Se connecter / S'enregistrer
Votre question

Win32 Cabinet Self-Extractor et Hijackthis

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
25 Janvier 2009 11:51:14

Bonjour à tous.

Je suis nouveau et ne connais pas tous les principes des forums et tutos.
Voici mon problème au cas ou quelqu'un pourrait m'aider.

Je fonctionne sous Vista familial (le basic LOL)
Lorsque je demarre mon UC à chaque fois j'ai une fenêtre qui m'indique : "Programme de démarrage bloqué".
Impossible de l'autoriser et en plus je ne sais pas ce que s'est !

Je viens de lire qu'il y a un logiciel qui permet de regler ce problème, à condition de s'y connaitre. Hijackthis 2.0.2
Je viens donc de le télécharger, et j'ai fait éditer un rapport.

Maintenant il me reste à le sousmettre afin que l'on me dise d'où vient mon problème et de le résoudre.
Quelqu'un peut il m'aider ?

Par avance merci.

Autres pages sur : win32 cabinet self extractor hijackthis

25 Janvier 2009 15:45:01

Ok merci , le voici.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:38:32, on 25/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\fdjeux\Widget LOTO\Launcher.exe
C:\Users\RALPH\Downloads\eMule\emule.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\fdjeux\Widget LOTO\Widget LOTO.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\IEPro\MiniDM.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\RALPH\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O1 - Hosts: ::1 localhost
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {FD621E34-BFCE-41D3-BF58-43FF97746AD7} - (no file)
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /F "C:\Windows\TEMP\E_S1170.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\Windows\p_981116.exe /Q:A
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Widget LOTO] "C:\Program Files\fdjeux\Widget LOTO\launcher.exe"
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Users\RALPH\Downloads\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Enregistrement de Need for Speed™ Undercover.lnk = C:\Program Files\EA Games\Support\EAregister.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSN...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4E70079-A0E2-45B9-A3A6-94642C12ABB6}: NameServer = 213.36.80.1,192.168.1.1
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 14233 bytes
a b 8 Sécurité
26 Janvier 2009 19:35:22

Re,

Télécharge Lop S&D.exe (d’ Eric 71) sur ton Bureau.

  • Double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    Contenus similaires
    27 Janvier 2009 08:39:50

    Bonjour Angeldark.
    Voici ce que tu m'as demandé.
    J'espere que cela pourra aider a resoudre mon probleme.
    Merci.



    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz )
    BIOS : Award Modular BIOS v6.00PG
    USER : RALPH ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 081221-0] 4.8.1229 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:157 Go (Free:37 Go)
    D:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (Local Disk) - NTFS - Total:140 Go (Free:15 Go)
    K:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
    L:\ (CD or DVD)
    M:\ (CD or DVD)
    N:\ (CD or DVD)
    O:\ (USB) - FAT32 - Total:3894 Mo (Free:0 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 27/01/2009| 8:23 )

    [ UAC => 1 ]

    --------------------\\ Listing des dossiers dans Local

    [14/01/2009|11:32] C:\Users\RALPH\AppData\Local\Adobe
    [22/03/2008|10:57] C:\Users\RALPH\AppData\Local\Ahead
    [06/01/2008|12:33] C:\Users\RALPH\AppData\Local\Apple
    [04/09/2008|12:07] C:\Users\RALPH\AppData\Local\Apple Computer
    [10/09/2007|15:19] C:\Users\RALPH\AppData\Local\Application Data
    [07/06/2008|12:15] C:\Users\RALPH\AppData\Local\capcom
    [24/12/2007|21:35] C:\Users\RALPH\AppData\Local\Codemasters
    [05/01/2009|19:36] C:\Users\RALPH\AppData\Local\d3d9caps.dat
    [26/01/2009|19:50] C:\Users\RALPH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [17/12/2007|13:01] C:\Users\RALPH\AppData\Local\DNA
    [08/01/2009|12:27] C:\Users\RALPH\AppData\Local\Downloaded Installations
    [05/10/2007|19:16] C:\Users\RALPH\AppData\Local\eMule
    [15/01/2009|07:54] C:\Users\RALPH\AppData\Local\GDIPFONTCACHEV1.DAT
    [18/12/2008|09:11] C:\Users\RALPH\AppData\Local\Google
    [10/09/2007|15:19] C:\Users\RALPH\AppData\Local\Historique
    [23/01/2009|11:16] C:\Users\RALPH\AppData\Local\IconCache.db
    [08/10/2007|14:11] C:\Users\RALPH\AppData\Local\IM
    [06/03/2008|18:24] C:\Users\RALPH\AppData\Local\Logitech-LS
    [16/11/2007|18:54] C:\Users\RALPH\AppData\Local\Magentic
    [08/01/2009|12:32] C:\Users\RALPH\AppData\Local\Microsoft
    [21/04/2008|19:34] C:\Users\RALPH\AppData\Local\Microsoft Games
    [06/07/2008|10:05] C:\Users\RALPH\AppData\Local\Microsoft Help
    [15/06/2008|10:54] C:\Users\RALPH\AppData\Local\Multi_Media_France
    [27/12/2007|12:50] C:\Users\RALPH\AppData\Local\Nero
    [04/04/2008|11:47] C:\Users\RALPH\AppData\Local\Netlog
    [04/05/2008|10:41] C:\Users\RALPH\AppData\Local\Participatory Culture Foundation
    [08/01/2009|12:32] C:\Users\RALPH\AppData\Local\PunkBuster
    [22/09/2007|17:57] C:\Users\RALPH\AppData\Local\Steam
    [27/01/2009|08:10] C:\Users\RALPH\AppData\Local\Temp
    [10/09/2007|15:19] C:\Users\RALPH\AppData\Local\Temporary Internet Files
    [13/09/2007|09:07] C:\Users\RALPH\AppData\Local\VirtualStore
    [05/05/2008|10:22] C:\Users\RALPH\AppData\Local\Wyzo
    [06/04/2008|11:15] C:\Users\RALPH\AppData\Local\Zattoo
    [06/04/2008|11:13] C:\Users\RALPH\AppData\Local\ZattooPlayer

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [27/01/2009 08:00][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
    [26/01/2009 14:01][--ah-----] C:\Windows\tasks\SA.DAT
    [23/01/2009 11:17][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [18/12/2008|09:18] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [14/01/2009|11:36] C:\ProgramData\Adobe
    [07/01/2008|20:40] C:\ProgramData\Apple
    [18/12/2008|09:18] C:\ProgramData\Apple Computer
    [02/11/2006|14:02] C:\ProgramData\Application Data
    [10/09/2007|15:17] C:\ProgramData\Bureau
    [02/11/2006|14:02] C:\ProgramData\Desktop
    [02/11/2006|14:02] C:\ProgramData\Documents
    [07/08/2008|07:48] C:\ProgramData\eMule
    [10/09/2007|15:17] C:\ProgramData\Favoris
    [02/11/2006|14:02] C:\ProgramData\Favorites
    [14/01/2009|11:42] C:\ProgramData\FLEXnet
    [17/12/2008|17:19] C:\ProgramData\Google
    [26/01/2009|07:24] C:\ProgramData\Google Updater
    [21/01/2008|10:55] C:\ProgramData\IM
    [21/01/2008|10:40] C:\ProgramData\IncrediMail
    [09/01/2009|16:20] C:\ProgramData\Installations
    [10/09/2007|15:17] C:\ProgramData\Menu D‚marrer
    [23/03/2008|12:22] C:\ProgramData\Messenger Plus!
    [07/01/2009|09:34] C:\ProgramData\Microsoft
    [14/01/2009|08:59] C:\ProgramData\Microsoft Help
    [10/09/2007|15:17] C:\ProgramData\ModŠles
    [29/11/2007|17:03] C:\ProgramData\Nero
    [10/01/2008|18:33] C:\ProgramData\Nokia
    [13/09/2007|09:04] C:\ProgramData\ntuser.pol
    [14/01/2009|10:24] C:\ProgramData\NVIDIA
    [10/10/2007|09:29] C:\ProgramData\PC Suite
    [02/11/2006|14:02] C:\ProgramData\Start Menu
    [02/01/2009|14:10] C:\ProgramData\TEMP
    [02/11/2006|14:02] C:\ProgramData\Templates
    [19/04/2008|18:41] C:\ProgramData\TrackMania
    [04/04/2008|07:25] C:\ProgramData\TuneUp Software
    [31/07/2008|15:34] C:\ProgramData\Ubisoft
    [18/01/2009|23:43] C:\ProgramData\WindowsSearch
    [06/03/2008|09:11] C:\ProgramData\WLInstaller

    --------------------\\ Listing des dossiers dans C:\Program Files

    [14/01/2009|11:03] C:\Program Files\Adobe
    [23/09/2008|15:25] C:\Program Files\Alwil Software
    [18/12/2008|09:19] C:\Program Files\Apple Software Update
    [10/01/2008|17:25] C:\Program Files\Avery Assistant 3.1
    [14/01/2009|11:41] C:\Program Files\Common Files
    [15/06/2008|10:53] C:\Program Files\Conduit
    [13/09/2007|12:31] C:\Program Files\DAEMON Tools
    [14/01/2009|12:39] C:\Program Files\Deep Silver
    [10/10/2007|09:27] C:\Program Files\DIFX
    [10/01/2009|22:25] C:\Program Files\DivX
    [17/12/2007|13:01] C:\Program Files\DNA
    [08/01/2009|12:20] C:\Program Files\EA Games
    [06/01/2009|17:57] C:\Program Files\Electronic Arts
    [17/09/2007|11:39] C:\Program Files\epson
    [21/01/2009|10:55] C:\Program Files\fdjeux
    [10/09/2007|15:17] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [17/12/2008|20:33] C:\Program Files\Google
    [26/09/2008|15:40] C:\Program Files\IEPro
    [21/01/2008|10:51] C:\Program Files\IncrediMail
    [06/01/2009|18:09] C:\Program Files\InstallShield Installation Information
    [10/09/2007|15:21] C:\Program Files\Intel
    [12/07/2008|08:44] C:\Program Files\Internet Explorer
    [18/12/2008|09:18] C:\Program Files\iPod
    [18/12/2008|09:18] C:\Program Files\iTunes
    [09/01/2009|08:12] C:\Program Files\Java
    [30/05/2008|13:13] C:\Program Files\LifeView DTV
    [14/03/2008|13:07] C:\Program Files\Logitech
    [12/10/2007|15:31] C:\Program Files\Messenger
    [08/09/2008|09:42] C:\Program Files\Messenger Plus! Live
    [07/01/2009|09:35] C:\Program Files\Microsoft
    [02/11/2006|13:37] C:\Program Files\Microsoft Games
    [16/03/2008|21:34] C:\Program Files\Microsoft Office
    [27/10/2008|12:05] C:\Program Files\Microsoft Silverlight
    [07/01/2009|09:31] C:\Program Files\Microsoft SQL Server Compact Edition
    [07/01/2009|09:34] C:\Program Files\Microsoft Sync Framework
    [13/09/2007|20:44] C:\Program Files\Microsoft Visual Studio
    [03/03/2008|18:12] C:\Program Files\Microsoft Visual Studio 8
    [24/12/2008|09:20] C:\Program Files\Microsoft Works
    [13/09/2007|20:43] C:\Program Files\Microsoft.NET
    [12/07/2008|08:44] C:\Program Files\Movie Maker
    [13/09/2007|20:44] C:\Program Files\MSBuild
    [13/09/2007|07:15] C:\Program Files\MSN Messenger
    [04/02/2008|09:12] C:\Program Files\MSN Pictures Displayer
    [30/11/2007|03:01] C:\Program Files\MSXML 4.0
    [15/06/2008|10:53] C:\Program Files\Multi_Media_France
    [29/11/2007|17:03] C:\Program Files\Nero
    [04/04/2008|11:47] C:\Program Files\Netlog 24
    [15/06/2008|11:02] C:\Program Files\Netlog Toolbar
    [09/01/2009|16:24] C:\Program Files\Nokia
    [04/05/2008|10:40] C:\Program Files\Participatory Culture Foundation
    [09/01/2009|16:23] C:\Program Files\PC Connectivity Solution
    [18/06/2008|12:34] C:\Program Files\PDFCreator
    [18/12/2008|09:16] C:\Program Files\QuickTime
    [06/03/2008|16:53] C:\Program Files\Real
    [14/03/2008|13:07] C:\Program Files\Reality Fusion
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [02/01/2009|08:10] C:\Program Files\Spyware Doctor
    [15/01/2008|14:43] C:\Program Files\SystemRequirementsLab
    [25/01/2009|11:34] C:\Program Files\Trend Micro
    [31/07/2008|14:42] C:\Program Files\Ubisoft
    [02/11/2006|14:01] C:\Program Files\Uninstall Information
    [25/12/2007|12:48] C:\Program Files\uTorrent
    [12/03/2008|14:35] C:\Program Files\VideoLAN
    [06/06/2008|09:47] C:\Program Files\VirtualDub-MPEG2
    [06/01/2009|17:24] C:\Program Files\Winamp
    [12/07/2008|08:44] C:\Program Files\Windows Calendar
    [12/07/2008|08:44] C:\Program Files\Windows Collaboration
    [12/07/2008|08:44] C:\Program Files\Windows Defender
    [12/07/2008|08:44] C:\Program Files\Windows Journal
    [07/01/2009|09:35] C:\Program Files\Windows Live
    [12/10/2007|16:48] C:\Program Files\Windows Live Favorites
    [07/01/2009|09:28] C:\Program Files\Windows Live SkyDrive
    [07/01/2009|09:35] C:\Program Files\Windows Live Toolbar
    [14/01/2009|09:02] C:\Program Files\Windows Mail
    [12/07/2008|08:44] C:\Program Files\Windows Media Player
    [10/09/2007|15:17] C:\Program Files\Windows NT
    [12/07/2008|08:44] C:\Program Files\Windows Photo Gallery
    [12/07/2008|08:44] C:\Program Files\Windows Sidebar
    [13/09/2007|12:29] C:\Program Files\WinRAR
    [10/09/2007|15:45] C:\Program Files\Wireless 802.11g Monitor

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [14/01/2009|09:36] C:\Program Files\Common Files\Adobe
    [29/11/2007|16:49] C:\Program Files\Common Files\Ahead
    [18/12/2008|09:18] C:\Program Files\Common Files\Apple
    [10/01/2008|17:15] C:\Program Files\Common Files\Avery
    [03/12/2007|17:38] C:\Program Files\Common Files\BitDefender
    [13/09/2007|20:44] C:\Program Files\Common Files\DESIGNER
    [07/06/2008|15:00] C:\Program Files\Common Files\InstallShield
    [05/10/2007|12:27] C:\Program Files\Common Files\Java
    [18/10/2007|16:23] C:\Program Files\Common Files\LightScribe
    [06/03/2008|16:54] C:\Program Files\Common Files\Logitech
    [14/01/2009|11:41] C:\Program Files\Common Files\Macrovision Shared
    [07/01/2009|09:28] C:\Program Files\Common Files\microsoft shared
    [29/11/2007|17:06] C:\Program Files\Common Files\Nero
    [09/01/2009|16:24] C:\Program Files\Common Files\Nokia
    [09/01/2009|16:24] C:\Program Files\Common Files\PCSuite
    [02/11/2007|09:16] C:\Program Files\Common Files\PX Storage Engine
    [18/04/2008|12:18] C:\Program Files\Common Files\Real
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [18/01/2009|23:43] C:\Program Files\Common Files\Steam
    [12/07/2008|08:44] C:\Program Files\Common Files\System
    [07/01/2009|09:11] C:\Program Files\Common Files\Windows Live
    [06/03/2008|09:13] C:\Program Files\Common Files\WindowsLiveInstaller
    [04/04/2008|07:24] C:\Program Files\Common Files\Wise Installation Wizard
    [18/04/2008|12:18] C:\Program Files\Common Files\xing shared

    --------------------\\ Process

    ( 81 Processes )

    iexplore.exe ~ [PID:3632]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\Program Files\Multi_Media_France
    C:\Program Files\Multi_Media_France\INSTALL.LOG
    C:\Program Files\Multi_Media_France\Multi_Media_FranceToolbarHelper.exe
    C:\Program Files\Multi_Media_France\tbMult.dll
    C:\Program Files\Multi_Media_France\toolbar.cfg
    C:\Program Files\Multi_Media_France\UNWISE.EXE
    C:\Program Files\Multi_Media_France\UNWISE.INI
    C:\Program Files\Multi_Media_France
    C:\Program Files\Multi_Media_France\INSTALL.LOG
    C:\Program Files\Multi_Media_France\Multi_Media_FranceToolbarHelper.exe
    C:\Program Files\Multi_Media_France\tbMult.dll
    C:\Program Files\Multi_Media_France\toolbar.cfg
    C:\Program Files\Multi_Media_France\UNWISE.EXE
    C:\Program Files\Multi_Media_France\UNWISE.INI
    C:\Users\RALPH\AppData\Roaming\MICROS~1\Windows\Cookies\ralph@advertising[1].txt
    C:\Users\RALPH\AppData\Roaming\MICROS~1\Windows\Cookies\ralph@adopt.euroclick[1].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-27 08:23:23
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    C:\Users\RALPH\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0WPU7CW2\membres[1].htm
    C:\Users\RALPH\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4VGTO50E\spacer[1].gif 43 bytes
    scan completed successfully
    hidden processes: 0
    hidden files: 3

    --------------------\\ Recherche d'autres infections



    [F:75][D:28]-> C:\Users\RALPH\AppData\Local\Temp
    [F:861][D:1]-> C:\Users\RALPH\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2732][D:10]-> C:\Users\RALPH\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:12][D:3]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 27/01/2009| 8:25 - Option : [1]

    --------------------\\ Fin du rapport a 8:25:37
    [ UAC => 1 ]

    a b 8 Sécurité
    27 Janvier 2009 13:16:31

    Re,

    Relance Lop S&D.

  • Choisis cette fois ci l'Option 2 (Suppression)
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
  • Poste le rapport généré (C:\lopR.txt)
    27 Janvier 2009 17:12:30

    Voici le resultat :


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz )
    BIOS : Award Modular BIOS v6.00PG
    USER : RALPH ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 081221-0] 4.8.1229 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:157 Go (Free:38 Go)
    D:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (Local Disk) - NTFS - Total:140 Go (Free:16 Go)
    K:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
    L:\ (CD or DVD)
    M:\ (CD or DVD)
    N:\ (CD or DVD)
    O:\ (USB) - FAT32 - Total:3894 Mo (Free:0 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 27/01/2009|17:07 )

    [ UAC => 1 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\Program Files\Multi_Media_France\INSTALL.LOG
    Supprime! - C:\Program Files\Multi_Media_France\Multi_Media_FranceToolbarHelper.exe
    Supprime! - C:\Program Files\Multi_Media_France\tbMult.dll
    Supprime! - C:\Program Files\Multi_Media_France\toolbar.cfg
    Supprime! - C:\Program Files\Multi_Media_France\UNWISE.EXE
    Supprime! - C:\Program Files\Multi_Media_France\UNWISE.INI
    Supprime! - C:\Users\RALPH\AppData\Roaming\MICROS~1\Windows\Cookies\ralph@advertising[1].txt
    Supprime! - C:\Users\RALPH\AppData\Roaming\MICROS~1\Windows\Cookies\ralph@adopt.euroclick[1].txt
    Supprime! - C:\Program Files\Multi_Media_France
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans Local

    [14/01/2009|11:32] C:\Users\RALPH\AppData\Local\Adobe
    [22/03/2008|10:57] C:\Users\RALPH\AppData\Local\Ahead
    [06/01/2008|12:33] C:\Users\RALPH\AppData\Local\Apple
    [04/09/2008|12:07] C:\Users\RALPH\AppData\Local\Apple Computer
    [10/09/2007|15:19] C:\Users\RALPH\AppData\Local\Application Data
    [07/06/2008|12:15] C:\Users\RALPH\AppData\Local\capcom
    [24/12/2007|21:35] C:\Users\RALPH\AppData\Local\Codemasters
    [05/01/2009|19:36] C:\Users\RALPH\AppData\Local\d3d9caps.dat
    [27/01/2009|09:33] C:\Users\RALPH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [17/12/2007|13:01] C:\Users\RALPH\AppData\Local\DNA
    [08/01/2009|12:27] C:\Users\RALPH\AppData\Local\Downloaded Installations
    [05/10/2007|19:16] C:\Users\RALPH\AppData\Local\eMule
    [15/01/2009|07:54] C:\Users\RALPH\AppData\Local\GDIPFONTCACHEV1.DAT
    [18/12/2008|09:11] C:\Users\RALPH\AppData\Local\Google
    [10/09/2007|15:19] C:\Users\RALPH\AppData\Local\Historique
    [23/01/2009|11:16] C:\Users\RALPH\AppData\Local\IconCache.db
    [08/10/2007|14:11] C:\Users\RALPH\AppData\Local\IM
    [06/03/2008|18:24] C:\Users\RALPH\AppData\Local\Logitech-LS
    [16/11/2007|18:54] C:\Users\RALPH\AppData\Local\Magentic
    [08/01/2009|12:32] C:\Users\RALPH\AppData\Local\Microsoft
    [21/04/2008|19:34] C:\Users\RALPH\AppData\Local\Microsoft Games
    [06/07/2008|10:05] C:\Users\RALPH\AppData\Local\Microsoft Help
    [15/06/2008|10:54] C:\Users\RALPH\AppData\Local\Multi_Media_France
    [27/12/2007|12:50] C:\Users\RALPH\AppData\Local\Nero
    [04/04/2008|11:47] C:\Users\RALPH\AppData\Local\Netlog
    [04/05/2008|10:41] C:\Users\RALPH\AppData\Local\Participatory Culture Foundation
    [08/01/2009|12:32] C:\Users\RALPH\AppData\Local\PunkBuster
    [22/09/2007|17:57] C:\Users\RALPH\AppData\Local\Steam
    [27/01/2009|17:07] C:\Users\RALPH\AppData\Local\Temp
    [10/09/2007|15:19] C:\Users\RALPH\AppData\Local\Temporary Internet Files
    [13/09/2007|09:07] C:\Users\RALPH\AppData\Local\VirtualStore
    [05/05/2008|10:22] C:\Users\RALPH\AppData\Local\Wyzo
    [06/04/2008|11:15] C:\Users\RALPH\AppData\Local\Zattoo
    [06/04/2008|11:13] C:\Users\RALPH\AppData\Local\ZattooPlayer

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [27/01/2009 17:00][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
    [26/01/2009 14:01][--ah-----] C:\Windows\tasks\SA.DAT
    [23/01/2009 11:17][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [18/12/2008|09:18] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [14/01/2009|11:36] C:\ProgramData\Adobe
    [07/01/2008|20:40] C:\ProgramData\Apple
    [18/12/2008|09:18] C:\ProgramData\Apple Computer
    [02/11/2006|14:02] C:\ProgramData\Application Data
    [10/09/2007|15:17] C:\ProgramData\Bureau
    [02/11/2006|14:02] C:\ProgramData\Desktop
    [02/11/2006|14:02] C:\ProgramData\Documents
    [07/08/2008|07:48] C:\ProgramData\eMule
    [10/09/2007|15:17] C:\ProgramData\Favoris
    [02/11/2006|14:02] C:\ProgramData\Favorites
    [14/01/2009|11:42] C:\ProgramData\FLEXnet
    [17/12/2008|17:19] C:\ProgramData\Google
    [27/01/2009|08:24] C:\ProgramData\Google Updater
    [21/01/2008|10:55] C:\ProgramData\IM
    [21/01/2008|10:40] C:\ProgramData\IncrediMail
    [09/01/2009|16:20] C:\ProgramData\Installations
    [10/09/2007|15:17] C:\ProgramData\Menu D‚marrer
    [23/03/2008|12:22] C:\ProgramData\Messenger Plus!
    [07/01/2009|09:34] C:\ProgramData\Microsoft
    [14/01/2009|08:59] C:\ProgramData\Microsoft Help
    [10/09/2007|15:17] C:\ProgramData\ModŠles
    [29/11/2007|17:03] C:\ProgramData\Nero
    [10/01/2008|18:33] C:\ProgramData\Nokia
    [13/09/2007|09:04] C:\ProgramData\ntuser.pol
    [14/01/2009|10:24] C:\ProgramData\NVIDIA
    [10/10/2007|09:29] C:\ProgramData\PC Suite
    [02/11/2006|14:02] C:\ProgramData\Start Menu
    [02/01/2009|14:10] C:\ProgramData\TEMP
    [02/11/2006|14:02] C:\ProgramData\Templates
    [19/04/2008|18:41] C:\ProgramData\TrackMania
    [04/04/2008|07:25] C:\ProgramData\TuneUp Software
    [31/07/2008|15:34] C:\ProgramData\Ubisoft
    [18/01/2009|23:43] C:\ProgramData\WindowsSearch
    [06/03/2008|09:11] C:\ProgramData\WLInstaller

    --------------------\\ Listing des dossiers dans C:\Program Files

    [14/01/2009|11:03] C:\Program Files\Adobe
    [23/09/2008|15:25] C:\Program Files\Alwil Software
    [18/12/2008|09:19] C:\Program Files\Apple Software Update
    [10/01/2008|17:25] C:\Program Files\Avery Assistant 3.1
    [14/01/2009|11:41] C:\Program Files\Common Files
    [15/06/2008|10:53] C:\Program Files\Conduit
    [13/09/2007|12:31] C:\Program Files\DAEMON Tools
    [14/01/2009|12:39] C:\Program Files\Deep Silver
    [10/10/2007|09:27] C:\Program Files\DIFX
    [10/01/2009|22:25] C:\Program Files\DivX
    [17/12/2007|13:01] C:\Program Files\DNA
    [08/01/2009|12:20] C:\Program Files\EA Games
    [06/01/2009|17:57] C:\Program Files\Electronic Arts
    [17/09/2007|11:39] C:\Program Files\epson
    [21/01/2009|10:55] C:\Program Files\fdjeux
    [10/09/2007|15:17] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [17/12/2008|20:33] C:\Program Files\Google
    [26/09/2008|15:40] C:\Program Files\IEPro
    [21/01/2008|10:51] C:\Program Files\IncrediMail
    [06/01/2009|18:09] C:\Program Files\InstallShield Installation Information
    [10/09/2007|15:21] C:\Program Files\Intel
    [12/07/2008|08:44] C:\Program Files\Internet Explorer
    [18/12/2008|09:18] C:\Program Files\iPod
    [18/12/2008|09:18] C:\Program Files\iTunes
    [09/01/2009|08:12] C:\Program Files\Java
    [30/05/2008|13:13] C:\Program Files\LifeView DTV
    [14/03/2008|13:07] C:\Program Files\Logitech
    [12/10/2007|15:31] C:\Program Files\Messenger
    [08/09/2008|09:42] C:\Program Files\Messenger Plus! Live
    [07/01/2009|09:35] C:\Program Files\Microsoft
    [02/11/2006|13:37] C:\Program Files\Microsoft Games
    [16/03/2008|21:34] C:\Program Files\Microsoft Office
    [27/10/2008|12:05] C:\Program Files\Microsoft Silverlight
    [07/01/2009|09:31] C:\Program Files\Microsoft SQL Server Compact Edition
    [07/01/2009|09:34] C:\Program Files\Microsoft Sync Framework
    [13/09/2007|20:44] C:\Program Files\Microsoft Visual Studio
    [03/03/2008|18:12] C:\Program Files\Microsoft Visual Studio 8
    [24/12/2008|09:20] C:\Program Files\Microsoft Works
    [13/09/2007|20:43] C:\Program Files\Microsoft.NET
    [12/07/2008|08:44] C:\Program Files\Movie Maker
    [13/09/2007|20:44] C:\Program Files\MSBuild
    [13/09/2007|07:15] C:\Program Files\MSN Messenger
    [04/02/2008|09:12] C:\Program Files\MSN Pictures Displayer
    [30/11/2007|03:01] C:\Program Files\MSXML 4.0
    [29/11/2007|17:03] C:\Program Files\Nero
    [04/04/2008|11:47] C:\Program Files\Netlog 24
    [15/06/2008|11:02] C:\Program Files\Netlog Toolbar
    [09/01/2009|16:24] C:\Program Files\Nokia
    [04/05/2008|10:40] C:\Program Files\Participatory Culture Foundation
    [09/01/2009|16:23] C:\Program Files\PC Connectivity Solution
    [18/06/2008|12:34] C:\Program Files\PDFCreator
    [18/12/2008|09:16] C:\Program Files\QuickTime
    [06/03/2008|16:53] C:\Program Files\Real
    [14/03/2008|13:07] C:\Program Files\Reality Fusion
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [02/01/2009|08:10] C:\Program Files\Spyware Doctor
    [15/01/2008|14:43] C:\Program Files\SystemRequirementsLab
    [25/01/2009|11:34] C:\Program Files\Trend Micro
    [31/07/2008|14:42] C:\Program Files\Ubisoft
    [02/11/2006|14:01] C:\Program Files\Uninstall Information
    [25/12/2007|12:48] C:\Program Files\uTorrent
    [12/03/2008|14:35] C:\Program Files\VideoLAN
    [06/06/2008|09:47] C:\Program Files\VirtualDub-MPEG2
    [06/01/2009|17:24] C:\Program Files\Winamp
    [12/07/2008|08:44] C:\Program Files\Windows Calendar
    [12/07/2008|08:44] C:\Program Files\Windows Collaboration
    [12/07/2008|08:44] C:\Program Files\Windows Defender
    [12/07/2008|08:44] C:\Program Files\Windows Journal
    [07/01/2009|09:35] C:\Program Files\Windows Live
    [12/10/2007|16:48] C:\Program Files\Windows Live Favorites
    [07/01/2009|09:28] C:\Program Files\Windows Live SkyDrive
    [07/01/2009|09:35] C:\Program Files\Windows Live Toolbar
    [14/01/2009|09:02] C:\Program Files\Windows Mail
    [12/07/2008|08:44] C:\Program Files\Windows Media Player
    [10/09/2007|15:17] C:\Program Files\Windows NT
    [12/07/2008|08:44] C:\Program Files\Windows Photo Gallery
    [12/07/2008|08:44] C:\Program Files\Windows Sidebar
    [13/09/2007|12:29] C:\Program Files\WinRAR
    [10/09/2007|15:45] C:\Program Files\Wireless 802.11g Monitor

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [14/01/2009|09:36] C:\Program Files\Common Files\Adobe
    [29/11/2007|16:49] C:\Program Files\Common Files\Ahead
    [18/12/2008|09:18] C:\Program Files\Common Files\Apple
    [10/01/2008|17:15] C:\Program Files\Common Files\Avery
    [03/12/2007|17:38] C:\Program Files\Common Files\BitDefender
    [13/09/2007|20:44] C:\Program Files\Common Files\DESIGNER
    [07/06/2008|15:00] C:\Program Files\Common Files\InstallShield
    [05/10/2007|12:27] C:\Program Files\Common Files\Java
    [18/10/2007|16:23] C:\Program Files\Common Files\LightScribe
    [06/03/2008|16:54] C:\Program Files\Common Files\Logitech
    [14/01/2009|11:41] C:\Program Files\Common Files\Macrovision Shared
    [07/01/2009|09:28] C:\Program Files\Common Files\microsoft shared
    [29/11/2007|17:06] C:\Program Files\Common Files\Nero
    [09/01/2009|16:24] C:\Program Files\Common Files\Nokia
    [09/01/2009|16:24] C:\Program Files\Common Files\PCSuite
    [02/11/2007|09:16] C:\Program Files\Common Files\PX Storage Engine
    [18/04/2008|12:18] C:\Program Files\Common Files\Real
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [18/01/2009|23:43] C:\Program Files\Common Files\Steam
    [12/07/2008|08:44] C:\Program Files\Common Files\System
    [07/01/2009|09:11] C:\Program Files\Common Files\Windows Live
    [06/03/2008|09:13] C:\Program Files\Common Files\WindowsLiveInstaller
    [04/04/2008|07:24] C:\Program Files\Common Files\Wise Installation Wizard
    [18/04/2008|12:18] C:\Program Files\Common Files\xing shared

    --------------------\\ Process

    ( 78 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-27 17:07:15
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\RALPH\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\RALPH\Downloads\eMule\Incoming\PC - Need For Speed Prostreet + Keygen + Crack NoCd
    C:\Users\RALPH\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\RALPH\Downloads\eMule\Incoming\PC - Need For Speed Prostreet + Keygen + Crack NoCd\ Need For Speed Prostreet - - password .url
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\keygens
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\Readme.txt
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\serials
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\setupengpro.exe
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\keygens\1v4_7.exe
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\keygens\2v4_7.exe
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\keygens\2v4_8.exe
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\serials\Client.txt
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\serials\Home.txt
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\serials\Server.txt
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials\serials\Workstation.txt
    C:\Users\RALPH\Pictures\Nero 7 Pr‚mium v. 7.10.1.0 Fr complet + Keygen.ok vista
    C:\Users\RALPH\Pictures\Nero 7 Pr‚mium v. 7.10.1.0 Fr complet + Keygen.ok vista\Nero 7 Pr‚mium v. 7.10.1.0 Fr complet + Keygen.ok vista
    C:\Users\RALPH\Pictures\Nero 7 Pr‚mium v. 7.10.1.0 Fr complet + Keygen.ok vista\Nero 7 Pr‚mium v. 7.10.1.0 Fr complet + Keygen.ok vista\Keygen.exe
    C:\Users\RALPH\Pictures\Nero 7 Pr‚mium v. 7.10.1.0 Fr complet + Keygen.ok vista\Nero 7 Pr‚mium v. 7.10.1.0 Fr complet + Keygen.ok vista\Nero Premium 7.10.1.0 FR.exe


    [F:76][D:28]-> C:\Users\RALPH\AppData\Local\Temp
    [F:859][D:1]-> C:\Users\RALPH\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2781][D:10]-> C:\Users\RALPH\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:7][D:2]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 27/01/2009| 8:25 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 27/01/2009|17:09 - Option : [2]

    --------------------\\ Fin du rapport a 17:09:06
    [ UAC => 1 ]

    a b 8 Sécurité
    27 Janvier 2009 18:02:51

    Re,

    Faudrait arrêter avec les cracks...

    Sélectionne entièrement l'encadré ci-dessous , puis clique droit Copier

    C:\Users\RALPH\AppData\Local\Multi_Media_France
    C:\Users\RALPH\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\RALPH\Downloads\eMule\Incoming\PC - Need For Speed Prostreet + Keygen + Crack NoCd
    C:\Users\RALPH\Downloads\eMule\Incoming\ALWIL avast! antivirus v4.8 Home-Professional + keygens + serials
    C:\Users\RALPH\Pictures\Nero 7 Prémium v. 7.10.1.0 Fr complet + Keygen.ok vista


    Relance Lop S&D.

  • Choisis cette fois ci l'Option 4 (LopScript)
  • Une page blanche va s'ouvrir , clique droit dessus et choisis Coller
  • Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)
    27 Janvier 2009 19:00:44

    si je fais cela, cela va me supprimer ces fichiers ?
    a b 8 Sécurité
    28 Janvier 2009 14:47:26

    Bah oui ça va supprimer tes cracks responsables de l'infection. Mais si tu veux que l'infection revienne, tu fais comme tu veux :) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS