail
[26/11/2007|23:32] C:\Program Files\Windows Media Player
[26/11/2007|23:32] C:\Program Files\Windows NT
[06/12/2006|07:17] C:\Program Files\Windows Photo Gallery
[26/11/2007|23:32] C:\Program Files\Windows Sidebar
[29/07/2007|18:26] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[09/11/2008|23:16] C:\Program Files\Common Files\Adobe
[08/03/2008|23:47] C:\Program Files\Common Files\Adobe(96)
[18/11/2007|18:06] C:\Program Files\Common Files\Ahead
[27/01/2008|22:38] C:\Program Files\Common Files\aol
[20/03/2007|17:29] C:\Program Files\Common Files\aolback
[27/01/2008|22:38] C:\Program Files\Common Files\AOLSHARE
[09/11/2007|17:57] C:\Program Files\Common Files\Canon
[29/03/2007|20:14] C:\Program Files\Common Files\DESIGNER
[24/11/2007|23:47] C:\Program Files\Common Files\DVDVideoSoft
[30/11/2007|15:14] C:\Program Files\Common Files\InstallShield
[24/05/2008|12:43] C:\Program Files\Common Files\Java
[21/12/2008|23:38] C:\Program Files\Common Files\microsoft shared
[05/12/2006|22:34] C:\Program Files\Common Files\Nullsoft
[20/03/2007|17:27] C:\Program Files\Common Files\Real
[05/12/2006|22:38] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[09/11/2007|18:16] C:\Program Files\Common Files\snpstd
[05/12/2006|22:38] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[05/12/2006|22:38] C:\Program Files\Common Files\SureThing Shared
[05/04/2007|15:24] C:\Program Files\Common Files\Symantec Shared
[21/12/2008|23:39] C:\Program Files\Common Files\System
[21/12/2008|22:02] C:\Program Files\Common Files\Windows Live
[10/12/2007|14:06] C:\Program Files\Common Files\WindowsLiveInstaller
[10/03/2008|15:22] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 76 Processes )

iexplore.exe ~ [PID:2288]
iexplore.exe ~ [PID:2296]

--------------------\\ Recherche avec S_Lop

C:\Users\JEANPI~1\AppData\Local\Temp\bisE800.exe
C:\Users\JEANPI~1\AppData\Local\Temp\bisEDE8.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\third lies itch ford
C:\ProgramData\third lies itch ford\Axis does.dat
C:\ProgramData\third lies itch ford\Axis does.exe
C:\Users\JEANPI~1\AppData\Local\Temp\nsh91B5.tmp
C:\Users\JEANPI~1\AppData\Local\Temp\nsw8E44.tmp
C:\Users\JEANPI~1\AppData\Local\Temp\nswC4C2.tmp
C:\Users\JEANPI~1\AppData\Local\Temp\sta8928.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies\jean_pierre@advertising[1].txt
C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies\jean_pierre@adopt.euroclick[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 01:15:39
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 4

--------------------\\ Recherche d'autres infections

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner\Conditions générales.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner\Confidentialité.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner\Désinstaller.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner\MessengerSkinner.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner\Website.url
==> EGDACCESS <==

29 Décembre 2008 13:40:25

Bonjour halloum77,

* Double-clique sur le raccourci LOP S&D et choisis l' option 3, cela va supprimer l' infection.
* A la fin de celle-ci, une recherche sera re-lancée.
* Le bloc-note s' ouvre. Poste son contenu dans ta prochaine réponse.

A+ tard;).
30 Décembre 2008 00:21:08

Bonsoir désolé du retard de ma réponse mais cette manipulation dure des heures et ça s'arrête a chaque fois par le message que je vous ai fait voire donc si je ne suis pas à coté de l'ordinateur pour fermer cette page ça s'arrête !

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) D CPU 3.33GHz )
BIOS : Default System BIOS
USER : Jean Pierre ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:141 Go (Free:48 Go)
D:\ (CD or DVD)
E:\ (USB)
J:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( 29/12/2008|21:44 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\third lies itch ford\Axis does.dat
Supprime! - C:\ProgramData\third lies itch ford\Axis does.exe
Supprime! - C:\Users\JEANPI~1\AppData\Local\Temp\nsh91B5.tmp
Supprime! - C:\Users\JEANPI~1\AppData\Local\Temp\nsw8E44.tmp
Supprime! - C:\Users\JEANPI~1\AppData\Local\Temp\nswC4C2.tmp
Supprime! - C:\Users\JEANPI~1\AppData\Local\Temp\sta8928.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies\jean_pierre@advertising[1].txt
Supprime! - C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies\jean_pierre@adopt.euroclick[1].txt
Supprime! - C:\Users\JEANPI~1\AppData\Local\Temp\bisE800.exe
Supprime! - C:\Users\JEANPI~1\AppData\Local\Temp\bisEDE8.exe
Supprime! - C:\ProgramData\third lies itch ford
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\PROGRA~2\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[30/11/2007|18:19] C:\Users\JEANPI~1\AppData\Local\ABBYY
[19/07/2007|17:46] C:\Users\JEANPI~1\AppData\Local\Adobe
[18/11/2007|18:10] C:\Users\JEANPI~1\AppData\Local\Ahead
[18/03/2007|12:09] C:\Users\JEANPI~1\AppData\Local\AOL
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Application Data
[11/03/2008|14:11] C:\Users\JEANPI~1\AppData\Local\Ares
[18/03/2007|12:10] C:\Users\JEANPI~1\AppData\Local\ATI
[29/12/2008|21:30] C:\Users\JEANPI~1\AppData\Local\Axialis
[22/11/2007|22:29] C:\Users\JEANPI~1\AppData\Local\d3d9caps.dat
[29/12/2008|02:00] C:\Users\JEANPI~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2008|09:32] C:\Users\JEANPI~1\AppData\Local\erheaqf.bat
[13/11/2007|20:53] C:\Users\JEANPI~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19/10/2008|22:05] C:\Users\JEANPI~1\AppData\Local\Google
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Historique
[29/12/2008|03:47] C:\Users\JEANPI~1\AppData\Local\IconCache.db
[21/12/2008|22:17] C:\Users\JEANPI~1\AppData\Local\Microsoft
[28/02/2008|20:48] C:\Users\JEANPI~1\AppData\Local\Microsoft Games
[18/01/2008|20:45] C:\Users\JEANPI~1\AppData\Local\Microsoft Help
[13/11/2008|09:48] C:\Users\JEANPI~1\AppData\Local\mouuq.dat
[11/11/2008|13:22] C:\Users\JEANPI~1\AppData\Local\mouuq.exe
[09/11/2008|13:05] C:\Users\JEANPI~1\AppData\Local\mouuq_nav.dat
[13/11/2008|09:48] C:\Users\JEANPI~1\AppData\Local\mouuq_navps.dat
[18/03/2007|13:26] C:\Users\JEANPI~1\AppData\Local\Mozilla
[15/11/2007|18:14] C:\Users\JEANPI~1\AppData\Local\Nero
[10/03/2008|12:23] C:\Users\JEANPI~1\AppData\Local\PowerCinema
[16/06/2008|11:38] C:\Users\JEANPI~1\AppData\Local\Shareaza
[29/12/2008|21:44] C:\Users\JEANPI~1\AppData\Local\Temp
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Temporary Internet Files
[21/03/2007|20:04] C:\Users\JEANPI~1\AppData\Local\VirtualStore
[05/04/2007|16:15] C:\Users\JEANPI~1\AppData\Local\WindowsUpdate

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[29/12/2008 21:30][--a------] C:\Windows\tasks\Extension de garantie.job
[29/12/2008 12:58][--ah-----] C:\Windows\tasks\SA.DAT
[29/12/2008 03:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[16/03/2008|21:14] C:\ProgramData\addr_file.html
[09/11/2008|23:16] C:\ProgramData\Adobe
[18/11/2007|18:07] C:\ProgramData\Ahead
[26/11/2007|23:35] C:\ProgramData\AOL
[02/11/2006|13:59] C:\ProgramData\Application Data
[12/11/2008|22:45] C:\ProgramData\Avira
[30/11/2007|15:05] C:\ProgramData\Brother
[18/03/2007|12:03] C:\ProgramData\Bureau
[10/11/2007|20:31] C:\ProgramData\CanonBJ
[09/11/2007|21:01] C:\ProgramData\CyberLink
[02/11/2006|13:59] C:\ProgramData\Desktop
[02/11/2006|13:59] C:\ProgramData\Documents
[16/07/2008|22:20] C:\ProgramData\eMule
[18/03/2007|12:03] C:\ProgramData\Favoris
[02/11/2006|13:59] C:\ProgramData\Favorites
[21/03/2007|19:41] C:\ProgramData\FaxCtr
[26/11/2007|23:15] C:\ProgramData\Google
[05/12/2006|22:38] C:\ProgramData\InstallShield
[18/03/2007|12:53] C:\ProgramData\LUInstall.LiveUpdate
[15/03/2008|22:13] C:\ProgramData\Malwarebytes
[18/03/2007|12:03] C:\ProgramData\Menu Démarrer
[16/03/2008|19:06] C:\ProgramData\Messenger Plus!
[21/12/2008|23:06] C:\ProgramData\Microsoft
[30/11/2007|17:35] C:\ProgramData\Microsoft Help
[18/03/2007|12:03] C:\ProgramData\Modèles
[29/05/2008|10:37] C:\ProgramData\muvee Technologies
[18/11/2007|18:01] C:\ProgramData\Nero
[26/12/2008|12:56] C:\ProgramData\New dvd info.1xl0q
[20/03/2007|17:28] C:\ProgramData\QuickTime
[30/11/2007|15:45] C:\ProgramData\ScanSoft
[05/12/2006|22:38] C:\ProgramData\Sonic
[02/11/2006|13:59] C:\ProgramData\Start Menu
[23/12/2008|22:57] C:\ProgramData\Stupid Blah Blah.35lp9i1
[26/12/2008|12:55] C:\ProgramData\Stupid Blah Blah.wr1kjtw
[26/12/2008|12:55] C:\ProgramData\Stupid Blah Blah.y1lwcef
[23/12/2008|23:12] C:\ProgramData\Stupid Blah Blah.zw5d5
[05/04/2007|15:22] C:\ProgramData\Symantec
[02/11/2006|13:59] C:\ProgramData\Templates
[26/12/2008|12:56] C:\ProgramData\thirdping
[05/11/2008|11:01] C:\ProgramData\vlc-0.9.4-win32.exe
[23/12/2008|22:30] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[09/11/2008|23:16] C:\Program Files\Adobe
[08/03/2008|23:46] C:\Program Files\Adobe(0)
[01/04/2007|10:52] C:\Program Files\Alwil Software
[05/04/2007|17:52] C:\Program Files\AOL
[24/03/2008|14:27] C:\Program Files\a-squared Free
[14/11/2007|18:57] C:\Program Files\Athan
[05/12/2006|22:31] C:\Program Files\ATI Technologies
[12/11/2008|22:45] C:\Program Files\Avira
[30/11/2007|15:14] C:\Program Files\Brother
[21/12/2008|22:02] C:\Program Files\Common Files
[11/09/2008|10:59] C:\Program Files\Cyberlink
[24/11/2007|23:47] C:\Program Files\DVDVideoSoft
[22/04/2007|15:06] C:\Program Files\Elaborate Bytes
[06/02/2008|00:00] C:\Program Files\FlashGet
[19/10/2008|22:00] C:\Program Files\Google
[13/04/2008|19:12] C:\Program Files\InstallShield Installation Information
[01/12/2007|13:03] C:\Program Files\Internet Explorer
[11/11/2007|22:24] C:\Program Files\Islam
[11/12/2008|10:20] C:\Program Files\Java
[21/03/2007|19:42] C:\Program Files\Lexmark 3400 Series
[21/03/2007|19:39] C:\Program Files\Lexmark Toolbar
[17/06/2008|20:19] C:\Program Files\LimeWire
[11/06/2007|20:44] C:\Program Files\lx_cats
[15/03/2008|20:10] C:\Program Files\ma-config.com
[23/12/2008|23:10] C:\Program Files\Messenger Plus! Live
[14/11/2008|14:54] C:\Program Files\MessengerDiscovery
[23/12/2008|22:48] C:\Program Files\Microsoft
[13/05/2007|13:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:35] C:\Program Files\Microsoft Games
[29/03/2007|20:14] C:\Program Files\Microsoft Office
[21/12/2008|23:39] C:\Program Files\Microsoft Office Outlook Connector
[10/12/2007|14:08] C:\Program Files\Microsoft SQL Server Compact Edition
[29/03/2007|20:14] C:\Program Files\Microsoft Visual Studio
[26/11/2007|23:31] C:\Program Files\Microsoft Visual Studio 8
[29/03/2007|20:15] C:\Program Files\Microsoft Works
[29/03/2007|20:13] C:\Program Files\Microsoft.NET
[06/12/2006|07:17] C:\Program Files\Movie Maker
[21/12/2008|13:24] C:\Program Files\Mozilla Firefox
[29/03/2007|20:14] C:\Program Files\MSBuild
[02/11/2006|13:35] C:\Program Files\MSN
[18/11/2007|18:01] C:\Program Files\Nero
[05/12/2006|22:48] C:\Program Files\Packard Bell
[13/12/2007|22:52] C:\Program Files\Paltalk Messenger
[28/05/2008|13:31] C:\Program Files\PhotoFiltre
[05/12/2006|22:48] C:\Program Files\Powercinema
[20/03/2007|17:28] C:\Program Files\QuickTime
[20/03/2007|17:27] C:\Program Files\Real
[05/12/2006|22:30] C:\Program Files\Realtek
[02/11/2006|13:35] C:\Program Files\Reference Assemblies
[05/12/2006|22:38] C:\Program Files\Roxio
[30/11/2007|15:45] C:\Program Files\ScanSoft
[26/08/2008|12:21] C:\Program Files\Sun
[05/04/2007|15:21] C:\Program Files\Symantec
[11/03/2008|17:26] C:\Program Files\Trend Micro
[09/11/2007|21:13] C:\Program Files\uTorrent
[19/09/2008|10:29] C:\Program Files\VideoLAN
[02/09/2007|11:35] C:\Program Files\Windows Calendar
[06/12/2006|07:17] C:\Program Files\Windows Collaboration
[11/04/2007|15:44] C:\Program Files\Windows Defender
[23/12/2008|22:48] C:\Program Files\Windows Live
[23/12/2008|22:46] C:\Program Files\Windows Live SkyDrive
[13/11/2007|19:49] C:\Program Files\Windows Mail
[26/11/2007|23:32] C:\Program Files\Windows Media Player
[26/11/2007|23:32] C:\Program Files\Windows NT
[06/12/2006|07:17] C:\Program Files\Windows Photo Gallery
[26/11/2007|23:32] C:\Program Files\Windows Sidebar
[29/07/2007|18:26] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[09/11/2008|23:16] C:\Program Files\Common Files\Adobe
[08/03/2008|23:47] C:\Program Files\Common Files\Adobe(96)
[18/11/2007|18:06] C:\Program Files\Common Files\Ahead
[27/01/2008|22:38] C:\Program Files\Common Files\aol
[20/03/2007|17:29] C:\Program Files\Common Files\aolback
[27/01/2008|22:38] C:\Program Files\Common Files\AOLSHARE
[09/11/2007|17:57] C:\Program Files\Common Files\Canon
[29/03/2007|20:14] C:\Program Files\Common Files\DESIGNER
[24/11/2007|23:47] C:\Program Files\Common Files\DVDVideoSoft
[30/11/2007|15:14] C:\Program Files\Common Files\InstallShield
[24/05/2008|12:43] C:\Program Files\Common Files\Java
[21/12/2008|23:38] C:\Program Files\Common Files\microsoft shared
[05/12/2006|22:34] C:\Program Files\Common Files\Nullsoft
[20/03/2007|17:27] C:\Program Files\Common Files\Real
[05/12/2006|22:38] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[09/11/2007|18:16] C:\Program Files\Common Files\snpstd
[05/12/2006|22:38] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[05/12/2006|22:38] C:\Program Files\Common Files\SureThing Shared
[05/04/2007|15:24] C:\Program Files\Common Files\Symantec Shared
[21/12/2008|23:39] C:\Program Files\Common Files\System
[21/12/2008|22:02] C:\Program Files\Common Files\Windows Live
[10/12/2007|14:06] C:\Program Files\Common Files\WindowsLiveInstaller
[10/03/2008|15:22] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 69 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 21:52:05
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 4

--------------------\\ Recherche d'autres infections

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner\Conditions générales.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner\Confidentialité.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner\Désinstaller.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner\MessengerSkinner.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\MessengerSkinner\Website.url
==> EGDACCESS <==

30 Décembre 2008 01:33:40

Bonsoir halloum77,

* Télécharge navilog1 (merci il.mafioso!)

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

* Double clique sur navilog1.exe pour lancer l' installation.

* Une fois l' installation terminée, le fix s' exécutera automatiquement.

(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

* Laisse-toi guider et au menu principal, choisis 1 et valide.

Ne fais pas le choix 2, 3 ou 4 sans notre avis/accord

* Patiente jusqu' au message : *** Analyse terminée le ..... ***

* Appuie sur une touche comme demandé, le Bloc-notes va s' ouvrir.

* Copie-colle l' intégralité du rapport dans ta prochaine réponse et referme le Bloc-notes.

(Le rapport est en outre sauvegardé à la racine du disque : fixnavi.txt)

A+ tard et joyeuses fêtes;).
30 Décembre 2008 12:52:50

Bonjour et merci de votre aide et le temps que vous y consacré vous aussi joyeuses fêtes de fin année !!
Alors impossible de lancer navilog je vous envoi l'image pour que vous voyez ce que j'obtiens suite à ça je cliques sur annuler et tout se ferme.
http://www.zshare.net/image/53469055abbf4df5/
30 Décembre 2008 14:49:53

Bonjour voici le rapport
Search Navipromo version 3.7.0 commencé le 30/12/2008 à 14:31:03,41

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) D CPU 3.33GHz )
BIOS : Default System BIOS
USER : Jean Pierre ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:141 Go (Free:50 Go)
D:\ (CD or DVD)
E:\ (USB)
J:\ (CD or DVD)


Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\Windows" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

...\MessengerSkinner trouvé !

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


*** Recherche dossiers dans "C:\ProgramData" ***


*** Recherche dossiers dans "c:\users\jeanpi~1\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\Jean Pierre\AppData\Local\virtualstore\Program Files" ***


*** Recherche dossiers dans "C:\Users\Jean Pierre\AppData\Roaming" ***


*** Recherche dossiers dans "C:\Users\Claude\appdata\roaming" ***


*** Recherche dossiers dans "C:\Users\Paulette\appdata\roaming" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\Jean Pierre\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\Jean Pierre\AppData\Local\virtualstore\windows\system32" *

* Recherche dans "C:\Users\Jean Pierre\AppData\Local" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\Windows\system32" :


* Dans "C:\Users\Jean Pierre\AppData\Local\Microsoft" :


* Dans "C:\Users\Jean Pierre\AppData\Local\virtualstore\windows\system32" :


* Dans "C:\Users\Jean Pierre\AppData\Local" :

mouuq.exe trouvé !
mouuq.dat trouvé !
mouuq_nav.dat trouvé !
mouuq_navps.dat trouvé !

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :


C:\ProgramData\New dvd info.1xl0q trouvé ! Infection Lop possible non traitée par cet outil !

C:\ProgramData\Stupid Blah Blah.zw5d5 trouvé ! Infection Lop possible non traitée par cet outil !

C:\ProgramData\Stupid Blah Blah.35lp9i1 trouvé ! Infection Lop possible non traitée par cet outil !

C:\ProgramData\Stupid Blah Blah.wr1kjtw trouvé ! Infection Lop possible non traitée par cet outil !

C:\ProgramData\Stupid Blah Blah.y1lwcef trouvé ! Infection Lop possible non traitée par cet outil !


*** Analyse terminée le 30/12/2008 à 14:46:28,66 ***
30 Décembre 2008 15:04:01

Re,

fais la manip' 3 de Navilog...
30 Décembre 2008 20:55:22

Re, voici le rapport:
Clean Navipromo version 3.7.0 commencé le 30/12/2008 à 20:07:03,33

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Jean Pierre"

Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) D CPU 3.33GHz )
BIOS : Default System BIOS
USER : Jean Pierre ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:141 Go (Free:49 Go)
D:\ (CD or DVD)
E:\ (USB)
J:\ (CD or DVD)


Mode suppression automatique
sans prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur


*** Suppression dossiers dans "C:\Windows" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

...\MessengerSkinner ...suppression...
...\MessengerSkinner supprimé !


*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


*** Suppression dossiers dans "C:\ProgramData" ***


*** Suppression dossiers dans c:\users\jeanpi~1\appdata\roaming\micros~1\windows\startm~1\programs ***


*** Suppression dossiers dans "C:\Users\Jean Pierre\AppData\Local\virtualstore\Program Files" ***


*** Suppression dossiers dans "C:\Users\Jean Pierre\AppData\Roaming" ***


*** Suppression dossiers dans "C:\Users\Claude\appdata\roaming" ***


*** Suppression dossiers dans "C:\Users\Paulette\appdata\roaming" ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\JEANPI~1\AppData\Local\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\Windows\system32" *


* Dans "C:\Users\Jean Pierre\AppData\Local\Microsoft" *


* Dans "C:\Users\Jean Pierre\AppData\Local\virtualstore\windows\system32" *


* Dans "C:\Users\Jean Pierre\AppData\Local" *


mouuq.exe trouvé !
Copie mouuq.exe réalisée avec succès !
mouuq.exe supprimé !

mouuq.dat trouvé !
Copie mouuq.dat réalisée avec succès !
mouuq.dat supprimé !

mouuq_nav.dat trouvé !
Copie mouuq_nav.dat réalisée avec succès !
mouuq_nav.dat supprimé !

mouuq_navps.dat trouvé !
Copie mouuq_navps.dat réalisée avec succès !
mouuq_navps.dat supprimé !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !


*** Recherche autres dossiers et fichiers connus ***



*** Nettoyage terminé le 30/12/2008 à 20:51:35,08 ***

31 Décembre 2008 01:45:06

Bonsoir halloum77,

1) Télécharge :
CCleaner 2.16.830 - Slim : http://www.ccleaner.com/download/builds.aspx
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures. Laisse-le avec ses réglages par défaut et ferme le programme pour l' instant.
Tuto : http://www.infos-du-net.com/telecharger/CCleaner,0301-1...

Malwarebytes' Anti-Malware :
http://www.besttechie.net/tools/mbam-setup.exe
Lance-le et une fois l' exécutable téléchargé, double-clique sur mbam-setup.exe, l' installation commence. Laisse-toi guider par l' assistant : Choix de la langue, acceptation de la licence, dossier par défaut... Pense à cocher la case Créer une icône sur le Bureau. Tu arrives à présent à la fin de l' installation, ferme le programme pour l' instant.

2) Redémarre en mode sans echec :
Voir à la lettre D : http://forum.pcastuces.com/sujet.asp?f=25&s=3902
Il te faudra choisir ta session habituelle, pas le compte Administrateur ou autre.
Important : A partir de l' étape 3 tu n' auras plus accès au net. Copie la suite des instructions dans un fichier texte, sur ton bureau.

3) Lance Malwarebytes' Anti-Malware :
Tuto : http://www.infos-du-net.com/forum/278396-11-tuto-malwar...

4) Lance : CCleaner
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler, cela peut durer longtemps la 1ère fois).
Puis clique sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois d' affilée et ferme CCleaner

5) Redémarre en mode normal :
Poste le rapport Malwarebytes' Anti-Malware.

A+ tard;).
31 Décembre 2008 14:49:31

Bonjour , j'ai un petit souci pour redémarrer en mode sans échec car le tuto que vous m'avez donné et pour windows XP et moi je suis sous vista et c'est pas du tout pareille, je ne sais pas comment faire
31 Décembre 2008 15:12:12

halloum77 a dit :
> j'ai un petit souci pour redémarrer en mode sans échec car le tuto que vous m'avez donné et pour windows XP et moi je suis sous vista et c'est pas du tout pareille, je ne sais pas comment faire


Bonjour halloum77,

> Ah ce Vista :kaola: ...

Fais les manip' de CCleaner et Malwarebytes' Anti-Malware en mode normal

A+ tard;).
31 Décembre 2008 15:35:38

Re, voila le rapport malwarebytes:
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1582
Windows 6.0.6000

31/12/2008 15:24:23
mbam-log-2008-12-31 (15-23-52).txt

Type de recherche: Examen rapide
Eléments examinés: 50562
Temps écoulé: 4 minute(s), 50 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Public\AdbeRdr812_fr_FR.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Public\antivir-personal-edition-7_antivir_personal_edition_classic_7_7.06.00.270_anglais_10821.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Public\aresregular209_installer.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Public\flashget_flashget_1.96_francais_10017.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Public\flvplayer_setup.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Public\INSTALL_MSN_MESSENGER_NT.EXE (Trojan.FakeAlert) -> No action taken.

j'ai fais CCleaner.
31 Décembre 2008 16:37:44

Re, désolé je suis un peu nulle loool en informatique bref sinon sur le lien que vous m'avez donné je ne peux pas voir les images alors je sais pas si ça vient de mon ordinateur ou ??..bref je refais malwarebytes et je vous poste le rapport merci
31 Décembre 2008 16:39:31

Re , voici le rapport:
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1582
Windows 6.0.6000

31/12/2008 16:38:06
mbam-log-2008-12-31 (16-38-06).txt

Type de recherche: Examen rapide
Eléments examinés: 51391
Temps écoulé: 7 minute(s), 18 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Public\AdbeRdr812_fr_FR.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Public\antivir-personal-edition-7_antivir_personal_edition_classic_7_7.06.00.270_anglais_10821.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Public\aresregular209_installer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Public\flashget_flashget_1.96_francais_10017.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Public\flvplayer_setup.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Public\INSTALL_MSN_MESSENGER_NT.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
31 Décembre 2008 19:56:38

Bonsoir halloum77,

télécharge SmitfraudFix de S!Ri, balltrap34 et moe31 : http://siri.urz.free.fr/Fix/SmitfraudFix.exe

* Installe-le à la racine de C
* Double-clique sur l' exe pour le décompresser et lancer le fix.
Utilisation---option 1---Recherche :
* Double clique sur smitfraudfix.cmd
* Sélectionne 1 pour créer un rapport des fichiers responsables de l' infection.
* Poste le rapport ici.

process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus...) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d' un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...), d' où l' alerte émise par ces antivirus.

A+ tard;).
31 Décembre 2008 23:24:52

Bonsoir,
Run from C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows [version 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\vsnpstd.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Powercinema\PCMService.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\aol\1165354343\ee\aolsoftware.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Jean Pierre\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\Program Files\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Users\Jean Pierre\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
c:\Program Files\Powercinema\Kernel\TV\CLSched.exe
C:\Windows\system32\lxcycoms.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Jean Pierre


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\JEANPI~1\AppData\Local\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Jean Pierre\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\JEANPI~1\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, following keys are not inevitably infected!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, following keys are not inevitably infected!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte réseau Fast Ethernet Realtek RTL8139/810x Family
DNS Server Search Order: 213.36.80.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{5D57A919-4A96-4702-82C6-010B24DEDC39}: NameServer=213.36.80.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5D57A919-4A96-4702-82C6-010B24DEDC39}: NameServer=213.36.80.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{5D57A919-4A96-4702-82C6-010B24DEDC39}: NameServer=213.36.80.1


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

1 Janvier 2009 14:44:23

Re, bonne année, bonne santé et surtout un peu plus d'argent loool pour 2009 !!
j'ai un petit souci je retrouve plus le rapport combofix car j'ai eu un souci de connexion internet et du coup j'ai redémarré l'ordi et la je le trouve plus
1 Janvier 2009 15:13:40

halloum77 a dit :
> je retrouve plus le rapport combofix


Bonjour halloum77,

> C:\ComboFix.txt

A+ tard;).
1 Janvier 2009 15:48:47

Re, voila
ComboFix 08-12-31.01 - Jean Pierre 2009-01-01 13:47:38.7 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6000.0.1252.1.1036.18.767.156 [GMT 1:00]
Lancé depuis: c:\users\Jean Pierre\Downloads\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\vlc-0.9.4-win32.exe
c:\windows\system32\404Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-01 au 2009-01-01 ))))))))))))))))))))))))))))))))))))
.

2008-12-31 23:22 . 2008-12-12 00:57 78,336 --a------ c:\windows\System32\Agent.OMZ.Fix.exe
2008-12-31 14:27 . 2008-12-31 14:27 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-31 14:27 . 2008-12-03 19:59 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2008-12-31 14:27 . 2008-12-03 19:59 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2008-12-31 14:03 . 2008-12-31 14:03 <REP> d-------- c:\program files\CCleaner
2008-12-30 12:35 . 2008-12-30 20:51 <REP> d-------- c:\program files\Navilog1
2008-12-29 01:06 . 2008-12-29 21:57 <REP> d-------- C:\Lop SD
2008-12-24 15:35 . 2008-12-24 15:35 <REP> dr------- c:\users\Jean Pierre\Contacts
2008-12-23 22:57 . 2008-12-26 12:56 <REP> d-------- c:\users\All Users\thirdping
2008-12-23 22:57 . 2008-12-26 12:56 <REP> d-------- c:\programdata\thirdping
2008-12-23 22:48 . 2008-12-08 17:01 55,264 --a------ c:\windows\System32\drivers\fssfltr.sys
2008-12-23 22:46 . 2008-12-23 22:46 <REP> d-------- c:\program files\Windows Live SkyDrive
2008-12-23 22:41 . 2008-12-23 22:41 <REP> dr------- c:\users\Public\Services Windows Live
2008-12-21 23:39 . 2008-12-21 23:39 <REP> d-------- c:\program files\Microsoft Office Outlook Connector
2008-12-21 23:38 . 2008-12-23 22:48 <REP> d-------- c:\program files\Microsoft
2008-12-21 23:32 . 2008-12-23 21:57 2,402,832 --a------ c:\users\Jean Pierre\Installation de Windows Live.exe
2008-12-21 22:49 . 2008-12-23 22:48 <REP> d----c--- c:\windows\System32\DRVSTORE
2008-12-21 22:12 . 2008-12-21 22:12 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
2008-12-21 22:12 . 2008-12-21 22:12 347,648 --a------ c:\windows\System32\WindowsCodecsExt.dll
2008-12-21 22:02 . 2008-12-21 22:02 <REP> d-------- c:\program files\Common Files\Windows Live
2008-12-11 10:21 . 2008-12-11 10:21 410,984 --a------ c:\windows\System32\deploytk.dll
2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a------ c:\windows\System32\sirenacm.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-01 12:49 --------- d-----w c:\users\Jean Pierre\AppData\Roaming\uTorrent
2008-12-23 22:10 --------- d-----w c:\program files\Messenger Plus! Live
2008-12-23 21:48 --------- d-----w c:\program files\Windows Live
2008-12-23 21:30 --------- d-----w c:\programdata\WLInstaller
2008-12-18 13:12 --------- d-----w c:\users\Jean Pierre\AppData\Roaming\Shareaza
2008-12-11 09:20 --------- d-----w c:\program files\Java
2008-11-29 16:30 1,607,184 ----a-w c:\windows\System32\Aquarium Exotique.scr
2008-11-14 13:54 --------- d-----w c:\program files\MessengerDiscovery
2008-11-12 21:45 --------- d-----w c:\programdata\Avira
2008-11-12 21:45 --------- d-----w c:\program files\Avira
2008-11-09 22:16 --------- d-----w c:\program files\Common Files\Adobe
2008-05-28 11:16 1,664,591 ----a-w c:\users\Jean Pierre\pf-setup.exe
2008-05-24 11:40 382,352 ----a-w c:\users\Jean Pierre\jxpiinstall.exe
2008-03-26 22:06 6,116,304 ----a-w c:\users\Public\Firefox Setup 2.0.0.13.exe
2008-03-10 13:03 4,737,360 ----a-w c:\users\Public\MsgPlusLive-450 (2).exe
2008-03-10 12:53 2,402,832 ----a-w c:\users\Public\WLinstaller(2).exe
2008-03-10 12:50 2,402,832 ----a-w c:\users\Public\WLinstaller (4).exe
2008-02-20 17:57 4,737,360 ----a-w c:\users\Public\MsgPlusLive-450.exe
2008-02-20 17:47 2,402,832 ----a-w c:\users\Public\WLinstaller (3).exe
2008-02-19 17:40 2,402,832 ----a-w c:\users\Public\WLinstaller (2).exe
2007-12-27 15:10 881,192 ----a-w c:\users\Public\WGAPluginInstall.exe
2007-12-10 13:02 2,402,832 ----a-w c:\users\Public\WLinstaller.exe
2007-11-30 15:48 6,118,564 ----a-w c:\users\Public\240-USBVISTA-32P-A-FR.EXE
2007-11-26 22:10 6,626,008 ----a-w c:\users\Public\FirefoxGoogleToolbarSetup.exe
2007-11-10 16:46 4,456,140 ----a-w c:\users\Public\AthanBasic.exe
2007-11-09 16:54 593,408 ----a-w c:\users\Public\b7100MUx.exe
2007-11-09 13:14 3,966,288 ----a-w c:\users\Public\MsgPlusLive-423.exe
2007-09-02 10:40 174 --sha-w c:\program files\desktop.ini
2007-03-20 16:24 278,528 ----a-w c:\program files\Common Files\FDEUnInstaller.exe
2008-03-12 20:28 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-03-12 20:28 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-03-12 20:28 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((( snapshot_2008-03-19_22.54.17,35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-12 08:17:58 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
+ 2008-12-21 23:46:12 884,736 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e3607e3cb140b69ecc6aefbbb0021304\AspNetMMCExt.ni.dll
+ 2008-12-21 23:47:38 1,720,320 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\750dcff9d4b9b92ec4acdc6b4cd313f8\Microsoft.VisualBasic.ni.dll
+ 2008-12-21 23:47:33 5,971,968 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\e159627625bc60fb6e454968d89ab948\MIGUIControls.ni.dll
+ 2008-12-21 23:47:41 135,168 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\8760ddb37b90104d71544afce00fb454\ServiceModelReg.ni.exe
+ 2008-12-21 23:47:25 999,424 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\49a35f8d6b44cfe7c2a12cb873e58a22\System.IdentityModel.ni.dll
+ 2008-12-21 23:46:16 815,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8fbca0140921ed343cb511595869a0ed\System.Runtime.Remoting.ni.dll
+ 2008-12-21 23:47:23 17,416,192 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3636f59e63b317ae39d71c248befa5e2\System.ServiceModel.ni.dll
+ 2008-12-21 23:47:51 2,306,048 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0ccdb400998b3055c0b95941d8685348\System.Web.Mobile.ni.dll
+ 2008-12-21 23:46:46 1,941,504 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\37f75b2b7d0b3bb5242403b9c7ffabc7\System.Web.Services.ni.dll
+ 2008-12-21 23:46:41 12,185,600 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\c11c5eb32a435c14a33e62b1e150e988\System.Web.ni.dll
+ 2008-12-23 22:54:44 163,840 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\a5cc613f50daae58035bce1136410dba\WindowsLive.Client.ni.dll
+ 2008-12-23 22:54:35 475,136 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\08aa32a8ea6026f1c54c0d70c3445422\WindowsLive.Writer.Localization.ni.dll
+ 2008-12-23 22:54:36 131,072 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\29390a9c06c04e23a1ebf5ceaebe0005\WindowsLive.Writer.Passport.ni.dll
+ 2008-12-23 22:54:41 114,688 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2aa19501e0a9b8df32999fc0c44dd67e\WindowsLive.Writer.Api.ni.dll
+ 2008-12-23 22:54:34 176,128 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2d0a4ba271c528eab1c2deb2599f861c\WindowsLive.Writer.HtmlParser.ni.dll
+ 2008-12-23 22:54:37 286,720 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2e2a2df6167ba338c5b834755a51b0c6\WindowsLive.Writer.Mshtml.ni.dll
+ 2008-12-23 22:54:34 331,776 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\339568cec34a3acd7832ad480338bae2\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2008-12-23 22:54:39 1,159,168 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\42426d64b542cb67e78e0489f44282fd\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2008-12-23 22:54:40 143,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\54c7b23b13cce6b2147f02ae9aa43e02\WindowsLive.Writer.Extensibility.ni.dll
+ 2008-12-23 22:54:25 6,500,352 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\609daa8f881f9dcb744c24df7e48aaef\WindowsLive.Writer.PostEditor.ni.dll
+ 2008-12-23 22:54:47 139,264 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\699b0785bb89e8016faba1115886f1c5\WindowsLive.Writer.FileDestinations.ni.dll
+ 2008-12-23 22:54:32 204,800 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6c7e74ca048dee2fd8c239f52045962a\WindowsLive.Writer.BrowserControl.ni.dll
+ 2008-12-23 22:54:45 643,072 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\855a0330d664b560e2a23a520dea8fa7\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2008-12-23 22:54:31 2,088,960 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\90ab18c0714e7c902ddb1dfe5b0ec138\WindowsLive.Writer.CoreServices.ni.dll
+ 2008-12-23 22:54:32 335,872 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\918fb7b31f783676d19be1c243c4608d\WindowsLive.Writer.Interop.ni.dll
+ 2008-12-23 22:54:33 348,160 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\95fb61726bed07bcd2e31f8ef7ec2517\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2008-12-23 22:54:27 872,448 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\af81da31f368893d143237da6b421158\WindowsLive.Writer.Controls.ni.dll
+ 2008-12-23 22:54:48 163,840 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c4ef56ce9e90b5dfe1af8b12d4a998ab\WindowsLive.Writer.Instrumentation.ni.dll
+ 2008-12-23 22:54:47 344,064 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d3ab367b2712e869c1470f47fb398a08\WindowsLive.Writer.SpellChecker.ni.dll
+ 2008-12-23 22:54:43 925,696 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fe46599c6143529f89909490ca45c087\WindowsLive.Writer.BlogClient.ni.dll
+ 2008-12-23 22:54:50 634,880 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\d20dc459a7a92b170a325c598b4d2c67\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2008-12-23 22:54:13 49,152 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\00fa07c9c1ce1d54c0d4d8679c898593\WindowsLiveWriter.ni.exe
+ 2008-10-04 19:16:46 1,887,080 ----a-w c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2000-08-31 07:00:00 89,504 ----a-w c:\windows\fdsv.exe
+ 2000-08-31 07:00:00 80,412 ----a-w c:\windows\grep.exe
- 2007-12-05 13:12:37 51,200 ----a-w c:\windows\inf\infpub.dat
+ 2008-04-17 18:20:05 51,200 ----a-w c:\windows\inf\infpub.dat
- 2007-12-05 13:12:36 86,016 ----a-w c:\windows\inf\infstor.dat
+ 2008-04-17 18:20:00 86,016 ----a-w c:\windows\inf\infstor.dat
- 2007-12-05 13:12:36 86,016 ----a-w c:\windows\inf\infstrng.dat
+ 2008-04-17 18:20:05 86,016 ----a-w c:\windows\inf\infstrng.dat
+ 2008-12-23 21:46:14 62,288 ----a-r c:\windows\Installer\{01523985-2098-43AF-9C97-12B07BE02A9B}\IconWlc.exe
+ 2008-12-23 21:47:02 80,395 ----a-r c:\windows\Installer\{059C042E-796A-4ACC-A81A-ECC2010BB78C}\MsblIco.Exe
+ 2008-12-23 21:47:46 58,945 ----a-r c:\windows\Installer\{63DC2DA0-2A6C-4C38-9249-B75395458657}\wlmail.exe
+ 2008-12-21 22:39:55 29,316 ----a-r c:\windows\Installer\{95120000-0120-040C-0000-0000000FF1CE}\olc_setup.exe
+ 2008-11-09 22:17:34 295,606 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1036-7B44-A81300000003}\SC_Reader.exe
+ 2008-12-21 21:11:14 86,746 ----a-r c:\windows\Installer\{DA0FC90D-5D87-445E-90B4-B938C57FE16F}\wlmail.exe
+ 2006-11-02 12:34:59 2,560 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2006-11-02 12:34:58 2,560 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
+ 2006-11-02 08:12:29 2,048 ----a-w c:\windows\MSAgent\AgtUI.dll
- 2000-08-31 07:00:00 28,160 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 07:00:00 28,672 ----a-w c:\windows\Nircmd.exe
+ 2006-09-18 12:27:18 2,048 ----a-w c:\windows\Oem\mp\boot\etfsboot.com
+ 2006-11-06 01:00:00 1,957 ----a-w c:\windows\Oem\mp\softsource\NIS\NIS2007_FR\Support\AV\AV\VirusD64\TINFL.DAT
+ 2006-11-06 01:00:00 3,027 ----a-w c:\windows\Oem\mp\softsource\NIS\NIS2007_FR\Support\AV\AV\VirusD64\TSCAN1HD.DAT
+ 2006-11-06 01:00:00 1,957 ----a-w c:\windows\Oem\mp\softsource\NIS\NIS2007_FR\Support\AV\AV\VirusDef\TINFL.DAT
+ 2006-11-06 01:00:00 3,027 ----a-w c:\windows\Oem\mp\softsource\NIS\NIS2007_FR\Support\AV\AV\VirusDef\TSCAN1HD.DAT
+ 2006-11-06 21:16:04 1,874 ----a-w c:\windows\Oem\mp\tools\cleanstart.cmd
+ 2006-11-28 17:39:08 2,426 ----a-w c:\windows\Oem\mp\tools\logerror.cmd
+ 2006-11-06 16:29:18 1,749 ----a-w c:\windows\Oem\mp\tools\xsltransform.vbs
+ 2000-08-31 07:00:00 98,816 ----a-w c:\windows\sed.exe
+ 2008-12-31 16:35:19 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-12-31 16:35:19 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-03-19 21:17:25 262,144 ----a-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-05-14 23:04:50 262,144 ----a-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-03-19 12:04:43 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2009-01-01 12:51:00 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2009-01-01 12:51:00 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-03-19 12:54:01 262,144 ----a-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-05-15 00:01:29 262,144 ----a-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-03-19 21:53:25 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2009-01-01 12:50:54 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2009-01-01 12:50:54 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
+ 2000-08-31 07:00:00 161,792 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 07:00:00 136,704 ----a-w c:\windows\SWSC.exe
+ 2000-08-31 07:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe
+ 2006-11-02 07:10:15 2,000 ----a-w c:\windows\system\keyboard.drv
+ 2006-11-02 07:10:18 2,032 ----a-w c:\windows\system\mouse.drv
+ 2006-11-02 07:10:16 1,744 ----a-w c:\windows\system\sound.drv
+ 2006-11-02 07:10:17 2,176 ----a-w c:\windows\system\vga.drv
+ 2006-11-02 07:11:39 2,048 ----a-w c:\windows\System32\acprgwiz.dll
+ 2006-11-02 12:34:54 2,048 ----a-w c:\windows\System32\asferror.dll
+ 2006-11-02 06:56:11 2,560 ----a-w c:\windows\System32\bootstr.dll
+ 2006-11-02 07:38:48 2,048 ----a-w c:\windows\System32\bridgeres.dll
- 2008-03-19 21:00:23 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-12-31 21:53:47 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-03-19 21:00:23 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-31 21:53:47 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-03-19 21:00:23 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-12-31 21:53:47 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-03-15 21:21:45 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2009-01-01 12:47:23 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2009-01-01 12:47:23 262,144 ---ha-w c:\windows\System32\config\systemprofile\ntuser.dat.LOG1
+ 2006-11-02 12:35:06 2,048 ----a-w c:\windows\System32\dfsrres.dll
- 2008-03-16 20:14:57 61,632 ----a-w c:\windows\System32\drivers\avipbb.sys
+ 2008-12-09 21:52:45 75,072 ----a-w c:\windows\System32\drivers\avipbb.sys
+ 2006-07-24 02:00:00 2,432 ----a-w c:\windows\System32\drivers\cdr4_xp.sys
+ 2006-07-24 02:00:00 2,560 ----a-w c:\windows\System32\drivers\cdralw2k.sys
- 2006-07-24 02:00:00 36,528 ----a-w c:\windows\System32\drivers\pxhelp20.sys
+ 2008-02-23 02:38:33 43,872 ------w c:\windows\System32\drivers\pxhelp20.sys
- 2007-03-01 09:34:36 28,352 ----a-w c:\windows\System32\drivers\ssmdrv.sys
+ 2007-11-08 17:03:26 21,248 ----a-w c:\windows\System32\drivers\ssmdrv.sys
+ 2006-11-30 13:18:18 27,416 ----a-w c:\windows\System32\drivers\x10ufx2.sys
+ 2006-11-02 08:27:54 2,048 ----a-w c:\windows\System32\DriverStore\FileRepository\prnca001.inf_92fbd03f\I386\CNBPGR02.DLL
+ 2006-11-02 09:41:10 2,560 ----a-w c:\windows\System32\DriverStore\FileRepository\prndc001.inf_79bb12be\I386\DICONRES.DLL
+ 2006-09-18 21:40:29 1,960 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE11.DAT
+ 2006-09-18 21:40:29 1,778 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE12.DAT
+ 2006-09-18 21:40:29 1,960 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE16.DAT
+ 2006-09-18 21:40:29 1,992 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE2J.DAT
+ 2006-09-18 21:40:29 1,948 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE2K.DAT
+ 2006-09-18 21:40:29 2,128 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE2M.DAT
+ 2006-09-18 21:40:29 2,398 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3N.DAT
+ 2006-09-18 21:40:29 1,976 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3O.DAT
+ 2006-09-18 21:40:29 1,764 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3P.DAT
+ 2006-09-18 21:40:29 2,398 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3Q.DAT
+ 2006-09-18 21:40:29 2,618 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3T.DAT
+ 2006-09-18 21:40:29 2,188 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3V.DAT
+ 2006-09-18 21:40:29 2,984 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE4A.DAT
+ 2006-09-18 21:40:29 2,632 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE4D.DAT
+ 2006-09-18 21:40:30 2,496 ----a-w c:\windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE4S.DAT
+ 2006-11-30 13:18:18 27,416 ----a-w c:\windows\System32\DriverStore\FileRepository\x10ufx2.inf_900448ee\x10ufx2.sys
+ 2008-12-08 16:01:52 55,264 -c--a-w c:\windows\System32\DRVSTORE\fssfltr_9D8141AC16915376436B9EE4A4DDF522797C6456\fssfltr.sys
- 2008-03-15 21:30:20 414,152 ----a-w c:\windows\System32\FNTCACHE.DAT
+ 2008-03-23 22:08:34 414,152 ----a-w c:\windows\System32\FNTCACHE.DAT
+ 2006-11-02 09:39:39 2,048 ----a-w c:\windows\System32\iologmsg.dll
+ 2008-12-11 09:21:06 144,792 ----a-w c:\windows\System32\java.exe
+ 2008-12-11 09:21:06 144,792 ----a-w c:\windows\System32\javaw.exe
+ 2008-12-11 09:21:06 148,888 ----a-w c:\windows\System32\javaws.exe
+ 2006-11-02 07:10:15 2,000 ----a-w c:\windows\System32\keyboard.drv
+ 2006-11-02 07:38:59 2,048 ----a-w c:\windows\System32\lltdres.dll
+ 2008-10-05 03:16:26 235,936 ----a-r c:\windows\System32\Macromed\Flash\FlashUtil10a.exe
+ 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\System32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:04 235,936 ----a-w c:\windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-12-27 18:41:18 89,102 ----a-w c:\windows\System32\Macromed\Flash\uninstall_activeX.exe
+ 2008-12-27 19:52:29 84,661 ----a-w c:\windows\System32\Macromed\Flash\uninstall_plugin.exe
+ 2006-11-02 12:34:47 2,048 ----a-w c:\windows\System32\mferror.dll
+ 2006-11-02 07:10:18 2,032 ----a-w c:\windows\System32\mouse.drv
+ 2006-11-02 07:15:56 2,560 ----a-w c:\windows\System32\msimsg.dll
+ 2006-11-02 07:18:28 2,048 ----a-w c:\windows\System32\msprivs.dll
+ 2007-08-14 18:05:18 2,048 ----a-w c:\windows\System32\msxml3r.dll
+ 2007-08-14 18:03:47 2,048 ----a-w c:\windows\System32\msxml6r.dll
+ 2006-11-02 09:41:16 2,048 ----a-w c:\windows\System32\neth.dll
+ 2006-11-02 09:41:17 2,048 ----a-w c:\windows\System32\netmsg.dll
+ 2007-11-09 16:00:32 2,456 ----a-w c:\windows\System32\networklist\icons\{2A3290D8-436D-49DC-9A2F-3B8DB6C6629A}_24.bin
+ 2007-11-19 10:50:56 2,456 ----a-w c:\windows\System32\networklist\icons\{F881F750-F597-4C63-A1E5-A1D89A939B79}_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w c:\windows\System32\networklist\icons\StockIcons\bench_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w c:\windows\System32\networklist\icons\StockIcons\house_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w c:\windows\System32\networklist\icons\StockIcons\office_24.bin
+ 2006-11-02 08:33:06 2,560 ----a-w c:\windows\System32\normaliz.dll
+ 2006-11-02 07:08:53 2,048 ----a-w c:\windows\System32\oleaccrc.dll
- 2008-03-19 12:08:49 111,448 ----a-w c:\windows\System32\perfc009.dat
+ 2008-12-31 16:40:36 111,448 ----a-w c:\windows\System32\perfc009.dat
- 2008-03-19 12:08:49 121,552 ----a-w c:\windows\System32\perfc00C.dat
+ 2008-12-31 16:40:37 121,552 ----a-w c:\windows\System32\perfc00C.dat
- 2008-03-19 12:08:49 622,496 ----a-w c:\windows\System32\perfh009.dat
+ 2008-12-31 16:40:37 622,496 ----a-w c:\windows\System32\perfh009.dat
- 2008-03-19 12:08:49 699,568 ----a-w c:\windows\System32\perfh00C.dat
+ 2008-12-31 16:40:37 699,568 ----a-w c:\windows\System32\perfh00C.dat
- 2006-06-09 10:54:20 452,264 ----a-w c:\windows\System32\Px.dll
+ 2006-09-27 21:53:22 514,808 ------w c:\windows\System32\Px.dll
- 2006-06-09 10:54:26 181,928 ----a-w c:\windows\System32\PxMas.dll
+ 2006-09-27 21:53:22 183,032 ------w c:\windows\System32\PxMas.dll
- 2006-06-09 10:54:30 345,768 ----a-w c:\windows\System32\PxWave.dll
+ 2006-09-27 21:53:23 379,640 ------w c:\windows\System32\PxWave.dll
+ 2006-11-02 07:10:00 2,842 ----a-w c:\windows\System32\redir.exe
+ 2006-11-02 09:43:00 2,560 ----a-w c:\windows\System32\rnr20.dll
+ 2006-11-02 12:34:04 2,048 ----a-w c:\windows\System32\SampleRes.dll
- 2007-12-10 23:23:50 6,029,312 ----a-w c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2008-12-24 00:04:01 6,029,312 ----a-w c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2006-11-02 07:10:16 1,744 ----a-w c:\windows\System32\sound.drv
- 2000-08-31 07:00:00 136,704 ----a-w c:\windows\System32\swsc.exe
+ 2006-11-02 09:45:39 31,744 ----a-w c:\windows\System32\swsc.exe
+ 2007-09-02 10:15:34 2,048 ----a-w c:\windows\System32\tzres.dll
+ 2006-11-02 07:10:17 2,176 ----a-w c:\windows\System32\vga.drv
+ 2006-11-02 07:15:27 2,048 ----a-w c:\windows\System32\wbem\WmiApRes.dll
- 2008-03-19 12:04:54 11,586 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2019035810-2696012141-165755087-1002_UserData.bin
+ 2008-12-31 16:37:32 13,080 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2019035810-2696012141-165755087-1002_UserData.bin
+ 2006-12-05 21:53:07 1,554 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2494740830-1910895642-158484282-500_UserData.bin
- 2008-03-19 12:04:54 54,694 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-12-31 16:37:31 55,128 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-03-19 12:04:50 50,858 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-12-31 16:37:29 58,100 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2007-03-18 13:09:12 58,642 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2008-11-30 17:41:01 163,212 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2006-11-02 07:10:22 2,864 ----a-w c:\windows\System32\WINSOCK.DLL
+ 2006-11-02 07:10:18 2,112 ----a-w c:\windows\System32\WINSPOOL.EXE
+ 2006-11-02 12:34:50 2,048 ----a-w c:\windows\System32\wmerror.dll
+ 2006-11-02 07:10:27 2,864 ----a-w c:\windows\System32\WOWDEB.EXE
+ 2000-08-31 07:00:00 49,152 ----a-w c:\windows\VFIND.exe
+ 2006-11-02 07:11:38 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16386_none_09eb762df5615af9\AcRes.dll
+ 2007-03-18 11:12:14 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16444_none_0a14b72ff542b5ae\AcRes.dll
+ 2007-07-12 08:17:58 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16485_none_09ea77c9f5623ec9\AcRes.dll
+ 2007-03-18 11:12:15 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20543_none_0a9d53b10e613c21\AcRes.dll
+ 2007-07-12 08:17:59 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20597_none_0a6b453d0e862d32\AcRes.dll
+ 2006-11-02 07:11:39 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6000.16386_none_92936507ab8702dd\acprgwiz.dll
+ 2006-11-02 08:12:29 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-agent0409_31bf3856ad364e35_6.0.6000.16386_none_cba6dc9d9ccc4898\AgtUI.dll
+ 2006-11-02 06:56:11 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-b..environment-strings_31bf3856ad364e35_6.0.6000.16386_none_f64b4db1100349a8\bootstr.dll
+ 2006-11-02 09:41:17 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-basic-misc-tools_31bf3856ad364e35_6.0.6000.16386_none_1525f574c2807ea3\netmsg.dll
+ 2006-11-02 12:35:06 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-dfsr-core-clientonly_31bf3856ad364e35_6.0.6000.16386_none_b442caae9d1904a7\dfsrres.dll
+ 2006-11-02 06:58:59 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16386_none_1310947a0ca7000f\tzres.dll
+ 2007-07-03 11:53:28 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16483_none_130d95820ca9b131\tzres.dll
+ 2007-09-02 10:15:34 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16520_none_134b76120c7bbaad\tzres.dll
+ 2007-07-03 11:53:29 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20594_none_138d62ab25ce8643\tzres.dll
+ 2007-09-02 10:15:34 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20636_none_13d044ad259c0e72\tzres.dll
+ 2006-11-02 07:15:56 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.0.6000.16386_none_0143bc2fb699ae2d\msimsg.dll
+ 2006-11-02 08:33:06 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-international-core_31bf3856ad364e35_6.0.6000.16386_none_e773a28cdcd5ef62\normaliz.dll
+ 2006-11-02 09:39:39 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-iologgingdll_31bf3856ad364e35_6.0.6000.16386_none_b4a74430ff7bd85d\iologmsg.dll
+ 2006-11-02 07:18:28 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-lsa-msprivs_31bf3856ad364e35_6.0.6000.16386_none_09e22f167e7ac9b3\msprivs.dll
+ 2006-11-02 12:34:47 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16386_none_9a286d400fd699af\mferror.dll
+ 2006-11-02 12:34:54 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6000.16386_none_a57f2ea4437cfc78\asferror.dll
+ 2006-11-02 12:34:50 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmerror_31bf3856ad364e35_6.0.6000.16386_none_351e30f1ba0b5cbe\wmerror.dll
+ 2006-11-02 09:41:09 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16386_none_86377e9e99eb1168\msxml3r.dll
+ 2007-08-14 18:05:18 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16500_none_8688000e99af9424\msxml3r.dll
+ 2007-08-14 18:05:18 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.20613_none_8709cdcbb2d29be4\msxml3r.dll
+ 2006-11-02 09:41:09 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16386_none_86373a4699eb5e4b\msxml6r.dll
+ 2007-08-14 18:03:47 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16472_none_863e0af099e6da25\msxml6r.dll
+ 2007-08-14 18:03:47 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.20582_none_86bcd7cfb30c95e0\msxml6r.dll
+ 2006-11-02 09:41:16 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-net-command-line-tool_31bf3856ad364e35_6.0.6000.16386_none_4ffb8f84758bff07\neth.dll
+ 2006-09-19 11:41:49 2,456 ----a-w c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6000.16386_none_d34ca8d7111fb859\bench_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6000.16386_none_d34ca8d7111fb859\house_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6000.16386_none_d34ca8d7111fb859\office_24.bin
+ 2006-11-02 07:38:48 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6000.16386_none_05b32edf092a8853\bridgeres.dll
+ 2006-11-02 07:38:59 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-networktopology_31bf3856ad364e35_6.0.6000.16386_none_cf1f3538fd925a7b\lltdres.dll
+ 2006-11-02 07:10:15 2,000 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\keyboard.drv
+ 2006-11-02 07:10:18 2,032 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\mouse.drv
+ 2006-11-02 07:10:16 1,744 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\sound.drv
+ 2006-11-02 07:10:17 2,176 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\vga.drv
+ 2006-11-02 07:10:15 2,000 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\keyboard.drv
+ 2006-11-02 07:10:18 2,032 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\mouse.drv
+ 2006-11-02 07:10:00 2,842 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\redir.exe
+ 2006-11-02 07:10:16 1,744 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\sound.drv
+ 2006-11-02 07:10:17 2,176 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\vga.drv
+ 2006-11-02 07:10:22 2,864 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WINSOCK.DLL
+ 2006-11-02 07:10:18 2,112 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WINSPOOL.EXE
+ 2006-11-02 07:10:27 2,864 ----a-w c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WOWDEB.EXE
+ 2006-11-02 07:08:53 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-oleaccrc_31bf3856ad364e35_6.0.6000.16386_none_76f32d528a780cf2\oleaccrc.dll
+ 2006-11-02 12:34:04 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-photosamples_31bf3856ad364e35_6.0.6000.16386_none_95425ac284e42b43\SampleRes.dll
+ 2006-11-02 07:39:56 1,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\penchs.dll
+ 2006-11-02 07:39:56 1,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\pencht.dll
+ 2006-11-02 07:39:56 1,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\penjpn.dll
+ 2006-11-02 07:39:56 1,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\penkor.dll
+ 2006-11-02 07:39:56 1,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\penusa.dll
+ 2006-11-02 07:39:56 1,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\pipres.dll
+ 2006-11-02 07:39:56 1,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\skchobj.dll
+ 2006-11-02 07:39:56 1,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\skchui.dll
+ 2008-12-21 21:12:44 712,704 ----a-w c:\windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.20867_none_94eb3a03bd3f8302\WindowsCodecs.dll
+ 2008-12-21 21:12:43 712,704 ----a-w c:\windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.22211_none_97018689ba42f034\WindowsCodecs.dll
+ 2008-12-21 21:12:44 347,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.20867_none_91fb4ef5d4c6df69\WindowsCodecsExt.dll
+ 2008-12-21 21:12:43 347,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.22211_none_94119b7bd1ca4c9b\WindowsCodecsExt.dll
+ 2006-11-02 09:43:00 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-winsock-legacy_31bf3856ad364e35_6.0.6000.16386_none_e12e74ad149badfc\rnr20.dll
+ 2006-11-02 07:15:27 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6000.16386_none_b71d411922ad8f1f\WmiApRes.dll
+ 2006-11-02 12:34:40 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6000.16386_none_a884bc8dc9d4ada2\smierrsm.dll
+ 2006-11-02 12:34:40 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6000.16386_none_a884bc8dc9d4ada2\smierrsy.dll
+ 2006-11-02 12:34:40 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6000.16386_none_a884bc8dc9d4ada2\smimsgif.dll
+ 2008-12-21 21:10:27 224,768 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcm90.dll
+ 2008-12-21 21:10:27 568,832 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll
+ 2008-12-21 21:10:27 655,872 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll
+ 2006-11-02 12:34:59 2,560 ----a-w c:\windows\winsxs\x86_wcf-m_sm_evt_dll_vista_31bf3856ad364e35_6.0.6000.16386_none_76336ee89b768fbf\ServiceModelEvents.dll
+ 2006-11-02 12:34:58 2,560 ----a-w c:\windows\winsxs\x86_wcf-m_sm_ins_rc_dll_31bf3856ad364e35_6.0.6000.16386_none_c6c5835b4cd99252\ServiceModelInstallRC.dll
+ 2000-08-31 07:00:00 68,096 ----a-w c:\windows\zip.exe
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SURF 64"="c:\programdata\Stupid Blah Blah.wr1kjtw" [X]
"Itch ford four knob"="c:\programdata\New dvd info.1xl0q" [X]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2006-10-23 1092152]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 94208]
"snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-20 228088]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2007-03-20 26112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-03-20 98304]
"PCMService"="c:\program files\Powercinema\PCMService.exe" [2006-11-15 151552]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"lxcymon.exe"="c:\program files\Lexmark 3400 Series\lxcymon.exe" [2006-03-06 286720]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-08-25 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-08-25 221184]
"HostManager"="c:\program files\Common Files\AOL\1165354343\ee\AOLSoftware.exe" [2006-11-14 50736]
"EzPrint"="c:\program files\Lexmark 3400 Series\ezprint.exe" [2006-02-07 98304]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 90112]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-11 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"MSConfig"="c:\windows\System32\msconfig.exe" [2006-11-02 222208]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe]

c:\users\Jean Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Outil de notification Live Search.lnk - c:\users\Jean Pierre\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe [2008-12-23 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiSpywareOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2019035810-2696012141-165755087-1002]
"EnableNotificationsRef"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2019035810-2696012141-165755087-1004]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{856D0C7E-D3BD-4075-B1FD-543969CB018A}"= UDP:c:\program files\Common Files\aol\acs\AOLDial.exe:AOL Autoconnect
"{D6A593E7-1A97-40F8-8648-F6C447039257}"= TCP:c:\program files\Common Files\aol\acs\AOLDial.exe:AOL Autoconnect
"{8E5AC1FB-B435-4F5E-AE2D-414AF38C7DEB}"= UDP:c:\program files\Common Files\aol\acs\AOLacsd.exe:module de connexion AOL
"{97AB9D1C-F4EE-4D18-8833-75F592909C30}"= TCP:c:\program files\Common Files\aol\acs\AOLacsd.exe:module de connexion AOL
"{2C83344D-F410-4023-8910-CBFD8F43BBAB}"= UDP:c:\program files\AOL 9.0 VR\waol.exe:AOL
"{8BEAE64F-1363-4DD6-8ABD-A35B9EC91FA1}"= TCP:c:\program files\AOL 9.0 VR\waol.exe:AOL
"{D7C35CF4-186A-4E0D-9281-B305D64DC137}"= UDP:c:\program files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{D9FD3DAC-29D6-480D-8798-1CBF1FB7AC87}"= TCP:c:\program files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{51390576-B234-4B8B-87A6-A2AE029835DE}"= UDP:c:\program files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{CFFFAA73-C1CF-406E-99E0-0CB1E66B60D6}"= TCP:c:\program files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{65EEB045-B14F-4281-BCE7-1B0D8C934B2E}"= UDP:c:\program files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{D52C5C19-73C2-44D8-9B9B-CA121B223116}"= TCP:c:\program files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{77CADF96-88D0-44CE-8BD0-6D485069DCB4}"= UDP:c:\program files\Powercinema\PowerCinema.exe:CyberLink PowerCinema
"{B187C589-2449-4CB8-BE1B-231CA7BDA581}"= TCP:c:\program files\Powercinema\PowerCinema.exe:CyberLink PowerCinema
"{D4041551-B1DB-4DD5-A0EB-9477843A1500}"= UDP:c:\program files\Powercinema\PCMService.exe:CyberLink PowerCinema Resident Program
"{520E2E90-D1F1-45E6-865B-CE9C7A1C474B}"= TCP:c:\program files\Powercinema\PCMService.exe:CyberLink PowerCinema Resident Program
"{C7832DCA-D1FF-471F-B457-2B1934FA3977}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{42338FDB-DC62-431D-94CB-111C3BBB482E}"= Profile=Public|c:\program files\Cyberlink\PowerDVD\PowerDVD.EXE:_this_program_will_be_deleted
"TCP Query User{CADBAF4F-ABA8-4186-9F7C-29D090E5D56F}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{06E24C66-4826-4DAB-ADC0-5D5B6E268D3D}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{5D9424B3-12DD-46C2-93B5-201B025DF8DA}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{6A9C2E36-4A48-418B-9712-D373C61514CD}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"TCP Query User{EF69E071-1A73-4FF1-85AB-E79EE5FCA535}c:\\users\\jean pierre\\appdata\\local\\temp\\rar$ex03.516\\emule0.48a\\emule.exe"= UDP:c:\users\jean pierre\appdata\local\temp\rar$ex03.516\emule0.48a\emule.exe:emule.exe
"UDP Query User{60D56F04-BE38-4BC0-8DEB-A74D81D9057F}c:\\users\\jean pierre\\appdata\\local\\temp\\rar$ex03.516\\emule0.48a\\emule.exe"= TCP:c:\users\jean pierre\appdata\local\temp\rar$ex03.516\emule0.48a\emule.exe:emule.exe
"TCP Query User{BA53B395-615C-4C40-8491-50F10A2FAA71}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{7213AD4B-52FC-4FCA-AC36-9EE325218FF8}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"{0C52A670-0157-4C42-A81A-5362181D82FD}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{89225C29-2267-468B-8DA7-774EF358190F}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{E8C52465-3E9B-4182-A23F-E628E1BB2FBE}c:\\program files\\flashget\\flashget.exe"= Disabled:UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{C52F1D5E-5C0E-4082-B1EB-04549934826B}c:\\program files\\flashget\\flashget.exe"= Disabled:TCP:c:\program files\flashget\flashget.exe:FlashGet
"{8CA2B4A6-E513-4DD4-9E46-77D880E83DA4}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{8B5D40C0-A11B-44FC-8A37-D24CC7E1AC21}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R3 lxcy_device;lxcy_device;c:\windows\system32\lxcycoms.exe -service []
S3 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-12-23 55264]
S3 fsssvc;Windows Live Contrôle parental;"c:\program files\Windows Live\Family Safety\fsssvc.exe" [2008-12-08 533344]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\Auto\command - F:\tel.xls.exe
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\tel.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{732bc802-999c-11dc-97a0-00038a000015}]
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\shell\Open(0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db90240e-faf0-11db-8351-00038a000015}]
\shell\AutoRun\command - K:\InstallTomTomHOME.exe
.
Contenu du dossier 'Tâches planifiées'

2009-01-01 c:\windows\Tasks\Extension de garantie.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2006-11-21 17:38]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{D282D975-81A5-46C6-B3E2-D49621652D98} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKCU-Run-ares - c:\program files\Ares\Ares.exe


.
------- Examen supplémentaire -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Recherche AOL Toolbar - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {5D57A919-4A96-4702-82C6-010B24DEDC39} = 213.36.80.1
FF - ProfilePath - c:\users\Jean Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\dudf071i.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://google.fr/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-01 13:51:01
Windows 6.0.6000 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2009-01-01 13:52:42
ComboFix-quarantined-files.txt 2009-01-01 12:52:39
ComboFix2.txt 2008-03-18 19:58:51
ComboFix3.txt 2008-03-14 21:57:38
ComboFix4.txt 2008-03-11 20:50:59
ComboFix5.txt 2008-03-11 18:20:07

Avant-CF: 85 961 924 608 octets libres
Après-CF: 85,934,039,040 octets libres

491 --- E O F --- 2007-12-05 13:02:34
1 Janvier 2009 19:14:07

Bonsoir halloum77,

as-tu encore ton souci?

A+ tard;).
1 Janvier 2009 22:26:21

ba écoute j'ai plus de fenetre qui s'ouvre par contre j'ai une petite question , je trouve que ma tour fait énormément de bruit est ce normal??
2 Janvier 2009 13:20:27

Bonjour,
Si j'ai encore des fenêtres (désolée) et je pense avoir 2 virus car j'ai antivir qui arrête pas depuis hier soir .
2 Janvier 2009 14:19:02

Bonjour halloum77,

dés que vous ouvrez une page Internet, vous vous retrouvez envahi(e) de fenêtres publicitaires nommées CiD, vous proposant de télécharger divers programmes, et vous ne savez plus quoi faire pour vous en débarrasser ? … Ces fenêtres révèlent en réalité la présence de l’adware Lop responsable de cette publicité intempestive dont vous êtes victime.
...
Cet adware s’installe lors de l’installation des logiciels suivants, en contrepartie de leur dite « gratuité » :

* Sponsors MSN plus !
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101
* ...
...
En revanche, seul MSN plus ! propose explicitement à l’internaute d’installer ou non le sponsor (responsable de cette publicité abusive). Et par la suite, permettre de désinstaller facilement le sponsor en question.
...
"POLITIQUE DE PROTECTION DE LA VIE PRIVÉE"

CiD vous fournit le produit logiciel (le « logiciel ») gratuitement ou à un prix réduit en échange de votre acceptation à recevoir des messages publicitaires et promotionnels livrés par CiD et des tiers à votre ordinateur basés en partie sur les
mots-clés des sites web que vous - ou tout autre utilisateur de l'ordinateur - visitez.
Le contenu complémentaire peut inclure des publicités, des promotions, des liens à des sites web tiers ou autres documentations livrés à votre ordinateur qui correspondent à ce qui vous intéresse, basés en partie sur des mots-clés trouvés sur les sites web que vous visitez. (...)"
...

Pour les autres programmes cités précédemment, c’est différent, car le fait de désinstaller le logiciel p2p ne supprimera pas pour autant le sponsor, car celui-ci est dissimulé dans un autre programme nommé "CiDhelp" (ou "CiD-quelquechose" dans certains cas).

Remarque : la plupart du temps, la publicité générée par l’adware lop propose elle-même de télécharger d’autres programmes gratuits, comme des jeux, des chaînes de TV et radios etc. … qui, une fois téléchargés, installeront à leur tour d’autres malwares comme : navipromo, le dialer instant access … eux aussi générateurs de pubs ! Résultat : une infection « en cascade » se traduisant par une invasion de publicités en tout genre !
1ère Méthode de désinfection : suppression manuelle

* Démarrer en mode sans échec
* Aller dans le menu Démarrer
* Cliquer sur panneau de configuration
* Choisir le module ajout/suppression de programmes
* Pour Msn plus! : il suffit de désinstaller le sponsor :

* Pour les logiciels p2p indiqués un peu plus haut : il faut chercher et supprimer le sponsor lié à CiD :
o Supprimer les programmes suivants si présents :
+ Cid help
+ Circle Developement
+ Adverts


http://www.commentcamarche.net/faq/sujet-5996-comment-b...

A+ tard;).



2 Janvier 2009 16:29:11

Re, alors pour les fenêtres CID c'est bon j'ai suivi ce qui était écrit dans tes liens et j'ai été dans panneau de configuration et j'ai désinstallé messenger plus car c'est lui qui ramené ça.
Par contre antivir m'a signalé à deux reprises un virus y aurait-il encore quelques choses ??looool
2 Janvier 2009 16:53:36

halloum77 a dit :
> y aurait-il encore quelques choses ??


> Oui...

*Télécharge LOP S&D (merci Eric71) : http://eric.71.mespages.googlepages.com/lop.sd.exe
-Double-clique dessus pour lancer l' installation, puis sur le raccourci Lop S&D présent sur ton Bureau.
-Sélectionne la langue souhaitée et choisis l' option 1 (Recherche).
-Patiente jusqu' à la fin du scan.
-Poste le rapport généré (situé également ici : C:\lopR.txt).

NB : Si le Bureau ne réapparaît pas, lance le gestionnaire des tâches en cliquant sur Ctrl+Alt+Suppr, ensuite onglet Fichier>Nouvelle tâche et tape explorer.exe puis valide).

A+ tard;).

2 Janvier 2009 18:15:53

http://www.zshare.net/image/5360036062ae5b93/
voici ce qui apparait toutes les deux minutes quand je fais la recherche avec LOP et si je ne clique pas sur fermer ça suspends la recherche c'est très agaçant ! car je dois rester devant l'ordinateur pour surveiller déjà que c'est long alors la ... lool
2 Janvier 2009 21:16:15

Re :) 
Après 3h pour faire LOP loool :pt1cable:  voici le rapport :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) D CPU 3.33GHz )
BIOS : Default System BIOS
USER : Jean Pierre ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:141 Go (Free:76 Go)
D:\ (CD or DVD)
E:\ (USB)
J:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/01/2009|18:07 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[30/11/2007|18:19] C:\Users\JEANPI~1\AppData\Local\ABBYY
[19/07/2007|17:46] C:\Users\JEANPI~1\AppData\Local\Adobe
[18/11/2007|18:10] C:\Users\JEANPI~1\AppData\Local\Ahead
[18/03/2007|12:09] C:\Users\JEANPI~1\AppData\Local\AOL
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Application Data
[11/03/2008|14:11] C:\Users\JEANPI~1\AppData\Local\Ares
[18/03/2007|12:10] C:\Users\JEANPI~1\AppData\Local\ATI
[01/01/2009|03:04] C:\Users\JEANPI~1\AppData\Local\Axialis
[22/11/2007|22:29] C:\Users\JEANPI~1\AppData\Local\d3d9caps.dat
[02/01/2009|00:16] C:\Users\JEANPI~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2008|09:32] C:\Users\JEANPI~1\AppData\Local\erheaqf.bat
[13/11/2007|20:53] C:\Users\JEANPI~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19/10/2008|22:05] C:\Users\JEANPI~1\AppData\Local\Google
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Historique
[01/01/2009|13:58] C:\Users\JEANPI~1\AppData\Local\IconCache.db
[30/12/2008|20:43] C:\Users\JEANPI~1\AppData\Local\Microsoft
[28/02/2008|20:48] C:\Users\JEANPI~1\AppData\Local\Microsoft Games
[18/01/2008|20:45] C:\Users\JEANPI~1\AppData\Local\Microsoft Help
[18/03/2007|13:26] C:\Users\JEANPI~1\AppData\Local\Mozilla
[15/11/2007|18:14] C:\Users\JEANPI~1\AppData\Local\Nero
[10/03/2008|12:23] C:\Users\JEANPI~1\AppData\Local\PowerCinema
[16/06/2008|11:38] C:\Users\JEANPI~1\AppData\Local\Shareaza
[02/01/2009|18:07] C:\Users\JEANPI~1\AppData\Local\Temp
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Temporary Internet Files
[21/03/2007|20:04] C:\Users\JEANPI~1\AppData\Local\VirtualStore
[05/04/2007|16:15] C:\Users\JEANPI~1\AppData\Local\WindowsUpdate

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[02/01/2009 17:59][--a------] C:\Windows\tasks\Extension de garantie.job
[01/01/2009 14:01][--ah-----] C:\Windows\tasks\SA.DAT
[01/01/2009 13:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[16/03/2008|21:14] C:\ProgramData\addr_file.html
[09/11/2008|23:16] C:\ProgramData\Adobe
[18/11/2007|18:07] C:\ProgramData\Ahead
[26/11/2007|23:35] C:\ProgramData\AOL
[02/11/2006|13:59] C:\ProgramData\Application Data
[12/11/2008|22:45] C:\ProgramData\Avira
[30/11/2007|15:05] C:\ProgramData\Brother
[18/03/2007|12:03] C:\ProgramData\Bureau
[10/11/2007|20:31] C:\ProgramData\CanonBJ
[09/11/2007|21:01] C:\ProgramData\CyberLink
[02/11/2006|13:59] C:\ProgramData\Desktop
[02/11/2006|13:59] C:\ProgramData\Documents
[16/07/2008|22:20] C:\ProgramData\eMule
[18/03/2007|12:03] C:\ProgramData\Favoris
[02/11/2006|13:59] C:\ProgramData\Favorites
[21/03/2007|19:41] C:\ProgramData\FaxCtr
[26/11/2007|23:15] C:\ProgramData\Google
[05/12/2006|22:38] C:\ProgramData\InstallShield
[18/03/2007|12:53] C:\ProgramData\LUInstall.LiveUpdate
[15/03/2008|22:13] C:\ProgramData\Malwarebytes
[18/03/2007|12:03] C:\ProgramData\Menu Démarrer
[21/12/2008|23:06] C:\ProgramData\Microsoft
[30/11/2007|17:35] C:\ProgramData\Microsoft Help
[18/03/2007|12:03] C:\ProgramData\Modèles
[29/05/2008|10:37] C:\ProgramData\muvee Technologies
[18/11/2007|18:01] C:\ProgramData\Nero
[26/12/2008|12:56] C:\ProgramData\New dvd info.1xl0q
[20/03/2007|17:28] C:\ProgramData\QuickTime
[30/11/2007|15:45] C:\ProgramData\ScanSoft
[05/12/2006|22:38] C:\ProgramData\Sonic
[02/11/2006|13:59] C:\ProgramData\Start Menu
[23/12/2008|22:57] C:\ProgramData\Stupid Blah Blah.35lp9i1
[02/01/2009|09:50] C:\ProgramData\Stupid Blah Blah.5149v
[02/01/2009|07:38] C:\ProgramData\Stupid Blah Blah.7cfrfg
[02/01/2009|15:18] C:\ProgramData\Stupid Blah Blah.825cmu
[02/01/2009|10:55] C:\ProgramData\Stupid Blah Blah.8q4g1vm
[02/01/2009|16:24] C:\ProgramData\Stupid Blah Blah.9xvmv
[02/01/2009|12:23] C:\ProgramData\Stupid Blah Blah.ab5qrp
[02/01/2009|12:01] C:\ProgramData\Stupid Blah Blah.ac4zjq
[02/01/2009|11:17] C:\ProgramData\Stupid Blah Blah.bhc5t
[02/01/2009|17:07] C:\ProgramData\Stupid Blah Blah.byx9ah
[02/01/2009|13:07] C:\ProgramData\Stupid Blah Blah.cdsi1
[02/01/2009|07:38] C:\ProgramData\Stupid Blah Blah.deiikkp
[02/01/2009|11:39] C:\ProgramData\Stupid Blah Blah.gfcek
[02/01/2009|09:28] C:\ProgramData\Stupid Blah Blah.hlzx1
[02/01/2009|08:44] C:\ProgramData\Stupid Blah Blah.i0vbb
[02/01/2009|08:22] C:\ProgramData\Stupid Blah Blah.jvl1b5
[02/01/2009|15:40] C:\ProgramData\Stupid Blah Blah.kkqqf
[02/01/2009|14:34] C:\ProgramData\Stupid Blah Blah.nk92ach
[02/01/2009|16:02] C:\ProgramData\Stupid Blah Blah.pobgcrq
[02/01/2009|16:46] C:\ProgramData\Stupid Blah Blah.qx7thu3
[02/01/2009|10:12] C:\ProgramData\Stupid Blah Blah.s7p9w
[02/01/2009|17:29] C:\ProgramData\Stupid Blah Blah.u43u7
[02/01/2009|13:50] C:\ProgramData\Stupid Blah Blah.ufk8g
[02/01/2009|13:29] C:\ProgramData\Stupid Blah Blah.ugw4bm
[02/01/2009|09:06] C:\ProgramData\Stupid Blah Blah.xkocwsd
[26/12/2008|12:55] C:\ProgramData\Stupid Blah Blah.y1lwcef
[02/01/2009|08:00] C:\ProgramData\Stupid Blah Blah.y400l
[02/01/2009|14:56] C:\ProgramData\Stupid Blah Blah.yiayc9
[02/01/2009|14:12] C:\ProgramData\Stupid Blah Blah.yunpk
[02/01/2009|17:51] C:\ProgramData\Stupid Blah Blah.z73p2l0
[02/01/2009|12:45] C:\ProgramData\Stupid Blah Blah.zdnmqov
[02/01/2009|10:34] C:\ProgramData\Stupid Blah Blah.zukqc
[23/12/2008|23:12] C:\ProgramData\Stupid Blah Blah.zw5d5
[05/04/2007|15:22] C:\ProgramData\Symantec
[02/11/2006|13:59] C:\ProgramData\Templates
[02/01/2009|07:39] C:\ProgramData\third lies itch ford
[02/01/2009|07:39] C:\ProgramData\thirdping
[02/01/2009|07:39] C:\ProgramData\WAY PILE FAST.stk9e
[23/12/2008|22:30] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[09/11/2008|23:16] C:\Program Files\Adobe
[08/03/2008|23:46] C:\Program Files\Adobe(0)
[01/04/2007|10:52] C:\Program Files\Alwil Software
[05/04/2007|17:52] C:\Program Files\AOL
[24/03/2008|14:27] C:\Program Files\a-squared Free
[14/11/2007|18:57] C:\Program Files\Athan
[05/12/2006|22:31] C:\Program Files\ATI Technologies
[12/11/2008|22:45] C:\Program Files\Avira
[30/11/2007|15:14] C:\Program Files\Brother
[31/12/2008|14:03] C:\Program Files\CCleaner
[01/01/2009|13:49] C:\Program Files\Common Files
[11/09/2008|10:59] C:\Program Files\Cyberlink
[24/11/2007|23:47] C:\Program Files\DVDVideoSoft
[22/04/2007|15:06] C:\Program Files\Elaborate Bytes
[06/02/2008|00:00] C:\Program Files\FlashGet
[19/10/2008|22:00] C:\Program Files\Google
[13/04/2008|19:12] C:\Program Files\InstallShield Installation Information
[01/12/2007|13:03] C:\Program Files\Internet Explorer
[11/11/2007|22:24] C:\Program Files\Islam
[11/12/2008|10:20] C:\Program Files\Java
[21/03/2007|19:42] C:\Program Files\Lexmark 3400 Series
[21/03/2007|19:39] C:\Program Files\Lexmark Toolbar
[17/06/2008|20:19] C:\Program Files\LimeWire
[11/06/2007|20:44] C:\Program Files\lx_cats
[15/03/2008|20:10] C:\Program Files\ma-config.com
[31/12/2008|14:27] C:\Program Files\Malwarebytes' Anti-Malware
[02/01/2009|16:26] C:\Program Files\Messenger Plus! Live
[14/11/2008|14:54] C:\Program Files\MessengerDiscovery
[23/12/2008|22:48] C:\Program Files\Microsoft
[13/05/2007|13:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:35] C:\Program Files\Microsoft Games
[29/03/2007|20:14] C:\Program Files\Microsoft Office
[21/12/2008|23:39] C:\Program Files\Microsoft Office Outlook Connector
[10/12/2007|14:08] C:\Program Files\Microsoft SQL Server Compact Edition
[29/03/2007|20:14] C:\Program Files\Microsoft Visual Studio
[26/11/2007|23:31] C:\Program Files\Microsoft Visual Studio 8
[29/03/2007|20:15] C:\Program Files\Microsoft Works
[29/03/2007|20:13] C:\Program Files\Microsoft.NET
[06/12/2006|07:17] C:\Program Files\Movie Maker
[02/01/2009|18:02] C:\Program Files\Mozilla Firefox
[29/03/2007|20:14] C:\Program Files\MSBuild
[02/11/2006|13:35] C:\Program Files\MSN
[30/12/2008|20:51] C:\Program Files\Navilog1
[18/11/2007|18:01] C:\Program Files\Nero
[05/12/2006|22:48] C:\Program Files\Packard Bell
[13/12/2007|22:52] C:\Program Files\Paltalk Messenger
[28/05/2008|13:31] C:\Program Files\PhotoFiltre
[05/12/2006|22:48] C:\Program Files\Powercinema
[20/03/2007|17:28] C:\Program Files\QuickTime
[20/03/2007|17:27] C:\Program Files\Real
[05/12/2006|22:30] C:\Program Files\Realtek
[02/11/2006|13:35] C:\Program Files\Reference Assemblies
[05/12/2006|22:38] C:\Program Files\Roxio
[30/11/2007|15:45] C:\Program Files\ScanSoft
[26/08/2008|12:21] C:\Program Files\Sun
[05/04/2007|15:21] C:\Program Files\Symantec
[02/01/2009|07:38] C:\Program Files\thirdping
[11/03/2008|17:26] C:\Program Files\Trend Micro
[09/11/2007|21:13] C:\Program Files\uTorrent
[19/09/2008|10:29] C:\Program Files\VideoLAN
[02/09/2007|11:35] C:\Program Files\Windows Calendar
[06/12/2006|07:17] C:\Program Files\Windows Collaboration
[11/04/2007|15:44] C:\Program Files\Windows Defender
[23/12/2008|22:48] C:\Program Files\Windows Live
[23/12/2008|22:46] C:\Program Files\Windows Live SkyDrive
[13/11/2007|19:49] C:\Program Files\Windows Mail
[26/11/2007|23:32] C:\Program Files\Windows Media Player
[26/11/2007|23:32] C:\Program Files\Windows NT
[06/12/2006|07:17] C:\Program Files\Windows Photo Gallery
[26/11/2007|23:32] C:\Program Files\Windows Sidebar
[29/07/2007|18:26] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[09/11/2008|23:16] C:\Program Files\Common Files\Adobe
[08/03/2008|23:47] C:\Program Files\Common Files\Adobe(96)
[18/11/2007|18:06] C:\Program Files\Common Files\Ahead
[27/01/2008|22:38] C:\Program Files\Common Files\aol
[20/03/2007|17:29] C:\Program Files\Common Files\aolback
[27/01/2008|22:38] C:\Program Files\Common Files\AOLSHARE
[09/11/2007|17:57] C:\Program Files\Common Files\Canon
[29/03/2007|20:14] C:\Program Files\Common Files\DESIGNER
[24/11/2007|23:47] C:\Program Files\Common Files\DVDVideoSoft
[30/11/2007|15:14] C:\Program Files\Common Files\InstallShield
[24/05/2008|12:43] C:\Program Files\Common Files\Java
[21/12/2008|23:38] C:\Program Files\Common Files\microsoft shared
[05/12/2006|22:34] C:\Program Files\Common Files\Nullsoft
[20/03/2007|17:27] C:\Program Files\Common Files\Real
[05/12/2006|22:38] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[09/11/2007|18:16] C:\Program Files\Common Files\snpstd
[05/12/2006|22:38] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[05/12/2006|22:38] C:\Program Files\Common Files\SureThing Shared
[05/04/2007|15:24] C:\Program Files\Common Files\Symantec Shared
[21/12/2008|23:39] C:\Program Files\Common Files\System
[21/12/2008|22:02] C:\Program Files\Common Files\Windows Live
[10/12/2007|14:06] C:\Program Files\Common Files\WindowsLiveInstaller
[10/03/2008|15:22] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 76 Processes )

iexplore.exe ~ [PID:6044]
iexplore.exe ~ [PID:4868]
iexplore.exe ~ [PID:540]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\third lies itch ford
C:\ProgramData\third lies itch ford\Site 16.dat
C:\ProgramData\third lies itch ford\Site 16.exe
C:\Users\JEANPI~1\AppData\Local\Temp\sta9F77.exe
C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies\jean_pierre@advertising[1].txt
C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies\jean_pierre@pacificpoker[1].txt
C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies\jean_pierre@partypoker[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-02 18:16:28
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 4

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\JEANPI~1\AppData\Roaming\uTorrent\(ES) Avast.Anti Virus Pro 4.7.1098+keygen.torrent


[F:33][D:4]-> C:\Users\JEANPI~1\AppData\Local\Temp
[F:60][D:1]-> C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:809][D:4]-> C:\Users\JEANPI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:29][D:12]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 02/01/2009|21:06 - Option : [1]

--------------------\\ Fin du rapport a 21:06:22
[ UAC => 1 ]

2 Janvier 2009 21:27:31

halloum77 a dit :
> --------------------\\ Cracks & Keygens ..

C:\Users\JEANPI~1\AppData\Roaming\uTorrent\(ES) Avast.Anti Virus Pro 4.7.1098+keygen.torrent


Bonsoir halloum77,

> :non: 

* Double-clique sur le raccourci LOP S&D et choisis l' option 3. Cela va supprimer l' infection.
* A la fin de celle-ci, une recherche sera re-lancée.
* Le bloc-note s' ouvre. Poste son contenu dans ta prochaine réponse.

A+ tard;).
3 Janvier 2009 02:20:13

Re , j'espère que je n'aurais plus cette manipulation à faire ça prends des heures !!! et toutes les deux minutes je dois cliquer sur la fenêtre la sinon ça stop la recherche

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) D CPU 3.33GHz )
BIOS : Default System BIOS
USER : Jean Pierre ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:141 Go (Free:74 Go)
D:\ (CD or DVD)
E:\ (USB)
J:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( 02/01/2009|22:45 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\third lies itch ford\Site 16.dat
Supprime! - C:\ProgramData\third lies itch ford\Site 16.exe
Supprime! - C:\Users\JEANPI~1\AppData\Local\Temp\sta9F77.exe
Supprime! - C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies\jean_pierre@advertising[1].txt
Supprime! - C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies\jean_pierre@pacificpoker[1].txt
Supprime! - C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies\jean_pierre@partypoker[1].txt
Supprime! - C:\ProgramData\third lies itch ford

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[30/11/2007|18:19] C:\Users\JEANPI~1\AppData\Local\ABBYY
[19/07/2007|17:46] C:\Users\JEANPI~1\AppData\Local\Adobe
[18/11/2007|18:10] C:\Users\JEANPI~1\AppData\Local\Ahead
[18/03/2007|12:09] C:\Users\JEANPI~1\AppData\Local\AOL
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Application Data
[11/03/2008|14:11] C:\Users\JEANPI~1\AppData\Local\Ares
[18/03/2007|12:10] C:\Users\JEANPI~1\AppData\Local\ATI
[01/01/2009|03:04] C:\Users\JEANPI~1\AppData\Local\Axialis
[22/11/2007|22:29] C:\Users\JEANPI~1\AppData\Local\d3d9caps.dat
[02/01/2009|00:16] C:\Users\JEANPI~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2008|09:32] C:\Users\JEANPI~1\AppData\Local\erheaqf.bat
[13/11/2007|20:53] C:\Users\JEANPI~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19/10/2008|22:05] C:\Users\JEANPI~1\AppData\Local\Google
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Historique
[01/01/2009|13:58] C:\Users\JEANPI~1\AppData\Local\IconCache.db
[30/12/2008|20:43] C:\Users\JEANPI~1\AppData\Local\Microsoft
[28/02/2008|20:48] C:\Users\JEANPI~1\AppData\Local\Microsoft Games
[18/01/2008|20:45] C:\Users\JEANPI~1\AppData\Local\Microsoft Help
[18/03/2007|13:26] C:\Users\JEANPI~1\AppData\Local\Mozilla
[15/11/2007|18:14] C:\Users\JEANPI~1\AppData\Local\Nero
[10/03/2008|12:23] C:\Users\JEANPI~1\AppData\Local\PowerCinema
[16/06/2008|11:38] C:\Users\JEANPI~1\AppData\Local\Shareaza
[02/01/2009|22:45] C:\Users\JEANPI~1\AppData\Local\Temp
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Temporary Internet Files
[21/03/2007|20:04] C:\Users\JEANPI~1\AppData\Local\VirtualStore
[05/04/2007|16:15] C:\Users\JEANPI~1\AppData\Local\WindowsUpdate

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[02/01/2009 22:30][--a------] C:\Windows\tasks\Extension de garantie.job
[01/01/2009 14:01][--ah-----] C:\Windows\tasks\SA.DAT
[01/01/2009 13:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[16/03/2008|21:14] C:\ProgramData\addr_file.html
[09/11/2008|23:16] C:\ProgramData\Adobe
[18/11/2007|18:07] C:\ProgramData\Ahead
[26/11/2007|23:35] C:\ProgramData\AOL
[02/11/2006|13:59] C:\ProgramData\Application Data
[12/11/2008|22:45] C:\ProgramData\Avira
[30/11/2007|15:05] C:\ProgramData\Brother
[18/03/2007|12:03] C:\ProgramData\Bureau
[10/11/2007|20:31] C:\ProgramData\CanonBJ
[09/11/2007|21:01] C:\ProgramData\CyberLink
[02/11/2006|13:59] C:\ProgramData\Desktop
[02/11/2006|13:59] C:\ProgramData\Documents
[16/07/2008|22:20] C:\ProgramData\eMule
[18/03/2007|12:03] C:\ProgramData\Favoris
[02/11/2006|13:59] C:\ProgramData\Favorites
[21/03/2007|19:41] C:\ProgramData\FaxCtr
[26/11/2007|23:15] C:\ProgramData\Google
[05/12/2006|22:38] C:\ProgramData\InstallShield
[18/03/2007|12:53] C:\ProgramData\LUInstall.LiveUpdate
[15/03/2008|22:13] C:\ProgramData\Malwarebytes
[18/03/2007|12:03] C:\ProgramData\Menu Démarrer
[21/12/2008|23:06] C:\ProgramData\Microsoft
[30/11/2007|17:35] C:\ProgramData\Microsoft Help
[18/03/2007|12:03] C:\ProgramData\Modèles
[29/05/2008|10:37] C:\ProgramData\muvee Technologies
[18/11/2007|18:01] C:\ProgramData\Nero
[26/12/2008|12:56] C:\ProgramData\New dvd info.1xl0q
[20/03/2007|17:28] C:\ProgramData\QuickTime
[30/11/2007|15:45] C:\ProgramData\ScanSoft
[05/12/2006|22:38] C:\ProgramData\Sonic
[02/11/2006|13:59] C:\ProgramData\Start Menu
[02/01/2009|18:13] C:\ProgramData\Stupid Blah Blah.1ieg1f
[02/01/2009|18:35] C:\ProgramData\Stupid Blah Blah.1nt9sgn
[02/01/2009|20:46] C:\ProgramData\Stupid Blah Blah.216zzf
[23/12/2008|22:57] C:\ProgramData\Stupid Blah Blah.35lp9i1
[02/01/2009|09:50] C:\ProgramData\Stupid Blah Blah.5149v
[02/01/2009|07:38] C:\ProgramData\Stupid Blah Blah.7cfrfg
[02/01/2009|21:52] C:\ProgramData\Stupid Blah Blah.7oalxl4
[02/01/2009|15:18] C:\ProgramData\Stupid Blah Blah.825cmu
[02/01/2009|10:55] C:\ProgramData\Stupid Blah Blah.8q4g1vm
[02/01/2009|19:19] C:\ProgramData\Stupid Blah Blah.93p89
[02/01/2009|16:24] C:\ProgramData\Stupid Blah Blah.9xvmv
[02/01/2009|22:36] C:\ProgramData\Stupid Blah Blah.a5l3p8
[02/01/2009|12:23] C:\ProgramData\Stupid Blah Blah.ab5qrp
[02/01/2009|12:01] C:\ProgramData\Stupid Blah Blah.ac4zjq
[02/01/2009|11:17] C:\ProgramData\Stupid Blah Blah.bhc5t
[02/01/2009|17:07] C:\ProgramData\Stupid Blah Blah.byx9ah
[02/01/2009|13:07] C:\ProgramData\Stupid Blah Blah.cdsi1
[02/01/2009|07:38] C:\ProgramData\Stupid Blah Blah.deiikkp
[02/01/2009|20:03] C:\ProgramData\Stupid Blah Blah.dum4xxw
[02/01/2009|18:57] C:\ProgramData\Stupid Blah Blah.fiiis
[02/01/2009|11:39] C:\ProgramData\Stupid Blah Blah.gfcek
[02/01/2009|09:28] C:\ProgramData\Stupid Blah Blah.hlzx1
[02/01/2009|08:44] C:\ProgramData\Stupid Blah Blah.i0vbb
[02/01/2009|08:22] C:\ProgramData\Stupid Blah Blah.jvl1b5
[02/01/2009|15:40] C:\ProgramData\Stupid Blah Blah.kkqqf
[02/01/2009|21:08] C:\ProgramData\Stupid Blah Blah.m8k5t
[02/01/2009|20:25] C:\ProgramData\Stupid Blah Blah.mxx5d
[02/01/2009|14:34] C:\ProgramData\Stupid Blah Blah.nk92ach
[02/01/2009|16:02] C:\ProgramData\Stupid Blah Blah.pobgcrq
[02/01/2009|16:46] C:\ProgramData\Stupid Blah Blah.qx7thu3
[02/01/2009|19:41] C:\ProgramData\Stupid Blah Blah.r6qa1
[02/01/2009|22:14] C:\ProgramData\Stupid Blah Blah.rx6qc2
[02/01/2009|10:12] C:\ProgramData\Stupid Blah Blah.s7p9w
[02/01/2009|17:29] C:\ProgramData\Stupid Blah Blah.u43u7
[02/01/2009|13:50] C:\ProgramData\Stupid Blah Blah.ufk8g
[02/01/2009|13:29] C:\ProgramData\Stupid Blah Blah.ugw4bm
[02/01/2009|21:30] C:\ProgramData\Stupid Blah Blah.x5fa8
[02/01/2009|09:06] C:\ProgramData\Stupid Blah Blah.xkocwsd
[26/12/2008|12:55] C:\ProgramData\Stupid Blah Blah.y1lwcef
[02/01/2009|08:00] C:\ProgramData\Stupid Blah Blah.y400l
[02/01/2009|14:56] C:\ProgramData\Stupid Blah Blah.yiayc9
[02/01/2009|14:12] C:\ProgramData\Stupid Blah Blah.yunpk
[02/01/2009|17:51] C:\ProgramData\Stupid Blah Blah.z73p2l0
[02/01/2009|12:45] C:\ProgramData\Stupid Blah Blah.zdnmqov
[02/01/2009|10:34] C:\ProgramData\Stupid Blah Blah.zukqc
[23/12/2008|23:12] C:\ProgramData\Stupid Blah Blah.zw5d5
[05/04/2007|15:22] C:\ProgramData\Symantec
[02/11/2006|13:59] C:\ProgramData\Templates
[02/01/2009|07:39] C:\ProgramData\thirdping
[02/01/2009|07:39] C:\ProgramData\WAY PILE FAST.stk9e
[23/12/2008|22:30] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[09/11/2008|23:16] C:\Program Files\Adobe
[08/03/2008|23:46] C:\Program Files\Adobe(0)
[01/04/2007|10:52] C:\Program Files\Alwil Software
[05/04/2007|17:52] C:\Program Files\AOL
[24/03/2008|14:27] C:\Program Files\a-squared Free
[14/11/2007|18:57] C:\Program Files\Athan
[05/12/2006|22:31] C:\Program Files\ATI Technologies
[12/11/2008|22:45] C:\Program Files\Avira
[30/11/2007|15:14] C:\Program Files\Brother
[31/12/2008|14:03] C:\Program Files\CCleaner
[01/01/2009|13:49] C:\Program Files\Common Files
[11/09/2008|10:59] C:\Program Files\Cyberlink
[24/11/2007|23:47] C:\Program Files\DVDVideoSoft
[22/04/2007|15:06] C:\Program Files\Elaborate Bytes
[06/02/2008|00:00] C:\Program Files\FlashGet
[19/10/2008|22:00] C:\Program Files\Google
[13/04/2008|19:12] C:\Program Files\InstallShield Installation Information
[01/12/2007|13:03] C:\Program Files\Internet Explorer
[11/11/2007|22:24] C:\Program Files\Islam
[11/12/2008|10:20] C:\Program Files\Java
[21/03/2007|19:42] C:\Program Files\Lexmark 3400 Series
[21/03/2007|19:39] C:\Program Files\Lexmark Toolbar
[17/06/2008|20:19] C:\Program Files\LimeWire
[11/06/2007|20:44] C:\Program Files\lx_cats
[15/03/2008|20:10] C:\Program Files\ma-config.com
[31/12/2008|14:27] C:\Program Files\Malwarebytes' Anti-Malware
[02/01/2009|16:26] C:\Program Files\Messenger Plus! Live
[14/11/2008|14:54] C:\Program Files\MessengerDiscovery
[23/12/2008|22:48] C:\Program Files\Microsoft
[13/05/2007|13:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:35] C:\Program Files\Microsoft Games
[29/03/2007|20:14] C:\Program Files\Microsoft Office
[21/12/2008|23:39] C:\Program Files\Microsoft Office Outlook Connector
[10/12/2007|14:08] C:\Program Files\Microsoft SQL Server Compact Edition
[29/03/2007|20:14] C:\Program Files\Microsoft Visual Studio
[26/11/2007|23:31] C:\Program Files\Microsoft Visual Studio 8
[29/03/2007|20:15] C:\Program Files\Microsoft Works
[29/03/2007|20:13] C:\Program Files\Microsoft.NET
[06/12/2006|07:17] C:\Program Files\Movie Maker
[02/01/2009|22:40] C:\Program Files\Mozilla Firefox
[29/03/2007|20:14] C:\Program Files\MSBuild
[02/11/2006|13:35] C:\Program Files\MSN
[30/12/2008|20:51] C:\Program Files\Navilog1
[18/11/2007|18:01] C:\Program Files\Nero
[05/12/2006|22:48] C:\Program Files\Packard Bell
[13/12/2007|22:52] C:\Program Files\Paltalk Messenger
[28/05/2008|13:31] C:\Program Files\PhotoFiltre
[05/12/2006|22:48] C:\Program Files\Powercinema
[20/03/2007|17:28] C:\Program Files\QuickTime
[20/03/2007|17:27] C:\Program Files\Real
[05/12/2006|22:30] C:\Program Files\Realtek
[02/11/2006|13:35] C:\Program Files\Reference Assemblies
[05/12/2006|22:38] C:\Program Files\Roxio
[30/11/2007|15:45] C:\Program Files\ScanSoft
[26/08/2008|12:21] C:\Program Files\Sun
[05/04/2007|15:21] C:\Program Files\Symantec
[02/01/2009|07:38] C:\Program Files\thirdping
[11/03/2008|17:26] C:\Program Files\Trend Micro
[09/11/2007|21:13] C:\Program Files\uTorrent
[19/09/2008|10:29] C:\Program Files\VideoLAN
[02/09/2007|11:35] C:\Program Files\Windows Calendar
[06/12/2006|07:17] C:\Program Files\Windows Collaboration
[11/04/2007|15:44] C:\Program Files\Windows Defender
[23/12/2008|22:48] C:\Program Files\Windows Live
[23/12/2008|22:46] C:\Program Files\Windows Live SkyDrive
[13/11/2007|19:49] C:\Program Files\Windows Mail
[26/11/2007|23:32] C:\Program Files\Windows Media Player
[26/11/2007|23:32] C:\Program Files\Windows NT
[06/12/2006|07:17] C:\Program Files\Windows Photo Gallery
[26/11/2007|23:32] C:\Program Files\Windows Sidebar
[29/07/2007|18:26] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[09/11/2008|23:16] C:\Program Files\Common Files\Adobe
[08/03/2008|23:47] C:\Program Files\Common Files\Adobe(96)
[18/11/2007|18:06] C:\Program Files\Common Files\Ahead
[27/01/2008|22:38] C:\Program Files\Common Files\aol
[20/03/2007|17:29] C:\Program Files\Common Files\aolback
[27/01/2008|22:38] C:\Program Files\Common Files\AOLSHARE
[09/11/2007|17:57] C:\Program Files\Common Files\Canon
[29/03/2007|20:14] C:\Program Files\Common Files\DESIGNER
[24/11/2007|23:47] C:\Program Files\Common Files\DVDVideoSoft
[30/11/2007|15:14] C:\Program Files\Common Files\InstallShield
[24/05/2008|12:43] C:\Program Files\Common Files\Java
[21/12/2008|23:38] C:\Program Files\Common Files\microsoft shared
[05/12/2006|22:34] C:\Program Files\Common Files\Nullsoft
[20/03/2007|17:27] C:\Program Files\Common Files\Real
[05/12/2006|22:38] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[09/11/2007|18:16] C:\Program Files\Common Files\snpstd
[05/12/2006|22:38] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[05/12/2006|22:38] C:\Program Files\Common Files\SureThing Shared
[05/04/2007|15:24] C:\Program Files\Common Files\Symantec Shared
[21/12/2008|23:39] C:\Program Files\Common Files\System
[21/12/2008|22:02] C:\Program Files\Common Files\Windows Live
[10/12/2007|14:06] C:\Program Files\Common Files\WindowsLiveInstaller
[10/03/2008|15:22] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 73 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-02 22:53:31
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 4

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\JEANPI~1\AppData\Roaming\uTorrent\(ES) Avast.Anti Virus Pro 4.7.1098+keygen.torrent


[F:45][D:4]-> C:\Users\JEANPI~1\AppData\Local\Temp
[F:57][D:1]-> C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:867][D:4]-> C:\Users\JEANPI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:10][D:6]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 02/01/2009|21:06 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 03/01/2009| 2:17 - Option : [3]

--------------------\\ Fin du rapport a 2:17:05
[ UAC => 1 ]

3 Janvier 2009 14:03:12

Bonjour par contre c'est normal que ça marque ça"BIOS : Default System BIOS "?? ça m'inquiète et vous n'avez pas répondu à ma question l'autre fois vous n'avez peut être pas vu" est ce que c'est normal que ma tour fasse constamment beaucoup de bruit?"
3 Janvier 2009 15:13:39

halloum77 a dit :
1] ma tour fait énormément de bruit est ce normal?? 2] c'est normal que ça marque ça"BIOS : Default System BIOS "??



Bonjour halloum77,

1] Non...

2] Je vais aux infos.

A+ tard;).

Ps : Ta machine était et est encore surinfectée.
3 Janvier 2009 17:04:44

Re, alors pour messenger plus oui je l'ai supprimé dans ajout et suppression de programme ensuite pour les logiciel P2P j'en ai pas j'avais shéaraza et j'ai eu emule mais ça au moins 1mois que tout est désinstallé actuellement j'ai utorrent et c'est tout et je l'ai toujours eu ce n'est pas ça qui me pose probleme.
et je n'est pas utilisé combofix plusieurs fois !! j'ai fait exactement ce que tu m'as dit !
Maintenant pourquoi dis tu que je pourris ma machine!!!!!
3 Janvier 2009 22:14:03

Bon alors qu'est ce qu'on fait vous m'aidez toujours ou pas????
4 Janvier 2009 01:48:25

Bonsoir halloum77,

désactive le Contrôle des comptes utilisateurs (UAC, tu le réactiveras après la désinfection) :

- Va dans démarrer>Panneau de configuration
- Double-clique sur l' icône Comptes d' utilisateurs
- Clique ensuite sur désactiver puis valide

Sélectionne entièrement la liste ci-dessous, puis clic-droit>Copier :

[26/12/2008|12:56] C:\ProgramData\New dvd info.1xl0q
[02/01/2009|18:13] C:\ProgramData\Stupid Blah Blah.1ieg1f
[02/01/2009|18:35] C:\ProgramData\Stupid Blah Blah.1nt9sgn
[02/01/2009|20:46] C:\ProgramData\Stupid Blah Blah.216zzf
[23/12/2008|22:57] C:\ProgramData\Stupid Blah Blah.35lp9i1
[02/01/2009|09:50] C:\ProgramData\Stupid Blah Blah.5149v
[02/01/2009|07:38] C:\ProgramData\Stupid Blah Blah.7cfrfg
[02/01/2009|21:52] C:\ProgramData\Stupid Blah Blah.7oalxl4
[02/01/2009|15:18] C:\ProgramData\Stupid Blah Blah.825cmu
[02/01/2009|10:55] C:\ProgramData\Stupid Blah Blah.8q4g1vm
[02/01/2009|19:19] C:\ProgramData\Stupid Blah Blah.93p89
[02/01/2009|16:24] C:\ProgramData\Stupid Blah Blah.9xvmv
[02/01/2009|22:36] C:\ProgramData\Stupid Blah Blah.a5l3p8
[02/01/2009|12:23] C:\ProgramData\Stupid Blah Blah.ab5qrp
[02/01/2009|12:01] C:\ProgramData\Stupid Blah Blah.ac4zjq
[02/01/2009|11:17] C:\ProgramData\Stupid Blah Blah.bhc5t
[02/01/2009|17:07] C:\ProgramData\Stupid Blah Blah.byx9ah
[02/01/2009|13:07] C:\ProgramData\Stupid Blah Blah.cdsi1
[02/01/2009|07:38] C:\ProgramData\Stupid Blah Blah.deiikkp
[02/01/2009|20:03] C:\ProgramData\Stupid Blah Blah.dum4xxw
[02/01/2009|18:57] C:\ProgramData\Stupid Blah Blah.fiiis
[02/01/2009|11:39] C:\ProgramData\Stupid Blah Blah.gfcek
[02/01/2009|09:28] C:\ProgramData\Stupid Blah Blah.hlzx1
[02/01/2009|08:44] C:\ProgramData\Stupid Blah Blah.i0vbb
[02/01/2009|08:22] C:\ProgramData\Stupid Blah Blah.jvl1b5
[02/01/2009|15:40] C:\ProgramData\Stupid Blah Blah.kkqqf
[02/01/2009|21:08] C:\ProgramData\Stupid Blah Blah.m8k5t
[02/01/2009|20:25] C:\ProgramData\Stupid Blah Blah.mxx5d
[02/01/2009|14:34] C:\ProgramData\Stupid Blah Blah.nk92ach
[02/01/2009|16:02] C:\ProgramData\Stupid Blah Blah.pobgcrq
[02/01/2009|16:46] C:\ProgramData\Stupid Blah Blah.qx7thu3
[02/01/2009|19:41] C:\ProgramData\Stupid Blah Blah.r6qa1
[02/01/2009|22:14] C:\ProgramData\Stupid Blah Blah.rx6qc2
[02/01/2009|10:12] C:\ProgramData\Stupid Blah Blah.s7p9w
[02/01/2009|17:29] C:\ProgramData\Stupid Blah Blah.u43u7
[02/01/2009|13:50] C:\ProgramData\Stupid Blah Blah.ufk8g
[02/01/2009|13:29] C:\ProgramData\Stupid Blah Blah.ugw4bm
[02/01/2009|21:30] C:\ProgramData\Stupid Blah Blah.x5fa8
[02/01/2009|09:06] C:\ProgramData\Stupid Blah Blah.xkocwsd
[26/12/2008|12:55] C:\ProgramData\Stupid Blah Blah.y1lwcef
[02/01/2009|08:00] C:\ProgramData\Stupid Blah Blah.y400l
[02/01/2009|14:56] C:\ProgramData\Stupid Blah Blah.yiayc9
[02/01/2009|14:12] C:\ProgramData\Stupid Blah Blah.yunpk
[02/01/2009|17:51] C:\ProgramData\Stupid Blah Blah.z73p2l0
[02/01/2009|12:45] C:\ProgramData\Stupid Blah Blah.zdnmqov
[02/01/2009|10:34] C:\ProgramData\Stupid Blah Blah.zukqc
[23/12/2008|23:12] C:\ProgramData\Stupid Blah Blah.zw5d5
[02/01/2009|07:39] C:\ProgramData\thirdping
[02/01/2009|07:39] C:\ProgramData\WAY PILE FAST.stk9e

*Relance Lop S&D
-Choisis l' option 4 (LopScript)
-Une page blanche s 'ouvre, clic-droit>Coller
-Ferme celle-ci, il te sera demandé de l'enregistrer, clique sur [Enregistrer]
-Ne ferme pas la fenêtre lors de la suppression!
-Poste le rapport.

A+ tard;).

Ps : Merci no.ppp
4 Janvier 2009 14:12:14

Bonjour , après je sais combien d'heures d'attente pour finir LOP S&D...je me suis endormie loool voici le rapport:

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) D CPU 3.33GHz )
BIOS : Default System BIOS
USER : Jean Pierre ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:141 Go (Free:69 Go)
D:\ (CD or DVD)
E:\ (USB)
J:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [4] ( 04/01/2009| 2:44 )

[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

[26/12/2008|12:56] C:\ProgramData\New dvd info.1xl0q
[02/01/2009|18:13] C:\ProgramData\Stupid Blah Blah.1ieg1f
[02/01/2009|18:35] C:\ProgramData\Stupid Blah Blah.1nt9sgn
[02/01/2009|20:46] C:\ProgramData\Stupid Blah Blah.216zzf
[23/12/2008|22:57] C:\ProgramData\Stupid Blah Blah.35lp9i1
[02/01/2009|09:50] C:\ProgramData\Stupid Blah Blah.5149v
[02/01/2009|07:38] C:\ProgramData\Stupid Blah Blah.7cfrfg
[02/01/2009|21:52] C:\ProgramData\Stupid Blah Blah.7oalxl4
[02/01/2009|15:18] C:\ProgramData\Stupid Blah Blah.825cmu
[02/01/2009|10:55] C:\ProgramData\Stupid Blah Blah.8q4g1vm
[02/01/2009|19:19] C:\ProgramData\Stupid Blah Blah.93p89
[02/01/2009|16:24] C:\ProgramData\Stupid Blah Blah.9xvmv
[02/01/2009|22:36] C:\ProgramData\Stupid Blah Blah.a5l3p8
[02/01/2009|12:23] C:\ProgramData\Stupid Blah Blah.ab5qrp
[02/01/2009|12:01] C:\ProgramData\Stupid Blah Blah.ac4zjq
[02/01/2009|11:17] C:\ProgramData\Stupid Blah Blah.bhc5t
[02/01/2009|17:07] C:\ProgramData\Stupid Blah Blah.byx9ah
[02/01/2009|13:07] C:\ProgramData\Stupid Blah Blah.cdsi1
[02/01/2009|07:38] C:\ProgramData\Stupid Blah Blah.deiikkp
[02/01/2009|20:03] C:\ProgramData\Stupid Blah Blah.dum4xxw
[02/01/2009|18:57] C:\ProgramData\Stupid Blah Blah.fiiis
[02/01/2009|11:39] C:\ProgramData\Stupid Blah Blah.gfcek
[02/01/2009|09:28] C:\ProgramData\Stupid Blah Blah.hlzx1
[02/01/2009|08:44] C:\ProgramData\Stupid Blah Blah.i0vbb
[02/01/2009|08:22] C:\ProgramData\Stupid Blah Blah.jvl1b5
[02/01/2009|15:40] C:\ProgramData\Stupid Blah Blah.kkqqf
[02/01/2009|21:08] C:\ProgramData\Stupid Blah Blah.m8k5t
[02/01/2009|20:25] C:\ProgramData\Stupid Blah Blah.mxx5d
[02/01/2009|14:34] C:\ProgramData\Stupid Blah Blah.nk92ach
[02/01/2009|16:02] C:\ProgramData\Stupid Blah Blah.pobgcrq
[02/01/2009|16:46] C:\ProgramData\Stupid Blah Blah.qx7thu3
[02/01/2009|19:41] C:\ProgramData\Stupid Blah Blah.r6qa1
[02/01/2009|22:14] C:\ProgramData\Stupid Blah Blah.rx6qc2
[02/01/2009|10:12] C:\ProgramData\Stupid Blah Blah.s7p9w
[02/01/2009|17:29] C:\ProgramData\Stupid Blah Blah.u43u7
[02/01/2009|13:50] C:\ProgramData\Stupid Blah Blah.ufk8g
[02/01/2009|13:29] C:\ProgramData\Stupid Blah Blah.ugw4bm
[02/01/2009|21:30] C:\ProgramData\Stupid Blah Blah.x5fa8
[02/01/2009|09:06] C:\ProgramData\Stupid Blah Blah.xkocwsd
[26/12/2008|12:55] C:\ProgramData\Stupid Blah Blah.y1lwcef
[02/01/2009|08:00] C:\ProgramData\Stupid Blah Blah.y400l
[02/01/2009|14:56] C:\ProgramData\Stupid Blah Blah.yiayc9
[02/01/2009|14:12] C:\ProgramData\Stupid Blah Blah.yunpk
[02/01/2009|17:51] C:\ProgramData\Stupid Blah Blah.z73p2l0
[02/01/2009|12:45] C:\ProgramData\Stupid Blah Blah.zdnmqov
[02/01/2009|10:34] C:\ProgramData\Stupid Blah Blah.zukqc
[23/12/2008|23:12] C:\ProgramData\Stupid Blah Blah.zw5d5
[02/01/2009|07:39] C:\ProgramData\thirdping
[02/01/2009|07:39] C:\ProgramData\WAY PILE FAST.stk9e


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

... [26/12/2008|12:56] C:\ProgramData\New dvd info.1xl0q -> n'existe pas !
... [02/01/2009|18:13] C:\ProgramData\Stupid Blah Blah.1ieg1f -> n'existe pas !
... [02/01/2009|18:35] C:\ProgramData\Stupid Blah Blah.1nt9sgn -> n'existe pas !
... [02/01/2009|20:46] C:\ProgramData\Stupid Blah Blah.216zzf -> n'existe pas !
... [23/12/2008|22:57] C:\ProgramData\Stupid Blah Blah.35lp9i1 -> n'existe pas !
... [02/01/2009|09:50] C:\ProgramData\Stupid Blah Blah.5149v -> n'existe pas !
... [02/01/2009|07:38] C:\ProgramData\Stupid Blah Blah.7cfrfg -> n'existe pas !
... [02/01/2009|21:52] C:\ProgramData\Stupid Blah Blah.7oalxl4 -> n'existe pas !
... [02/01/2009|15:18] C:\ProgramData\Stupid Blah Blah.825cmu -> n'existe pas !
... [02/01/2009|10:55] C:\ProgramData\Stupid Blah Blah.8q4g1vm -> n'existe pas !
... [02/01/2009|19:19] C:\ProgramData\Stupid Blah Blah.93p89 -> n'existe pas !
... [02/01/2009|16:24] C:\ProgramData\Stupid Blah Blah.9xvmv -> n'existe pas !
... [02/01/2009|22:36] C:\ProgramData\Stupid Blah Blah.a5l3p8 -> n'existe pas !
... [02/01/2009|12:23] C:\ProgramData\Stupid Blah Blah.ab5qrp -> n'existe pas !
... [02/01/2009|12:01] C:\ProgramData\Stupid Blah Blah.ac4zjq -> n'existe pas !
... [02/01/2009|11:17] C:\ProgramData\Stupid Blah Blah.bhc5t -> n'existe pas !
... [02/01/2009|17:07] C:\ProgramData\Stupid Blah Blah.byx9ah -> n'existe pas !
... [02/01/2009|13:07] C:\ProgramData\Stupid Blah Blah.cdsi1 -> n'existe pas !
... [02/01/2009|07:38] C:\ProgramData\Stupid Blah Blah.deiikkp -> n'existe pas !
... [02/01/2009|20:03] C:\ProgramData\Stupid Blah Blah.dum4xxw -> n'existe pas !
... [02/01/2009|18:57] C:\ProgramData\Stupid Blah Blah.fiiis -> n'existe pas !
... [02/01/2009|11:39] C:\ProgramData\Stupid Blah Blah.gfcek -> n'existe pas !
... [02/01/2009|09:28] C:\ProgramData\Stupid Blah Blah.hlzx1 -> n'existe pas !
... [02/01/2009|08:44] C:\ProgramData\Stupid Blah Blah.i0vbb -> n'existe pas !
... [02/01/2009|08:22] C:\ProgramData\Stupid Blah Blah.jvl1b5 -> n'existe pas !
... [02/01/2009|15:40] C:\ProgramData\Stupid Blah Blah.kkqqf -> n'existe pas !
... [02/01/2009|21:08] C:\ProgramData\Stupid Blah Blah.m8k5t -> n'existe pas !
... [02/01/2009|20:25] C:\ProgramData\Stupid Blah Blah.mxx5d -> n'existe pas !
... [02/01/2009|14:34] C:\ProgramData\Stupid Blah Blah.nk92ach -> n'existe pas !
... [02/01/2009|16:02] C:\ProgramData\Stupid Blah Blah.pobgcrq -> n'existe pas !
... [02/01/2009|16:46] C:\ProgramData\Stupid Blah Blah.qx7thu3 -> n'existe pas !
... [02/01/2009|19:41] C:\ProgramData\Stupid Blah Blah.r6qa1 -> n'existe pas !
... [02/01/2009|22:14] C:\ProgramData\Stupid Blah Blah.rx6qc2 -> n'existe pas !
... [02/01/2009|10:12] C:\ProgramData\Stupid Blah Blah.s7p9w -> n'existe pas !
... [02/01/2009|17:29] C:\ProgramData\Stupid Blah Blah.u43u7 -> n'existe pas !
... [02/01/2009|13:50] C:\ProgramData\Stupid Blah Blah.ufk8g -> n'existe pas !
... [02/01/2009|13:29] C:\ProgramData\Stupid Blah Blah.ugw4bm -> n'existe pas !
... [02/01/2009|21:30] C:\ProgramData\Stupid Blah Blah.x5fa8 -> n'existe pas !
... [02/01/2009|09:06] C:\ProgramData\Stupid Blah Blah.xkocwsd -> n'existe pas !
... [26/12/2008|12:55] C:\ProgramData\Stupid Blah Blah.y1lwcef -> n'existe pas !
... [02/01/2009|08:00] C:\ProgramData\Stupid Blah Blah.y400l -> n'existe pas !
... [02/01/2009|14:56] C:\ProgramData\Stupid Blah Blah.yiayc9 -> n'existe pas !
... [02/01/2009|14:12] C:\ProgramData\Stupid Blah Blah.yunpk -> n'existe pas !
... [02/01/2009|17:51] C:\ProgramData\Stupid Blah Blah.z73p2l0 -> n'existe pas !
... [02/01/2009|12:45] C:\ProgramData\Stupid Blah Blah.zdnmqov -> n'existe pas !
... [02/01/2009|10:34] C:\ProgramData\Stupid Blah Blah.zukqc -> n'existe pas !
... [23/12/2008|23:12] C:\ProgramData\Stupid Blah Blah.zw5d5 -> n'existe pas !
... [02/01/2009|07:39] C:\ProgramData\WAY PILE FAST.stk9e -> n'existe pas !
... [02/01/2009|07:39] C:\ProgramData\thirdping -> n'existe pas !
Supprime! - C:\ProgramData\New dvd info.1xl0q
Supprime! - C:\ProgramData\Stupid Blah Blah.059jz
Supprime! - C:\ProgramData\Stupid Blah Blah.4569w
Supprime! - C:\ProgramData\Stupid Blah Blah.5149v
Supprime! - C:\ProgramData\Stupid Blah Blah.75149
Supprime! - C:\ProgramData\Stupid Blah Blah.76jsf
Supprime! - C:\ProgramData\Stupid Blah Blah.93p89
Supprime! - C:\ProgramData\Stupid Blah Blah.9xvmv
Supprime! - C:\ProgramData\Stupid Blah Blah.bhc5t
Supprime! - C:\ProgramData\Stupid Blah Blah.bm942
Supprime! - C:\ProgramData\Stupid Blah Blah.cdsi1
Supprime! - C:\ProgramData\Stupid Blah Blah.dch7l
Supprime! - C:\ProgramData\Stupid Blah Blah.fiiis
Supprime! - C:\ProgramData\Stupid Blah Blah.gfcek
Supprime! - C:\ProgramData\Stupid Blah Blah.gud0e
Supprime! - C:\ProgramData\Stupid Blah Blah.hlzx1
Supprime! - C:\ProgramData\Stupid Blah Blah.i0vbb
Supprime! - C:\ProgramData\Stupid Blah Blah.ju2ni
Supprime! - C:\ProgramData\Stupid Blah Blah.kkqqf
Supprime! - C:\ProgramData\Stupid Blah Blah.m8k5t
Supprime! - C:\ProgramData\Stupid Blah Blah.mxx5d
Supprime! - C:\ProgramData\Stupid Blah Blah.ntb8a
Supprime! - C:\ProgramData\Stupid Blah Blah.os9aj
Supprime! - C:\ProgramData\Stupid Blah Blah.pbrye
Supprime! - C:\ProgramData\Stupid Blah Blah.pc7lp
Supprime! - C:\ProgramData\Stupid Blah Blah.po15s
Supprime! - C:\ProgramData\Stupid Blah Blah.pr22p
Supprime! - C:\ProgramData\Stupid Blah Blah.qng5c
Supprime! - C:\ProgramData\Stupid Blah Blah.r6qa1
Supprime! - C:\ProgramData\Stupid Blah Blah.s0ejk
Supprime! - C:\ProgramData\Stupid Blah Blah.s7p9w
Supprime! - C:\ProgramData\Stupid Blah Blah.thwry
Supprime! - C:\ProgramData\Stupid Blah Blah.ts4lm
Supprime! - C:\ProgramData\Stupid Blah Blah.u43u7
Supprime! - C:\ProgramData\Stupid Blah Blah.ufk8g
Supprime! - C:\ProgramData\Stupid Blah Blah.verhd
Supprime! - C:\ProgramData\Stupid Blah Blah.wzxxq
Supprime! - C:\ProgramData\Stupid Blah Blah.x5fa8
Supprime! - C:\ProgramData\Stupid Blah Blah.y400l
Supprime! - C:\ProgramData\Stupid Blah Blah.yunpk
Supprime! - C:\ProgramData\Stupid Blah Blah.zukqc
Supprime! - C:\ProgramData\Stupid Blah Blah.zw5d5
Supprime! - C:\ProgramData\WAY PILE FAST.stk9e
Supprime! - C:\ProgramData\Stupid Blah Blah.1ieg1f
Supprime! - C:\ProgramData\Stupid Blah Blah.216zzf
Supprime! - C:\ProgramData\Stupid Blah Blah.6r4jmb
Supprime! - C:\ProgramData\Stupid Blah Blah.7cfrfg
Supprime! - C:\ProgramData\Stupid Blah Blah.825cmu
Supprime! - C:\ProgramData\Stupid Blah Blah.9741sd
Supprime! - C:\ProgramData\Stupid Blah Blah.9dld9v
Supprime! - C:\ProgramData\Stupid Blah Blah.9qj7s2
Supprime! - C:\ProgramData\Stupid Blah Blah.a5l3p8
Supprime! - C:\ProgramData\Stupid Blah Blah.ab5qrp
Supprime! - C:\ProgramData\Stupid Blah Blah.ac4zjq
Supprime! - C:\ProgramData\Stupid Blah Blah.byx9ah
Supprime! - C:\ProgramData\Stupid Blah Blah.ceqpx7
Supprime! - C:\ProgramData\Stupid Blah Blah.ey2jo2
Supprime! - C:\ProgramData\Stupid Blah Blah.f0rlyq
Supprime! - C:\ProgramData\Stupid Blah Blah.fwnf67
Supprime! - C:\ProgramData\Stupid Blah Blah.gazqwl
Supprime! - C:\ProgramData\Stupid Blah Blah.i8zc48
Supprime! - C:\ProgramData\Stupid Blah Blah.iv4as0
Supprime! - C:\ProgramData\Stupid Blah Blah.jvl1b5
Supprime! - C:\ProgramData\Stupid Blah Blah.ktjev0
Supprime! - C:\ProgramData\Stupid Blah Blah.m6sbjw
Supprime! - C:\ProgramData\Stupid Blah Blah.pelt9g
Supprime! - C:\ProgramData\Stupid Blah Blah.rx6qc2
Supprime! - C:\ProgramData\Stupid Blah Blah.to0t0y
Supprime! - C:\ProgramData\Stupid Blah Blah.ugw4bm
Supprime! - C:\ProgramData\Stupid Blah Blah.xait5m
Supprime! - C:\ProgramData\Stupid Blah Blah.yiayc9
Supprime! - C:\ProgramData\Stupid Blah Blah.yn5z0m
Supprime! - C:\ProgramData\Stupid Blah Blah.yvk19x
Supprime! - C:\ProgramData\Stupid Blah Blah.0gs9rma
Supprime! - C:\ProgramData\Stupid Blah Blah.0t632xv
Supprime! - C:\ProgramData\Stupid Blah Blah.0vspd3j
Supprime! - C:\ProgramData\Stupid Blah Blah.16g5dqd
Supprime! - C:\ProgramData\Stupid Blah Blah.1nt9sgn
Supprime! - C:\ProgramData\Stupid Blah Blah.35lp9i1
Supprime! - C:\ProgramData\Stupid Blah Blah.3cmjy4b
Supprime! - C:\ProgramData\Stupid Blah Blah.7c3gtbk
Supprime! - C:\ProgramData\Stupid Blah Blah.7oalxl4
Supprime! - C:\ProgramData\Stupid Blah Blah.7u6vlt4
Supprime! - C:\ProgramData\Stupid Blah Blah.8o5jmup
Supprime! - C:\ProgramData\Stupid Blah Blah.8q4g1vm
Supprime! - C:\ProgramData\Stupid Blah Blah.9u9185s
Supprime! - C:\ProgramData\Stupid Blah Blah.9zxwfij
Supprime! - C:\ProgramData\Stupid Blah Blah.b8wkvy9
Supprime! - C:\ProgramData\Stupid Blah Blah.cd6akza
Supprime! - C:\ProgramData\Stupid Blah Blah.de93vsr
Supprime! - C:\ProgramData\Stupid Blah Blah.deiikkp
Supprime! - C:\ProgramData\Stupid Blah Blah.dum4xxw
Supprime! - C:\ProgramData\Stupid Blah Blah.duw5v39
Supprime! - C:\ProgramData\Stupid Blah Blah.esomjmd
Supprime! - C:\ProgramData\Stupid Blah Blah.fctszqd
Supprime! - C:\ProgramData\Stupid Blah Blah.gxpn3bg
Supprime! - C:\ProgramData\Stupid Blah Blah.ipx5qig
Supprime! - C:\ProgramData\Stupid Blah Blah.k9ask8d
Supprime! - C:\ProgramData\Stupid Blah Blah.mede5l1
Supprime! - C:\ProgramData\Stupid Blah Blah.mox5wks
Supprime! - C:\ProgramData\Stupid Blah Blah.nk92ach
Supprime! - C:\ProgramData\Stupid Blah Blah.nky9k8e
Supprime! - C:\ProgramData\Stupid Blah Blah.of6ohsg
Supprime! - C:\ProgramData\Stupid Blah Blah.pk7hp5l
Supprime! - C:\ProgramData\Stupid Blah Blah.pobgcrq
Supprime! - C:\ProgramData\Stupid Blah Blah.qx7thu3
Supprime! - C:\ProgramData\Stupid Blah Blah.vgxei7a
Supprime! - C:\ProgramData\Stupid Blah Blah.wc6axdv
Supprime! - C:\ProgramData\Stupid Blah Blah.x2m1lpw
Supprime! - C:\ProgramData\Stupid Blah Blah.xkocwsd
Supprime! - C:\ProgramData\Stupid Blah Blah.y1lwcef
Supprime! - C:\ProgramData\Stupid Blah Blah.z05kt7o
Supprime! - C:\ProgramData\Stupid Blah Blah.z73p2l0
Supprime! - C:\ProgramData\Stupid Blah Blah.zdnmqov

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[30/11/2007|18:19] C:\Users\JEANPI~1\AppData\Local\ABBYY
[19/07/2007|17:46] C:\Users\JEANPI~1\AppData\Local\Adobe
[18/11/2007|18:10] C:\Users\JEANPI~1\AppData\Local\Ahead
[18/03/2007|12:09] C:\Users\JEANPI~1\AppData\Local\AOL
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Application Data
[11/03/2008|14:11] C:\Users\JEANPI~1\AppData\Local\Ares
[18/03/2007|12:10] C:\Users\JEANPI~1\AppData\Local\ATI
[01/01/2009|03:04] C:\Users\JEANPI~1\AppData\Local\Axialis
[22/11/2007|22:29] C:\Users\JEANPI~1\AppData\Local\d3d9caps.dat
[03/01/2009|23:47] C:\Users\JEANPI~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2008|09:32] C:\Users\JEANPI~1\AppData\Local\erheaqf.bat
[13/11/2007|20:53] C:\Users\JEANPI~1\AppData\Local\GDIPFONTCACHEV1.DAT
[03/01/2009|20:09] C:\Users\JEANPI~1\AppData\Local\Google
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Historique
[04/01/2009|02:32] C:\Users\JEANPI~1\AppData\Local\IconCache.db
[30/12/2008|20:43] C:\Users\JEANPI~1\AppData\Local\Microsoft
[28/02/2008|20:48] C:\Users\JEANPI~1\AppData\Local\Microsoft Games
[18/01/2008|20:45] C:\Users\JEANPI~1\AppData\Local\Microsoft Help
[18/03/2007|13:26] C:\Users\JEANPI~1\AppData\Local\Mozilla
[15/11/2007|18:14] C:\Users\JEANPI~1\AppData\Local\Nero
[10/03/2008|12:23] C:\Users\JEANPI~1\AppData\Local\PowerCinema
[16/06/2008|11:38] C:\Users\JEANPI~1\AppData\Local\Shareaza
[04/01/2009|02:45] C:\Users\JEANPI~1\AppData\Local\Temp
[18/03/2007|12:05] C:\Users\JEANPI~1\AppData\Local\Temporary Internet Files
[21/03/2007|20:04] C:\Users\JEANPI~1\AppData\Local\VirtualStore
[05/04/2007|16:15] C:\Users\JEANPI~1\AppData\Local\WindowsUpdate

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[04/01/2009 02:30][--a------] C:\Windows\tasks\Extension de garantie.job
[04/01/2009 02:35][--ah-----] C:\Windows\tasks\SA.DAT
[04/01/2009 02:34][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[16/03/2008|21:14] C:\ProgramData\addr_file.html
[09/11/2008|23:16] C:\ProgramData\Adobe
[18/11/2007|18:07] C:\ProgramData\Ahead
[26/11/2007|23:35] C:\ProgramData\AOL
[02/11/2006|13:59] C:\ProgramData\Application Data
[12/11/2008|22:45] C:\ProgramData\Avira
[30/11/2007|15:05] C:\ProgramData\Brother
[18/03/2007|12:03] C:\ProgramData\Bureau
[10/11/2007|20:31] C:\ProgramData\CanonBJ
[09/11/2007|21:01] C:\ProgramData\CyberLink
[02/11/2006|13:59] C:\ProgramData\Desktop
[02/11/2006|13:59] C:\ProgramData\Documents
[16/07/2008|22:20] C:\ProgramData\eMule
[18/03/2007|12:03] C:\ProgramData\Favoris
[02/11/2006|13:59] C:\ProgramData\Favorites
[21/03/2007|19:41] C:\ProgramData\FaxCtr
[03/01/2009|20:09] C:\ProgramData\Google
[05/12/2006|22:38] C:\ProgramData\InstallShield
[18/03/2007|12:53] C:\ProgramData\LUInstall.LiveUpdate
[15/03/2008|22:13] C:\ProgramData\Malwarebytes
[18/03/2007|12:03] C:\ProgramData\Menu Démarrer
[21/12/2008|23:06] C:\ProgramData\Microsoft
[30/11/2007|17:35] C:\ProgramData\Microsoft Help
[18/03/2007|12:03] C:\ProgramData\Modèles
[29/05/2008|10:37] C:\ProgramData\muvee Technologies
[18/11/2007|18:01] C:\ProgramData\Nero
[20/03/2007|17:28] C:\ProgramData\QuickTime
[30/11/2007|15:45] C:\ProgramData\ScanSoft
[05/12/2006|22:38] C:\ProgramData\Sonic
[02/11/2006|13:59] C:\ProgramData\Start Menu
[05/04/2007|15:22] C:\ProgramData\Symantec
[02/11/2006|13:59] C:\ProgramData\Templates
[02/01/2009|07:39] C:\ProgramData\thirdping
[23/12/2008|22:30] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[09/11/2008|23:16] C:\Program Files\Adobe
[08/03/2008|23:46] C:\Program Files\Adobe(0)
[01/04/2007|10:52] C:\Program Files\Alwil Software
[05/04/2007|17:52] C:\Program Files\AOL
[24/03/2008|14:27] C:\Program Files\a-squared Free
[14/11/2007|18:57] C:\Program Files\Athan
[05/12/2006|22:31] C:\Program Files\ATI Technologies
[12/11/2008|22:45] C:\Program Files\Avira
[30/11/2007|15:14] C:\Program Files\Brother
[31/12/2008|14:03] C:\Program Files\CCleaner
[01/01/2009|13:49] C:\Program Files\Common Files
[11/09/2008|10:59] C:\Program Files\Cyberlink
[24/11/2007|23:47] C:\Program Files\DVDVideoSoft
[22/04/2007|15:06] C:\Program Files\Elaborate Bytes
[06/02/2008|00:00] C:\Program Files\FlashGet
[03/01/2009|20:09] C:\Program Files\Google
[13/04/2008|19:12] C:\Program Files\InstallShield Installation Information
[01/12/2007|13:03] C:\Program Files\Internet Explorer
[11/11/2007|22:24] C:\Program Files\Islam
[11/12/2008|10:20] C:\Program Files\Java
[21/03/2007|19:42] C:\Program Files\Lexmark 3400 Series
[21/03/2007|19:39] C:\Program Files\Lexmark Toolbar
[17/06/2008|20:19] C:\Program Files\LimeWire
[11/06/2007|20:44] C:\Program Files\lx_cats
[15/03/2008|20:10] C:\Program Files\ma-config.com
[31/12/2008|14:27] C:\Program Files\Malwarebytes' Anti-Malware
[14/11/2008|14:54] C:\Program Files\MessengerDiscovery
[23/12/2008|22:48] C:\Program Files\Microsoft
[13/05/2007|13:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:35] C:\Program Files\Microsoft Games
[29/03/2007|20:14] C:\Program Files\Microsoft Office
[21/12/2008|23:39] C:\Program Files\Microsoft Office Outlook Connector
[10/12/2007|14:08] C:\Program Files\Microsoft SQL Server Compact Edition
[29/03/2007|20:14] C:\Program Files\Microsoft Visual Studio
[26/11/2007|23:31] C:\Program Files\Microsoft Visual Studio 8
[29/03/2007|20:15] C:\Program Files\Microsoft Works
[29/03/2007|20:13] C:\Program Files\Microsoft.NET
[06/12/2006|07:17] C:\Program Files\Movie Maker
[04/01/2009|02:40] C:\Program Files\Mozilla Firefox
[29/03/2007|20:14] C:\Program Files\MSBuild
[02/11/2006|13:35] C:\Program Files\MSN
[30/12/2008|20:51] C:\Program Files\Navilog1
[18/11/2007|18:01] C:\Program Files\Nero
[05/12/2006|22:48] C:\Program Files\Packard Bell
[13/12/2007|22:52] C:\Program Files\Paltalk Messenger
[28/05/2008|13:31] C:\Program Files\PhotoFiltre
[05/12/2006|22:48] C:\Program Files\Powercinema
[20/03/2007|17:28] C:\Program Files\QuickTime
[20/03/2007|17:27] C:\Program Files\Real
[05/12/2006|22:30] C:\Program Files\Realtek
[02/11/2006|13:35] C:\Program Files\Reference Assemblies
[05/12/2006|22:38] C:\Program Files\Roxio
[30/11/2007|15:45] C:\Program Files\ScanSoft
[26/08/2008|12:21] C:\Program Files\Sun
[05/04/2007|15:21] C:\Program Files\Symantec
[02/01/2009|07:38] C:\Program Files\thirdping
[11/03/2008|17:26] C:\Program Files\Trend Micro
[09/11/2007|21:13] C:\Program Files\uTorrent
[19/09/2008|10:29] C:\Program Files\VideoLAN
[02/09/2007|11:35] C:\Program Files\Windows Calendar
[06/12/2006|07:17] C:\Program Files\Windows Collaboration
[11/04/2007|15:44] C:\Program Files\Windows Defender
[23/12/2008|22:48] C:\Program Files\Windows Live
[23/12/2008|22:46] C:\Program Files\Windows Live SkyDrive
[13/11/2007|19:49] C:\Program Files\Windows Mail
[26/11/2007|23:32] C:\Program Files\Windows Media Player
[26/11/2007|23:32] C:\Program Files\Windows NT
[06/12/2006|07:17] C:\Program Files\Windows Photo Gallery
[26/11/2007|23:32] C:\Program Files\Windows Sidebar
[29/07/2007|18:26] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[09/11/2008|23:16] C:\Program Files\Common Files\Adobe
[08/03/2008|23:47] C:\Program Files\Common Files\Adobe(96)
[18/11/2007|18:06] C:\Program Files\Common Files\Ahead
[27/01/2008|22:38] C:\Program Files\Common Files\aol
[20/03/2007|17:29] C:\Program Files\Common Files\aolback
[27/01/2008|22:38] C:\Program Files\Common Files\AOLSHARE
[09/11/2007|17:57] C:\Program Files\Common Files\Canon
[29/03/2007|20:14] C:\Program Files\Common Files\DESIGNER
[24/11/2007|23:47] C:\Program Files\Common Files\DVDVideoSoft
[30/11/2007|15:14] C:\Program Files\Common Files\InstallShield
[24/05/2008|12:43] C:\Program Files\Common Files\Java
[21/12/2008|23:38] C:\Program Files\Common Files\microsoft shared
[05/12/2006|22:34] C:\Program Files\Common Files\Nullsoft
[20/03/2007|17:27] C:\Program Files\Common Files\Real
[05/12/2006|22:38] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[09/11/2007|18:16] C:\Program Files\Common Files\snpstd
[05/12/2006|22:38] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[05/12/2006|22:38] C:\Program Files\Common Files\SureThing Shared
[05/04/2007|15:24] C:\Program Files\Common Files\Symantec Shared
[21/12/2008|23:39] C:\Program Files\Common Files\System
[21/12/2008|22:02] C:\Program Files\Common Files\Windows Live
[10/12/2007|14:06] C:\Program Files\Common Files\WindowsLiveInstaller
[10/03/2008|15:22] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 68 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-04 02:53:37
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 4

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\JEANPI~1\AppData\Roaming\uTorrent\(ES) Avast.Anti Virus Pro 4.7.1098+keygen.torrent


[F:60][D:6]-> C:\Users\JEANPI~1\AppData\Local\Temp
[F:65][D:1]-> C:\Users\JEANPI~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1885][D:4]-> C:\Users\JEANPI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:10][D:6]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 02/01/2009|21:06 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 03/01/2009| 2:17 - Option : [3]
3 - "C:\Lop SD\LopR_3.txt" - 04/01/2009|14:10 - Option : [4]

--------------------\\ Fin du rapport a 14:10:18
[ UAC => 1 ]

4 Janvier 2009 15:36:21

halloum77 a dit :
> après je sais combien d'heures d'attente pour finir LOP S&D...


:hello: halloum77,

> C' est très bizarre.

Poste un nouveau rapport HijackThis...

A+ tard;).
4 Janvier 2009 16:11:36

Re, je vous ai dit dans les messages plus haut pourquoi c'est si long monj message d'erreur qui s'affiche..bref c'est très agaçant mais bon loool et sinon je ne comprends pas trop les rapports(les décrypter) mais je vois que j'ai des trucs que je n'est plus depuis longtemps et je comprends pas comme (Aol, arès , shaeraza, emule....)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:07:54, on 04/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\vsnpstd.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Powercinema\PCMService.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\aol\1165354343\ee\aolsoftware.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCMService] "c:\Program Files\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1165354343\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D57A919-4A96-4702-82C6-010B24DEDC39}: NameServer = 213.36.80.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5D57A919-4A96-4702-82C6-010B24DEDC39}: NameServer = 213.36.80.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5D57A919-4A96-4702-82C6-010B24DEDC39}: NameServer = 213.36.80.1
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\Program Files\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\Program Files\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9248 bytes
4 Janvier 2009 18:11:02

Re,

lance HijackThis et ferme toutes les fenêtres de programme.

Vérifie qu' il fera des sauvegardes : Dans Config, coche Make backups before fixing items (protéger les objets avant de fixer) puis clique sur le bouton Back (retour). Ensuite, clique sur le bouton Do a system scan only (scanner seulement) et coche les cases situées devant les lignes ci-dessous :

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1165354343\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

Puis clique sur Fix checked (fixer objet).

Ps : Je te prépare une dernière manip' importante et nous pourrons souffler:) .
4 Janvier 2009 18:34:03

Mercii beaucoup , j'imprime ça et je le fais
4 Janvier 2009 18:50:21

Re , bon j'ai fait ce que vous m'avez dit par contre ça m'a sorti un message en anglais lool j'ai pas tout compris
      • 1 / 2
      • 2
      • Dernier
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS