Votre question

Rapport Hitjackyhis a analysé merci

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Juin 2008 13:44:24

Bonjour tout le monde.

voila j'ai fait un scane hitjackis et je souhaite que vous me dite si je suis infecté Merci d'avance

voila le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:30:04, on 01/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Windows\System32\mobsync.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\Para_USB\BrStDvPt.exe
O4 - HKLM\..\Run: [Installation Diagnostics] "C:\Program Files\Brother\Brmfl06a\Brinstck.exe" /I DCP-130CDCP-130C:'* USB
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [eggs spam] "C:\ProgramData\siteaboutabout.a5n19x"
O4 - HKCU\..\Run: [bait deaf idle setup] "C:\ProgramData\LIVE CASH CREATIVE.z1r81xo"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Ba ... b57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Registe ... lashax.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe

--
End of file - 10163 bytes

Autres pages sur : rapport hitjackyhis analyse merci

7 Juin 2008 13:57:17

Bonjour,

Télécharge Lop S&D.exe (d’ Eric 71 & Angeldark) sur ton bureau.

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau
    7 Juin 2008 14:13:06

    Merci pour ta réponse rapide voila le rapport Lop S&D


    -----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6001, Service Pack 1 ]
    [ USER : sandrine ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 07/06/2008 | 14:06:55,32 ] [ PC : PC-DE-SANDRINE ]
    [ MAJ : 01-06-2008 | 15:51 ]
    [ UAC => 0 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [01/06/2008|15:55] C:\Users\sandrine\AppData\Roaming\Adobe\Flash Player
    [28/08/2007|13:45] C:\Users\sandrine\AppData\Roaming\Adobe\Linguistics
    [23/08/2007|12:29] C:\Users\sandrine\AppData\Roaming\Adobe\Acrobat

    [27/12/2007|13:43] C:\Users\sandrine\AppData\Roaming\ArcSoft\PhotoImpression
    [29/08/2007|19:11] C:\Users\sandrine\AppData\Roaming\ArcSoft\ArcRegister
    [29/08/2007|19:11] C:\Users\sandrine\AppData\Roaming\ArcSoft\Video Impression

    [28/08/2007|13:41] C:\Users\sandrine\AppData\Roaming\ATI\ACE

    [18/05/2008|12:36] C:\Users\sandrine\AppData\Roaming\Audacity\AutoSave
    [18/05/2008|12:35] C:\Users\sandrine\AppData\Roaming\Audacity\presets

    [13/11/2007|20:37] C:\Users\sandrine\AppData\Roaming\Brother\PrtDrv

    [01/06/2008|17:22] C:\Users\sandrine\AppData\Roaming\Google\Local Search History


    [19/03/2008|10:47] C:\Users\sandrine\AppData\Roaming\Identities\{002AVPFP-JHLQ-ABE1-QCPB-20UAQDUJCVV5}
    [23/08/2007|12:28] C:\Users\sandrine\AppData\Roaming\Identities\{9A5D43EF-FBC9-4437-AB61-BCD5DF6179B1}

    [29/08/2007|12:02] C:\Users\sandrine\AppData\Roaming\InstallShield\ISEngine12.0

    [21/05/2008|21:01] C:\Users\sandrine\AppData\Roaming\LimeWire\.NetworkShare
    [21/05/2008|21:00] C:\Users\sandrine\AppData\Roaming\LimeWire\themes
    [20/05/2008|15:34] C:\Users\sandrine\AppData\Roaming\LimeWire\xml
    [18/05/2008|15:15] C:\Users\sandrine\AppData\Roaming\LimeWire\.AppSpecialShare

    [01/06/2008|17:43] C:\Users\sandrine\AppData\Roaming\Macromedia\Flash Player

    [01/06/2008|16:30] C:\Users\sandrine\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware


    [28/05/2008|20:12] C:\Users\sandrine\AppData\Roaming\Microsoft\eHome
    [27/05/2008|18:05] C:\Users\sandrine\AppData\Roaming\Microsoft\MSN Messenger
    [21/05/2008|20:02] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows Media Encoder
    [05/03/2008|13:27] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows Photo Gallery
    [05/03/2008|13:23] C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer
    [26/02/2008|15:38] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows
    [12/02/2008|10:27] C:\Users\sandrine\AppData\Roaming\Microsoft\Pack Emoticones Love
    [11/01/2008|13:33] C:\Users\sandrine\AppData\Roaming\Microsoft\WLTB Custom Buttons
    [11/01/2008|13:33] C:\Users\sandrine\AppData\Roaming\Microsoft\MSNLiveFav
    [04/10/2007|19:37] C:\Users\sandrine\AppData\Roaming\Microsoft\Crypto
    [01/09/2007|21:36] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows Live Call
    [01/09/2007|21:36] C:\Users\sandrine\AppData\Roaming\Microsoft\IdentityCRL
    [29/08/2007|19:17] C:\Users\sandrine\AppData\Roaming\Microsoft\Credentials
    [23/08/2007|23:21] C:\Users\sandrine\AppData\Roaming\Microsoft\HTML Help
    [23/08/2007|21:48] C:\Users\sandrine\AppData\Roaming\Microsoft\MMC
    [23/08/2007|21:20] C:\Users\sandrine\AppData\Roaming\Microsoft\Speech
    [23/08/2007|12:29] C:\Users\sandrine\AppData\Roaming\Microsoft\SystemCertificates
    [23/08/2007|12:28] C:\Users\sandrine\AppData\Roaming\Microsoft\Protect

    [28/10/2007|21:57] C:\Users\sandrine\AppData\Roaming\Mozilla\Firefox




    [27/10/2007|16:20] C:\Users\sandrine\AppData\Roaming\ScanSoft\PaperPort

    [01/01/2008|20:39] C:\Users\sandrine\AppData\Roaming\Skype\sandjuju54
    [31/12/2007|14:33] C:\Users\sandrine\AppData\Roaming\Skype\Content
    [31/12/2007|14:33] C:\Users\sandrine\AppData\Roaming\Skype\Pictures



    [18/03/2008|20:06] C:\Users\sandrine\AppData\Roaming\WeatherDPA\Weather



    [19/03/2008|10:47] C:\Users\sandrine\AppData\Roaming\Zylom\127
    [19/03/2008|10:47] C:\Users\sandrine\AppData\Roaming\Zylom\ZylomGamesPlayer

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [11/01/2008 10:49][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [07/06/2008 14:06][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{1D0BCCAE-F15D-4BFD-82C7-AFEA90FE1772}.job
    [07/06/2008 14:06][--ah-----] C:\Windows\tasks\SA.DAT
    [07/06/2008 14:05][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [14/06/2007|20:06] C:\ProgramData\Adobe
    [20/03/2008|18:40] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [05/11/2007|17:08] C:\ProgramData\ATI
    [27/09/2007|12:39] C:\ProgramData\Brother
    [29/05/2008|07:34] C:\ProgramData\BROWSE PROGRAM
    [23/08/2007|12:24] C:\ProgramData\Bureau
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [31/12/2007|14:08] C:\ProgramData\ezsid.dat
    [23/08/2007|12:24] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [23/08/2007|12:30] C:\ProgramData\fsc-reg
    [30/08/2007|21:15] C:\ProgramData\Google
    [24/03/2008|10:05] C:\ProgramData\HotbarSA
    [27/09/2007|12:46] C:\ProgramData\InstallShield
    [31/08/2007|16:10] C:\ProgramData\LUUnInstall.LiveUpdate
    [01/06/2008|16:29] C:\ProgramData\Malwarebytes
    [23/08/2007|12:24] C:\ProgramData\Menu D‚marrer
    [06/11/2007|22:01] C:\ProgramData\Messenger Plus!
    [06/10/2007|14:18] C:\ProgramData\MGS
    [29/08/2007|13:29] C:\ProgramData\Microsoft
    [23/08/2007|12:24] C:\ProgramData\ModŠles
    [14/06/2007|20:10] C:\ProgramData\Nero
    [16/11/2007|19:30] C:\ProgramData\pixelStorm
    [27/09/2007|12:46] C:\ProgramData\ScanSoft
    [29/12/2007|19:12] C:\ProgramData\siteaboutabout.0b1vj
    [26/04/2008|20:02] C:\ProgramData\siteaboutabout.2a1zu09
    [18/01/2008|10:15] C:\ProgramData\siteaboutabout.3ficgc
    [29/05/2008|07:33] C:\ProgramData\siteaboutabout.a5n19x
    [08/01/2008|14:47] C:\ProgramData\siteaboutabout.h5g7v
    [17/02/2008|20:57] C:\ProgramData\siteaboutabout.jutlc
    [29/05/2008|07:33] C:\ProgramData\siteaboutabout.ou9lz
    [02/01/2008|22:11] C:\ProgramData\siteaboutabout.qpsbh
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [31/08/2007|16:10] C:\ProgramData\Symantec
    [02/11/2006|15:02] C:\ProgramData\Templates
    [11/01/2008|10:41] C:\ProgramData\WLInstaller
    [28/12/2007|15:39] C:\ProgramData\Xerox

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [02/05/2008|11:11] C:\Program Files\AbiSuite2
    [14/06/2007|20:06] C:\Program Files\Adobe
    [31/08/2007|15:24] C:\Program Files\Alwil Software
    [26/12/2007|21:52] C:\Program Files\ArcSoft
    [14/06/2007|20:02] C:\Program Files\ATI
    [14/06/2007|20:03] C:\Program Files\ATI Technologies
    [27/09/2007|12:51] C:\Program Files\Brother
    [01/06/2008|16:29] C:\Program Files\CCleaner
    [20/05/2008|15:24] C:\Program Files\Common Files
    [19/03/2008|23:01] C:\Program Files\desktop.ini
    [15/04/2008|11:07] C:\Program Files\Dofus
    [28/10/2007|20:11] C:\Program Files\Dreamcatcher
    [23/08/2007|12:24] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [30/12/2007|11:32] C:\Program Files\Firefly Studios
    [28/12/2007|18:07] C:\Program Files\GameSpy Arcade
    [18/05/2008|14:48] C:\Program Files\Google
    [29/08/2007|12:03] C:\Program Files\Hercules
    [20/03/2008|18:39] C:\Program Files\illiminable
    [08/05/2008|13:21] C:\Program Files\InstallShield Installation Information
    [18/05/2008|14:48] C:\Program Files\Internet Explorer
    [20/05/2008|15:26] C:\Program Files\Java
    [19/05/2008|12:27] C:\Program Files\LimeWire
    [01/06/2008|16:29] C:\Program Files\Malwarebytes' Anti-Malware
    [23/08/2007|12:30] C:\Program Files\MB application
    [12/03/2008|00:59] C:\Program Files\Messenger
    [26/04/2008|20:01] C:\Program Files\Messenger Plus! Live
    [30/08/2007|13:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [08/09/2007|22:26] C:\Program Files\Microsoft SQL Server Compact Edition
    [19/03/2008|22:51] C:\Program Files\Movie Maker
    [01/06/2008|16:03] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [12/03/2008|00:59] C:\Program Files\MSN Pictures Displayer
    [01/06/2008|16:51] C:\Program Files\Navilog1
    [14/06/2007|20:10] C:\Program Files\Nero
    [28/08/2007|17:20] C:\Program Files\Neuf
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [27/09/2007|12:45] C:\Program Files\ScanSoft
    [18/02/2008|20:11] C:\Program Files\Strategy First
    [18/05/2008|17:13] C:\Program Files\Sun
    [31/08/2007|16:09] C:\Program Files\Symantec
    [01/06/2008|16:00] C:\Program Files\Trend Micro
    [28/08/2007|13:07] C:\Program Files\Trust
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [20/03/2008|18:41] C:\Program Files\VistaCodecPack
    [19/03/2008|22:51] C:\Program Files\Windows Calendar
    [19/03/2008|22:51] C:\Program Files\Windows Collaboration
    [19/03/2008|22:51] C:\Program Files\Windows Defender
    [19/03/2008|22:51] C:\Program Files\Windows Journal
    [28/02/2008|10:34] C:\Program Files\Windows Live
    [11/01/2008|10:49] C:\Program Files\Windows Live Favorites
    [24/09/2007|20:51] C:\Program Files\Windows Live Safety Center
    [11/01/2008|10:49] C:\Program Files\Windows Live Toolbar
    [15/05/2008|07:48] C:\Program Files\Windows Mail
    [19/03/2008|22:51] C:\Program Files\Windows Media Player
    [23/08/2007|12:24] C:\Program Files\Windows NT
    [19/03/2008|22:51] C:\Program Files\Windows Photo Gallery
    [19/03/2008|22:51] C:\Program Files\Windows Sidebar
    [26/02/2008|16:26] C:\Program Files\WinRAR

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [14/06/2007|20:06] C:\Program Files\Common Files\Adobe
    [14/06/2007|20:12] C:\Program Files\Common Files\Ahead
    [29/08/2007|18:18] C:\Program Files\Common Files\ArcSoft
    [13/04/2008|08:11] C:\Program Files\Common Files\Blizzard Entertainment
    [14/06/2007|20:20] C:\Program Files\Common Files\Fujitsu Siemens Computers
    [27/09/2007|12:51] C:\Program Files\Common Files\InstallShield
    [20/05/2008|15:24] C:\Program Files\Common Files\Java
    [11/01/2008|10:45] C:\Program Files\Common Files\microsoft shared
    [28/08/2007|13:07] C:\Program Files\Common Files\PCCamera
    [27/09/2007|12:46] C:\Program Files\Common Files\ScanSoft Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [01/09/2007|13:18] C:\Program Files\Common Files\Symantec Shared
    [19/03/2008|22:51] C:\Program Files\Common Files\System
    [11/01/2008|10:44] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 59

    iexplore.exe ~ [3532]

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-07 14:07:20
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:88][D:10]-> C:\Users\sandrine\AppData\Local\Temp
    [F:55][D:1]-> C:\Users\sandrine\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2073][D:4]-> C:\Users\sandrine\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:13][D:5]-> C:\$Recycle.Bin

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 14:09:37,34 ]----------------------
    Contenus similaires
    7 Juin 2008 14:27:32

    Re,

    Sélectionne entièrement l'encadré ci-dessous , puis clique droit Copier

    C:\ProgramData\BROWSE PROGRAM
    C:\ProgramData\siteaboutabout.0b1vj
    C:\ProgramData\siteaboutabout.2a1zu09
    C:\ProgramData\siteaboutabout.3ficgc
    C:\ProgramData\siteaboutabout.a5n19x
    C:\ProgramData\siteaboutabout.h5g7v
    C:\ProgramData\siteaboutabout.jutlc
    C:\ProgramData\siteaboutabout.ou9lz
    C:\ProgramData\siteaboutabout.qpsbh


    Relance Lop S&D

  • Choisis cette fois ci l'Option 4 (LopScript)
  • Une page blanche va s'ouvrir , clique droit dessus et choisis Coller
  • Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)
    7 Juin 2008 19:11:07

    Re
    voila j'ai fait ce que tu ma dis de faire mais je ne c'est pas pourquoi
    Lop S&D est rester bloquer sur une fenetre rouge avec marquer dussu
    pealse wait ... Registry 3 ...
    Le fichier spécifié est introuvable

    il ne ma pas sortie le rapport est ce normale
    7 Juin 2008 19:12:02

    Re,

    Peux-tu me faire à nouveau l'option 1 et me poster le rapport ?
    7 Juin 2008 19:23:00

    voila le rapport que j'ai eu


    -----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6001, Service Pack 1 ]
    [ USER : sandrine ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 07/06/2008 | 19:19:21,38 ] [ PC : PC-DE-SANDRINE ]
    [ MAJ : 01-06-2008 | 15:51 ]
    [ UAC => 0 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [01/06/2008|15:55] C:\Users\sandrine\AppData\Roaming\Adobe\Flash Player
    [28/08/2007|13:45] C:\Users\sandrine\AppData\Roaming\Adobe\Linguistics
    [23/08/2007|12:29] C:\Users\sandrine\AppData\Roaming\Adobe\Acrobat

    [27/12/2007|13:43] C:\Users\sandrine\AppData\Roaming\ArcSoft\PhotoImpression
    [29/08/2007|19:11] C:\Users\sandrine\AppData\Roaming\ArcSoft\ArcRegister
    [29/08/2007|19:11] C:\Users\sandrine\AppData\Roaming\ArcSoft\Video Impression

    [28/08/2007|13:41] C:\Users\sandrine\AppData\Roaming\ATI\ACE

    [18/05/2008|12:36] C:\Users\sandrine\AppData\Roaming\Audacity\AutoSave
    [18/05/2008|12:35] C:\Users\sandrine\AppData\Roaming\Audacity\presets

    [13/11/2007|20:37] C:\Users\sandrine\AppData\Roaming\Brother\PrtDrv

    [01/06/2008|17:22] C:\Users\sandrine\AppData\Roaming\Google\Local Search History


    [19/03/2008|10:47] C:\Users\sandrine\AppData\Roaming\Identities\{002AVPFP-JHLQ-ABE1-QCPB-20UAQDUJCVV5}
    [23/08/2007|12:28] C:\Users\sandrine\AppData\Roaming\Identities\{9A5D43EF-FBC9-4437-AB61-BCD5DF6179B1}

    [29/08/2007|12:02] C:\Users\sandrine\AppData\Roaming\InstallShield\ISEngine12.0

    [21/05/2008|21:01] C:\Users\sandrine\AppData\Roaming\LimeWire\.NetworkShare
    [21/05/2008|21:00] C:\Users\sandrine\AppData\Roaming\LimeWire\themes
    [20/05/2008|15:34] C:\Users\sandrine\AppData\Roaming\LimeWire\xml
    [18/05/2008|15:15] C:\Users\sandrine\AppData\Roaming\LimeWire\.AppSpecialShare

    [01/06/2008|17:43] C:\Users\sandrine\AppData\Roaming\Macromedia\Flash Player

    [01/06/2008|16:30] C:\Users\sandrine\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware


    [28/05/2008|20:12] C:\Users\sandrine\AppData\Roaming\Microsoft\eHome
    [27/05/2008|18:05] C:\Users\sandrine\AppData\Roaming\Microsoft\MSN Messenger
    [21/05/2008|20:02] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows Media Encoder
    [05/03/2008|13:27] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows Photo Gallery
    [05/03/2008|13:23] C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer
    [26/02/2008|15:38] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows
    [12/02/2008|10:27] C:\Users\sandrine\AppData\Roaming\Microsoft\Pack Emoticones Love
    [11/01/2008|13:33] C:\Users\sandrine\AppData\Roaming\Microsoft\WLTB Custom Buttons
    [11/01/2008|13:33] C:\Users\sandrine\AppData\Roaming\Microsoft\MSNLiveFav
    [04/10/2007|19:37] C:\Users\sandrine\AppData\Roaming\Microsoft\Crypto
    [01/09/2007|21:36] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows Live Call
    [01/09/2007|21:36] C:\Users\sandrine\AppData\Roaming\Microsoft\IdentityCRL
    [29/08/2007|19:17] C:\Users\sandrine\AppData\Roaming\Microsoft\Credentials
    [23/08/2007|23:21] C:\Users\sandrine\AppData\Roaming\Microsoft\HTML Help
    [23/08/2007|21:48] C:\Users\sandrine\AppData\Roaming\Microsoft\MMC
    [23/08/2007|21:20] C:\Users\sandrine\AppData\Roaming\Microsoft\Speech
    [23/08/2007|12:29] C:\Users\sandrine\AppData\Roaming\Microsoft\SystemCertificates
    [23/08/2007|12:28] C:\Users\sandrine\AppData\Roaming\Microsoft\Protect

    [28/10/2007|21:57] C:\Users\sandrine\AppData\Roaming\Mozilla\Firefox




    [27/10/2007|16:20] C:\Users\sandrine\AppData\Roaming\ScanSoft\PaperPort

    [01/01/2008|20:39] C:\Users\sandrine\AppData\Roaming\Skype\sandjuju54
    [31/12/2007|14:33] C:\Users\sandrine\AppData\Roaming\Skype\Content
    [31/12/2007|14:33] C:\Users\sandrine\AppData\Roaming\Skype\Pictures



    [18/03/2008|20:06] C:\Users\sandrine\AppData\Roaming\WeatherDPA\Weather



    [19/03/2008|10:47] C:\Users\sandrine\AppData\Roaming\Zylom\127
    [19/03/2008|10:47] C:\Users\sandrine\AppData\Roaming\Zylom\ZylomGamesPlayer

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [11/01/2008 10:49][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [07/06/2008 19:15][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{1D0BCCAE-F15D-4BFD-82C7-AFEA90FE1772}.job
    [07/06/2008 19:06][--ah-----] C:\Windows\tasks\SA.DAT
    [07/06/2008 19:05][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [14/06/2007|20:06] C:\ProgramData\Adobe
    [20/03/2008|18:40] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [05/11/2007|17:08] C:\ProgramData\ATI
    [27/09/2007|12:39] C:\ProgramData\Brother
    [29/05/2008|07:34] C:\ProgramData\BROWSE PROGRAM
    [23/08/2007|12:24] C:\ProgramData\Bureau
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [31/12/2007|14:08] C:\ProgramData\ezsid.dat
    [23/08/2007|12:24] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [23/08/2007|12:30] C:\ProgramData\fsc-reg
    [30/08/2007|21:15] C:\ProgramData\Google
    [24/03/2008|10:05] C:\ProgramData\HotbarSA
    [27/09/2007|12:46] C:\ProgramData\InstallShield
    [31/08/2007|16:10] C:\ProgramData\LUUnInstall.LiveUpdate
    [01/06/2008|16:29] C:\ProgramData\Malwarebytes
    [23/08/2007|12:24] C:\ProgramData\Menu D‚marrer
    [06/11/2007|22:01] C:\ProgramData\Messenger Plus!
    [06/10/2007|14:18] C:\ProgramData\MGS
    [29/08/2007|13:29] C:\ProgramData\Microsoft
    [23/08/2007|12:24] C:\ProgramData\ModŠles
    [14/06/2007|20:10] C:\ProgramData\Nero
    [16/11/2007|19:30] C:\ProgramData\pixelStorm
    [27/09/2007|12:46] C:\ProgramData\ScanSoft
    [29/12/2007|19:12] C:\ProgramData\siteaboutabout.0b1vj
    [26/04/2008|20:02] C:\ProgramData\siteaboutabout.2a1zu09
    [18/01/2008|10:15] C:\ProgramData\siteaboutabout.3ficgc
    [29/05/2008|07:33] C:\ProgramData\siteaboutabout.a5n19x
    [08/01/2008|14:47] C:\ProgramData\siteaboutabout.h5g7v
    [17/02/2008|20:57] C:\ProgramData\siteaboutabout.jutlc
    [29/05/2008|07:33] C:\ProgramData\siteaboutabout.ou9lz
    [02/01/2008|22:11] C:\ProgramData\siteaboutabout.qpsbh
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [31/08/2007|16:10] C:\ProgramData\Symantec
    [02/11/2006|15:02] C:\ProgramData\Templates
    [11/01/2008|10:41] C:\ProgramData\WLInstaller
    [28/12/2007|15:39] C:\ProgramData\Xerox

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [02/05/2008|11:11] C:\Program Files\AbiSuite2
    [14/06/2007|20:06] C:\Program Files\Adobe
    [31/08/2007|15:24] C:\Program Files\Alwil Software
    [26/12/2007|21:52] C:\Program Files\ArcSoft
    [14/06/2007|20:02] C:\Program Files\ATI
    [14/06/2007|20:03] C:\Program Files\ATI Technologies
    [27/09/2007|12:51] C:\Program Files\Brother
    [01/06/2008|16:29] C:\Program Files\CCleaner
    [20/05/2008|15:24] C:\Program Files\Common Files
    [19/03/2008|23:01] C:\Program Files\desktop.ini
    [15/04/2008|11:07] C:\Program Files\Dofus
    [28/10/2007|20:11] C:\Program Files\Dreamcatcher
    [23/08/2007|12:24] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [30/12/2007|11:32] C:\Program Files\Firefly Studios
    [28/12/2007|18:07] C:\Program Files\GameSpy Arcade
    [18/05/2008|14:48] C:\Program Files\Google
    [29/08/2007|12:03] C:\Program Files\Hercules
    [20/03/2008|18:39] C:\Program Files\illiminable
    [08/05/2008|13:21] C:\Program Files\InstallShield Installation Information
    [18/05/2008|14:48] C:\Program Files\Internet Explorer
    [20/05/2008|15:26] C:\Program Files\Java
    [19/05/2008|12:27] C:\Program Files\LimeWire
    [01/06/2008|16:29] C:\Program Files\Malwarebytes' Anti-Malware
    [23/08/2007|12:30] C:\Program Files\MB application
    [12/03/2008|00:59] C:\Program Files\Messenger
    [26/04/2008|20:01] C:\Program Files\Messenger Plus! Live
    [30/08/2007|13:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [08/09/2007|22:26] C:\Program Files\Microsoft SQL Server Compact Edition
    [19/03/2008|22:51] C:\Program Files\Movie Maker
    [01/06/2008|16:03] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [12/03/2008|00:59] C:\Program Files\MSN Pictures Displayer
    [01/06/2008|16:51] C:\Program Files\Navilog1
    [14/06/2007|20:10] C:\Program Files\Nero
    [28/08/2007|17:20] C:\Program Files\Neuf
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [27/09/2007|12:45] C:\Program Files\ScanSoft
    [18/02/2008|20:11] C:\Program Files\Strategy First
    [18/05/2008|17:13] C:\Program Files\Sun
    [31/08/2007|16:09] C:\Program Files\Symantec
    [01/06/2008|16:00] C:\Program Files\Trend Micro
    [28/08/2007|13:07] C:\Program Files\Trust
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [20/03/2008|18:41] C:\Program Files\VistaCodecPack
    [19/03/2008|22:51] C:\Program Files\Windows Calendar
    [19/03/2008|22:51] C:\Program Files\Windows Collaboration
    [19/03/2008|22:51] C:\Program Files\Windows Defender
    [19/03/2008|22:51] C:\Program Files\Windows Journal
    [28/02/2008|10:34] C:\Program Files\Windows Live
    [11/01/2008|10:49] C:\Program Files\Windows Live Favorites
    [24/09/2007|20:51] C:\Program Files\Windows Live Safety Center
    [11/01/2008|10:49] C:\Program Files\Windows Live Toolbar
    [15/05/2008|07:48] C:\Program Files\Windows Mail
    [19/03/2008|22:51] C:\Program Files\Windows Media Player
    [23/08/2007|12:24] C:\Program Files\Windows NT
    [19/03/2008|22:51] C:\Program Files\Windows Photo Gallery
    [19/03/2008|22:51] C:\Program Files\Windows Sidebar
    [26/02/2008|16:26] C:\Program Files\WinRAR

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [14/06/2007|20:06] C:\Program Files\Common Files\Adobe
    [14/06/2007|20:12] C:\Program Files\Common Files\Ahead
    [29/08/2007|18:18] C:\Program Files\Common Files\ArcSoft
    [13/04/2008|08:11] C:\Program Files\Common Files\Blizzard Entertainment
    [14/06/2007|20:20] C:\Program Files\Common Files\Fujitsu Siemens Computers
    [27/09/2007|12:51] C:\Program Files\Common Files\InstallShield
    [20/05/2008|15:24] C:\Program Files\Common Files\Java
    [11/01/2008|10:45] C:\Program Files\Common Files\microsoft shared
    [28/08/2007|13:07] C:\Program Files\Common Files\PCCamera
    [27/09/2007|12:46] C:\Program Files\Common Files\ScanSoft Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [01/09/2007|13:18] C:\Program Files\Common Files\Symantec Shared
    [19/03/2008|22:51] C:\Program Files\Common Files\System
    [11/01/2008|10:44] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 61

    iexplore.exe ~ [2712]

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-07 19:19:45
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:88][D:10]-> C:\Users\sandrine\AppData\Local\Temp
    [F:55][D:1]-> C:\Users\sandrine\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2073][D:4]-> C:\Users\sandrine\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:13][D:5]-> C:\$Recycle.Bin

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 19:20:28,12 ]----------------------
    7 Juin 2008 19:25:57

    OK.

    Retente l'option 4 pareil qu'avant.
    7 Juin 2008 20:00:06

    cà fait la même chose que tout a l heur
    c'est a dire
    Lop S&D rester bloquer sur une fenetre rouge avec marquer dussu
    pealse wait ... Registry 3 ...
    Le fichier spécifié est introuvable
    7 Juin 2008 21:17:14

    j'ai fait un scane avec avira antivir et voila le rapport



    Avira AntiVir Personal
    Report file date: samedi 7 juin 2008 20:40

    Scanning for 1313263 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows Vista
    Windows version: (Service Pack 1) [6.0.6001]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: PC-DE-SANDRINE

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
    LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
    LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
    ANTIVIR2.VDF : 7.0.4.120 2206720 Bytes 01/06/2008 18:35:04
    ANTIVIR3.VDF : 7.0.4.156 144896 Bytes 06/06/2008 18:35:05
    Engineversion : 8.1.0.55
    AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
    AESCRIPT.DLL : 8.1.0.40 266618 Bytes 07/06/2008 18:35:14
    AESCN.DLL : 8.1.0.21 119156 Bytes 07/06/2008 18:35:13
    AERDL.DLL : 8.1.0.20 418165 Bytes 07/06/2008 18:35:12
    AEPACK.DLL : 8.1.1.5 364918 Bytes 07/06/2008 18:35:11
    AEOFFICE.DLL : 8.1.0.18 192890 Bytes 07/06/2008 18:35:10
    AEHEUR.DLL : 8.1.0.30 1253750 Bytes 07/06/2008 18:35:10
    AEHELP.DLL : 8.1.0.15 115063 Bytes 07/06/2008 18:35:08
    AEGEN.DLL : 8.1.0.28 307572 Bytes 07/06/2008 18:35:07
    AEEMU.DLL : 8.1.0.6 430451 Bytes 07/06/2008 18:35:06
    AECORE.DLL : 8.1.0.31 168310 Bytes 07/06/2008 18:35:05
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
    AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
    AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, D:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: samedi 7 juin 2008 20:40

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'SearchFilterHost.exe' - '1' Module(s) have been scanned
    Scan process 'SearchProtocolHost.exe' - '1' Module(s) have been scanned
    Scan process 'firefox.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'VSSVC.exe' - '1' Module(s) have been scanned
    Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'MSN Pictures Displayer.exe' - '1' Module(s) have been scanned
    Scan process 'p2phost.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'ehtray.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'sidebar.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'wmdSync.exe' - '1' Module(s) have been scanned
    Scan process 'pptd40nt.exe' - '1' Module(s) have been scanned
    Scan process 'Monitor.exe' - '1' Module(s) have been scanned
    Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'dwm.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'TestHandler.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
    Scan process 'audiodg.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'lsm.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'wininit.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    55 processes with 55 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    [INFO] Please restart the search with Administrator rights
    Master boot sector HD2
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    [INFO] Please restart the search with Administrator rights
    Master boot sector HD3
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    [INFO] Please restart the search with Administrator rights
    Master boot sector HD4
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    [INFO] Please restart the search with Administrator rights
    Master boot sector HD5
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    [INFO] Please restart the search with Administrator rights

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '11' files ).


    Starting the file scan:

    Begin scan in 'C:\' <SYSTEM>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\$Recycle.Bin\S-1-5-21-971366772-3169843584-625013202-1000\$RG8GFIK.exe
    [DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.94
    [NOTE] The file was moved to '4891d6d3.qua'!
    C:\Program Files\Navilog1\Backupnavi\ectkqiypgn.exe
    [DETECTION] Is the Trojan horse TR/Dropper.Gen
    [NOTE] The file was moved to '48bed885.qua'!
    C:\ProgramData\BROWSE PROGRAM\ariipbsf.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5424
    [NOTE] The file was moved to '48b3d8d1.qua'!
    C:\ProgramData\BROWSE PROGRAM\kpgllixv.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5352
    [NOTE] The file was moved to '48b1d8cf.qua'!
    C:\ProgramData\BROWSE PROGRAM\ooilmxkv.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was moved to '48b3d8cf.qua'!
    C:\ProgramData\BROWSE PROGRAM\tnwcpmnq.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was moved to '48c1d8ce.qua'!
    C:\ProgramData\BROWSE PROGRAM\ydwrjrrl.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was moved to '48c1d8c4.qua'!
    Begin scan in 'D:\'


    End of the scan: samedi 7 juin 2008 21:11
    Used time: 31:01 min

    The scan has been done completely.

    15642 Scanning directories
    186454 Files were scanned
    7 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    7 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    186447 Files not concerned
    3838 Archives were scanned
    7 Warnings
    7 Notes

    8 Juin 2008 12:17:46

    Bonjour
    cà fait la même chose que hier
    c'est a dire
    Lop S&D rester bloquer sur une fenetre rouge avec marquer dussu
    pealse wait ... Registry 3 ...
    Le fichier spécifié est introuvable
    j'ai refait un nouveau scan Lop S&D est voila le rapport



    -----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6001, Service Pack 1 ]
    [ USER : sandrine ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 08/06/2008 | 12:14:41,36 ] [ PC : PC-DE-SANDRINE ]
    [ MAJ : 07-06-2008 | 22:15 ]
    [ UAC => 0 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [01/06/2008|15:55] C:\Users\sandrine\AppData\Roaming\Adobe\Flash Player
    [28/08/2007|13:45] C:\Users\sandrine\AppData\Roaming\Adobe\Linguistics
    [23/08/2007|12:29] C:\Users\sandrine\AppData\Roaming\Adobe\Acrobat

    [27/12/2007|13:43] C:\Users\sandrine\AppData\Roaming\ArcSoft\PhotoImpression
    [29/08/2007|19:11] C:\Users\sandrine\AppData\Roaming\ArcSoft\ArcRegister
    [29/08/2007|19:11] C:\Users\sandrine\AppData\Roaming\ArcSoft\Video Impression

    [28/08/2007|13:41] C:\Users\sandrine\AppData\Roaming\ATI\ACE

    [18/05/2008|12:36] C:\Users\sandrine\AppData\Roaming\Audacity\AutoSave
    [18/05/2008|12:35] C:\Users\sandrine\AppData\Roaming\Audacity\presets

    [13/11/2007|20:37] C:\Users\sandrine\AppData\Roaming\Brother\PrtDrv

    [08/06/2008|08:42] C:\Users\sandrine\AppData\Roaming\Google\Local Search History


    [19/03/2008|10:47] C:\Users\sandrine\AppData\Roaming\Identities\{002AVPFP-JHLQ-ABE1-QCPB-20UAQDUJCVV5}
    [23/08/2007|12:28] C:\Users\sandrine\AppData\Roaming\Identities\{9A5D43EF-FBC9-4437-AB61-BCD5DF6179B1}

    [29/08/2007|12:02] C:\Users\sandrine\AppData\Roaming\InstallShield\ISEngine12.0

    [21/05/2008|21:01] C:\Users\sandrine\AppData\Roaming\LimeWire\.NetworkShare
    [21/05/2008|21:00] C:\Users\sandrine\AppData\Roaming\LimeWire\themes
    [20/05/2008|15:34] C:\Users\sandrine\AppData\Roaming\LimeWire\xml
    [18/05/2008|15:15] C:\Users\sandrine\AppData\Roaming\LimeWire\.AppSpecialShare

    [07/06/2008|22:02] C:\Users\sandrine\AppData\Roaming\Macromedia\Flash Player

    [01/06/2008|16:30] C:\Users\sandrine\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware


    [28/05/2008|20:12] C:\Users\sandrine\AppData\Roaming\Microsoft\eHome
    [27/05/2008|18:05] C:\Users\sandrine\AppData\Roaming\Microsoft\MSN Messenger
    [21/05/2008|20:02] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows Media Encoder
    [05/03/2008|13:27] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows Photo Gallery
    [05/03/2008|13:23] C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer
    [26/02/2008|15:38] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows
    [12/02/2008|10:27] C:\Users\sandrine\AppData\Roaming\Microsoft\Pack Emoticones Love
    [11/01/2008|13:33] C:\Users\sandrine\AppData\Roaming\Microsoft\WLTB Custom Buttons
    [11/01/2008|13:33] C:\Users\sandrine\AppData\Roaming\Microsoft\MSNLiveFav
    [04/10/2007|19:37] C:\Users\sandrine\AppData\Roaming\Microsoft\Crypto
    [01/09/2007|21:36] C:\Users\sandrine\AppData\Roaming\Microsoft\Windows Live Call
    [01/09/2007|21:36] C:\Users\sandrine\AppData\Roaming\Microsoft\IdentityCRL
    [29/08/2007|19:17] C:\Users\sandrine\AppData\Roaming\Microsoft\Credentials
    [23/08/2007|23:21] C:\Users\sandrine\AppData\Roaming\Microsoft\HTML Help
    [23/08/2007|21:48] C:\Users\sandrine\AppData\Roaming\Microsoft\MMC
    [23/08/2007|21:20] C:\Users\sandrine\AppData\Roaming\Microsoft\Speech
    [23/08/2007|12:29] C:\Users\sandrine\AppData\Roaming\Microsoft\SystemCertificates
    [23/08/2007|12:28] C:\Users\sandrine\AppData\Roaming\Microsoft\Protect

    [28/10/2007|21:57] C:\Users\sandrine\AppData\Roaming\Mozilla\Firefox




    [07/06/2008|20:40] C:\Users\sandrine\AppData\Roaming\Real\RealMediaSDK

    [27/10/2007|16:20] C:\Users\sandrine\AppData\Roaming\ScanSoft\PaperPort

    [01/01/2008|20:39] C:\Users\sandrine\AppData\Roaming\Skype\sandjuju54
    [31/12/2007|14:33] C:\Users\sandrine\AppData\Roaming\Skype\Content
    [31/12/2007|14:33] C:\Users\sandrine\AppData\Roaming\Skype\Pictures



    [18/03/2008|20:06] C:\Users\sandrine\AppData\Roaming\WeatherDPA\Weather



    [19/03/2008|10:47] C:\Users\sandrine\AppData\Roaming\Zylom\127
    [19/03/2008|10:47] C:\Users\sandrine\AppData\Roaming\Zylom\ZylomGamesPlayer

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [11/01/2008 10:49][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [08/06/2008 12:09][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{1D0BCCAE-F15D-4BFD-82C7-AFEA90FE1772}.job
    [08/06/2008 08:39][--ah-----] C:\Windows\tasks\SA.DAT
    [08/06/2008 08:38][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [14/06/2007|20:06] C:\ProgramData\Adobe
    [20/03/2008|18:40] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [05/11/2007|17:08] C:\ProgramData\ATI
    [07/06/2008|20:33] C:\ProgramData\Avira
    [27/09/2007|12:39] C:\ProgramData\Brother
    [07/06/2008|20:50] C:\ProgramData\BROWSE PROGRAM
    [23/08/2007|12:24] C:\ProgramData\Bureau
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [31/12/2007|14:08] C:\ProgramData\ezsid.dat
    [23/08/2007|12:24] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [23/08/2007|12:30] C:\ProgramData\fsc-reg
    [30/08/2007|21:15] C:\ProgramData\Google
    [24/03/2008|10:05] C:\ProgramData\HotbarSA
    [27/09/2007|12:46] C:\ProgramData\InstallShield
    [01/06/2008|16:29] C:\ProgramData\Malwarebytes
    [23/08/2007|12:24] C:\ProgramData\Menu D‚marrer
    [06/11/2007|22:01] C:\ProgramData\Messenger Plus!
    [06/10/2007|14:18] C:\ProgramData\MGS
    [29/08/2007|13:29] C:\ProgramData\Microsoft
    [23/08/2007|12:24] C:\ProgramData\ModŠles
    [14/06/2007|20:10] C:\ProgramData\Nero
    [08/06/2008|08:05] C:\ProgramData\ntuser.pol
    [16/11/2007|19:30] C:\ProgramData\pixelStorm
    [27/09/2007|12:46] C:\ProgramData\ScanSoft
    [29/12/2007|19:12] C:\ProgramData\siteaboutabout.0b1vj
    [26/04/2008|20:02] C:\ProgramData\siteaboutabout.2a1zu09
    [18/01/2008|10:15] C:\ProgramData\siteaboutabout.3ficgc
    [29/05/2008|07:33] C:\ProgramData\siteaboutabout.a5n19x
    [08/01/2008|14:47] C:\ProgramData\siteaboutabout.h5g7v
    [17/02/2008|20:57] C:\ProgramData\siteaboutabout.jutlc
    [29/05/2008|07:33] C:\ProgramData\siteaboutabout.ou9lz
    [02/01/2008|22:11] C:\ProgramData\siteaboutabout.qpsbh
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [02/11/2006|15:02] C:\ProgramData\Templates
    [11/01/2008|10:41] C:\ProgramData\WLInstaller
    [28/12/2007|15:39] C:\ProgramData\Xerox

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [02/05/2008|11:11] C:\Program Files\AbiSuite2
    [14/06/2007|20:06] C:\Program Files\Adobe
    [26/12/2007|21:52] C:\Program Files\ArcSoft
    [14/06/2007|20:02] C:\Program Files\ATI
    [14/06/2007|20:03] C:\Program Files\ATI Technologies
    [07/06/2008|20:33] C:\Program Files\Avira
    [27/09/2007|12:51] C:\Program Files\Brother
    [01/06/2008|16:29] C:\Program Files\CCleaner
    [20/05/2008|15:24] C:\Program Files\Common Files
    [19/03/2008|23:01] C:\Program Files\desktop.ini
    [15/04/2008|11:07] C:\Program Files\Dofus
    [28/10/2007|20:11] C:\Program Files\Dreamcatcher
    [23/08/2007|12:24] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [30/12/2007|11:32] C:\Program Files\Firefly Studios
    [28/12/2007|18:07] C:\Program Files\GameSpy Arcade
    [18/05/2008|14:48] C:\Program Files\Google
    [29/08/2007|12:03] C:\Program Files\Hercules
    [20/03/2008|18:39] C:\Program Files\illiminable
    [08/05/2008|13:21] C:\Program Files\InstallShield Installation Information
    [18/05/2008|14:48] C:\Program Files\Internet Explorer
    [20/05/2008|15:26] C:\Program Files\Java
    [19/05/2008|12:27] C:\Program Files\LimeWire
    [08/06/2008|12:09] C:\Program Files\Malwarebytes' Anti-Malware
    [23/08/2007|12:30] C:\Program Files\MB application
    [12/03/2008|00:59] C:\Program Files\Messenger
    [26/04/2008|20:01] C:\Program Files\Messenger Plus! Live
    [30/08/2007|13:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [08/09/2007|22:26] C:\Program Files\Microsoft SQL Server Compact Edition
    [19/03/2008|22:51] C:\Program Files\Movie Maker
    [01/06/2008|16:03] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [12/03/2008|00:59] C:\Program Files\MSN Pictures Displayer
    [07/06/2008|20:26] C:\Program Files\Navilog1
    [14/06/2007|20:10] C:\Program Files\Nero
    [28/08/2007|17:20] C:\Program Files\Neuf
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [27/09/2007|12:45] C:\Program Files\ScanSoft
    [18/02/2008|20:11] C:\Program Files\Strategy First
    [18/05/2008|17:13] C:\Program Files\Sun
    [01/06/2008|16:00] C:\Program Files\Trend Micro
    [28/08/2007|13:07] C:\Program Files\Trust
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [20/03/2008|18:41] C:\Program Files\VistaCodecPack
    [19/03/2008|22:51] C:\Program Files\Windows Calendar
    [19/03/2008|22:51] C:\Program Files\Windows Collaboration
    [19/03/2008|22:51] C:\Program Files\Windows Defender
    [19/03/2008|22:51] C:\Program Files\Windows Journal
    [28/02/2008|10:34] C:\Program Files\Windows Live
    [11/01/2008|10:49] C:\Program Files\Windows Live Favorites
    [24/09/2007|20:51] C:\Program Files\Windows Live Safety Center
    [11/01/2008|10:49] C:\Program Files\Windows Live Toolbar
    [15/05/2008|07:48] C:\Program Files\Windows Mail
    [19/03/2008|22:51] C:\Program Files\Windows Media Player
    [23/08/2007|12:24] C:\Program Files\Windows NT
    [19/03/2008|22:51] C:\Program Files\Windows Photo Gallery
    [19/03/2008|22:51] C:\Program Files\Windows Sidebar
    [26/02/2008|16:26] C:\Program Files\WinRAR

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [14/06/2007|20:06] C:\Program Files\Common Files\Adobe
    [14/06/2007|20:12] C:\Program Files\Common Files\Ahead
    [29/08/2007|18:18] C:\Program Files\Common Files\ArcSoft
    [13/04/2008|08:11] C:\Program Files\Common Files\Blizzard Entertainment
    [14/06/2007|20:20] C:\Program Files\Common Files\Fujitsu Siemens Computers
    [27/09/2007|12:51] C:\Program Files\Common Files\InstallShield
    [20/05/2008|15:24] C:\Program Files\Common Files\Java
    [11/01/2008|10:45] C:\Program Files\Common Files\microsoft shared
    [28/08/2007|13:07] C:\Program Files\Common Files\PCCamera
    [27/09/2007|12:46] C:\Program Files\Common Files\ScanSoft Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [07/06/2008|19:25] C:\Program Files\Common Files\Symantec Shared
    [19/03/2008|22:51] C:\Program Files\Common Files\System
    [11/01/2008|10:44] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 53

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-08 12:15:03
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:593][D:12]-> C:\Users\sandrine\AppData\Local\Temp
    [F:57][D:1]-> C:\Users\sandrine\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:302][D:4]-> C:\Users\sandrine\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:20][D:6]-> C:\$Recycle.Bin

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 12:15:52,72 ]----------------------

    8 Juin 2008 13:00:52

    un petit up Angeldark STP de l'aide
    8 Juin 2008 18:30:41

    Je ne suis pas Angeldark..

    Télécharge OTMoveIt2. ( de OldTimer)

  • Enregistre ce fichier sur le Bureau.
  • Fais un double clic sur OTMoveIt2.exe pour lancer l'exécution de l'outil. (Note: Si tu utilises Vista, fais un clic droit sur le fichier puis choisissez Exécuter en tant qu'administrateur).
  • Sélectionne l'intégralité du cadre ci-dessous :
    C:\ProgramData\BROWSE PROGRAM
    C:\ProgramData\siteaboutabout.0b1vj
    C:\ProgramData\siteaboutabout.2a1zu09
    C:\ProgramData\siteaboutabout.3ficgc
    C:\ProgramData\siteaboutabout.a5n19x
    C:\ProgramData\siteaboutabout.h5g7v
    C:\ProgramData\siteaboutabout.jutlc
    C:\ProgramData\siteaboutabout.ou9lz
    C:\ProgramData\siteaboutabout.qpsbh

  • Retourne dans la fenêtre de OTMoveIt2, fais un clic droit dans la zone "Paste List of Files/Folders to Move" (sous la barre bleu clair) puis choisis Coller. (en ayant au préalable fait Copier).
  • Clique sur le bouton rouge Moveit!.
  • Copie tout ce qui se trouve dans la zone Results (sous la barre verte) en sélectionnant TOUTES LES LIGNES puis en appuyant simultanément sur les touches CTRL et C (ou, après les avoir sélectionnées, en faisant un clic droit puis en choisissant Copier), et coller ces résulats en réponse sur le forum.
  • Ferme OTMoveIt2

    Note: Si un fichier ou un dossier ne peut pas être déplacé immédiatement, un redémarrage sera peut-être nécessaire afin de terminer le processus de déplacement. Si le redémarrage de la machine t'est demandé, choisis Oui/Yes. Dans ce cas, après le redémarrage, ouvre le Bloc-notes (Démarrer->Tous les programmes->Accessoires->Bloc-notes), clique sur Fichier->Ouvrir, dans la zone "Nom du fichier" taper *.log et appuie sur la touche Entrée, navigue jusqu'au dossier C:\_OTMoveIt\MovedFiles, puis ouvre le fichier .log le plus récent; ensuite fais un copier/coller du contenu de ce document en réponse sur le forum.

    Si tu obtiens un message comme quoi le rapport ne peut pas être créé, copie/colle ce qui apparaît dans la colonne droite de l’outil.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS