Sujet Précédent Sujet Suivant

Page d accueil

Fermé
fenderrory - 6 déc. 2008 à 16:29
 fenderrory - 17 déc. 2008 à 10:37
Bonjour,
comment puis je me debarasser de lost qui s incruste a chaque ouverture ?
A voir également:

62 réponses

Réponse 1 / 62
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
6 déc. 2008 à 16:36
bonjour

Télécharge HijackThis (outils de dignostic) ici :

-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

-> Clique sur Install ensuite sur I Accept

-> Clique sur Do a scan system and save log file

-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
0
Réponse 2 / 62
fenderrory
6 déc. 2008 à 16:40
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:39:34, on 06/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - Global Startup: Digimax Viewer 2.0.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
0
Réponse 3 / 62
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
6 déc. 2008 à 16:50
--------------------rechercher--------------------------

Important! Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (si présent et actif)


Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
( Merci à Eric_71, Angeldark, Sham_Rock et XmichouX )
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
Réponse 4 / 62
fenderrory
6 déc. 2008 à 17:10
VOILA NEOR -----------\\ ToolBar S&D 1.2.6 XP/Vista


"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 06/12/2008|17:08 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(SERRELI) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.free.fr/freebox/index.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 06/12/2008|17:09 - Option : [1]

-----------\\ Fin du rapport a 17:09:13,01
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 62
fenderrory
6 déc. 2008 à 17:10
VOILA NEOR -----------\\ ToolBar S&D 1.2.6 XP/Vista


"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 06/12/2008|17:08 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(SERRELI) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.free.fr/freebox/index.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 06/12/2008|17:09 - Option : [1]

-----------\\ Fin du rapport a 17:09:13,01
0
Réponse 6 / 62
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
6 déc. 2008 à 17:13
--------------nettoyage----------------------------

Relance Toolbar-S&D

Important! Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (si présent et actif)

en double-cliquant sur le raccourci.
Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
0
crapoulou Messages postés 28161 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 7 992
6 déc. 2008 à 17:38
Salut,
A quoi bon ?
Crapoulou.
0
Réponse 7 / 62
fenderrory
6 déc. 2008 à 17:22
-----------\\ ToolBar S&D 1.2.6 XP/Vista


"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [2] ( 06/12/2008|17:21 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(SERRELI) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.free.fr/freebox/index.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 06/12/2008|17:09 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/12/2008|17:18 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 06/12/2008|17:21 - Option : [2]

-----------\\ Fin du rapport a 17:21:51,96
0
Réponse 8 / 62
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
6 déc. 2008 à 17:27
--------------recherche----------------------------

Télécharge Lop S&D :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Déconnecte toi et ferme toutes tes applications en cours .

Double-clique sur sur l'.exe que tu viens de télécharger pour lancer l'installe .

Une fois l'installation faite, clique sur le raccourci pour lancer l'outil .

Là,laisses toi guider:
--->choisis l'option 1 (recherche) et valides.

(Tu ne fais pas l'option de nettoyage ( 2 ou 3) ).

Une fois le scan terminer ,le Bloc-Notes contenant le rapport va s'ouvrir.
Poste ce rapport dans ta prochaine réponse pour analyse .
0
Réponse 9 / 62
fenderrory
6 déc. 2008 à 17:42
--------------------\\ Lop S&D 4.2.4-9c XP/Vista


"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 06/12/2008|17:39 )

--------------------\\ Listing des dossiers dans APPLIC~1

[05/12/2008|06:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/07/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[23/09/2003|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Canon
[04/08/2003|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[31/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/12/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[29/07/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/09/2003|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[04/08/2003|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/09/2002|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[28/09/2003|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[10/05/2004|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[07/10/2004|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[16/08/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[30/09/2002|12:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[30/09/2002|11:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/08/2003|15:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[14/10/2008|17:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[03/01/2007|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[26/12/2006|12:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
[07/08/2006|12:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/06/2005|10:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec


[05/12/2008|07:18] C:\DOCUME~1\SERRELI\APPLIC~1\Adobe
[29/10/2008|20:07] C:\DOCUME~1\SERRELI\APPLIC~1\AdobeUM
[31/07/2007|06:39] C:\DOCUME~1\SERRELI\APPLIC~1\Anuman Interactive
[14/02/2006|15:21] C:\DOCUME~1\SERRELI\APPLIC~1\COWON
[19/10/2003|17:45] C:\DOCUME~1\SERRELI\APPLIC~1\CyberLink
[23/11/2008|16:12] C:\DOCUME~1\SERRELI\APPLIC~1\dvdcss
[06/12/2008|15:33] C:\DOCUME~1\SERRELI\APPLIC~1\EoRezo
[27/01/2008|18:56] C:\DOCUME~1\SERRELI\APPLIC~1\Google
[31/10/2003|12:58] C:\DOCUME~1\SERRELI\APPLIC~1\Help
[30/09/2002|12:09] C:\DOCUME~1\SERRELI\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\SERRELI\APPLIC~1\InterTrust
[20/11/2003|20:17] C:\DOCUME~1\SERRELI\APPLIC~1\Kazaa Lite
[17/08/2004|14:08] C:\DOCUME~1\SERRELI\APPLIC~1\Macromedia
[05/12/2008|17:54] C:\DOCUME~1\SERRELI\APPLIC~1\Malwarebytes
[20/02/2007|13:45] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft
[28/09/2003|11:11] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft Web Folders
[03/07/2007|15:01] C:\DOCUME~1\SERRELI\APPLIC~1\Mozilla
[19/04/2006|16:56] C:\DOCUME~1\SERRELI\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\SERRELI\APPLIC~1\NCH Swift Sound
[07/07/2007|08:04] C:\DOCUME~1\SERRELI\APPLIC~1\Real
[20/08/2006|09:26] C:\DOCUME~1\SERRELI\APPLIC~1\Sun
[30/01/2004|18:20] C:\DOCUME~1\SERRELI\APPLIC~1\Symantec
[22/11/2003|19:01] C:\DOCUME~1\SERRELI\APPLIC~1\VERITAS
[01/12/2008|19:51] C:\DOCUME~1\SERRELI\APPLIC~1\vlc
[21/02/2006|17:09] C:\DOCUME~1\SERRELI\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[05/12/2008 20:00][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
[05/12/2008 17:30][--a------] C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[06/12/2008 15:17][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[06/12/2008 15:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[05/12/2008|06:37] C:\Program Files\Adobe
[26/02/2004|20:17] C:\Program Files\Alcatel
[11/03/2006|15:51] C:\Program Files\BitComet
[16/02/2007|17:16] C:\Program Files\blonde004
[19/11/2005|11:49] C:\Program Files\Cannon Smash
[09/11/2003|09:44] C:\Program Files\Canon
[18/03/2006|15:37] C:\Program Files\CDBurnerXP Pro 3
[04/08/2003|15:43] C:\Program Files\CyberLink
[07/03/2007|18:38] C:\Program Files\DivX
[23/06/2007|10:07] C:\Program Files\doc
[26/08/2005|16:05] C:\Program Files\EasyBurning
[09/12/2007|10:49] C:\Program Files\EHMINSTALL
[06/12/2008|15:33] C:\Program Files\Fichiers communs
[28/06/2006|12:25] C:\Program Files\Free
[09/12/2007|10:45] C:\Program Files\Freeplayer
[28/01/2008|10:49] C:\Program Files\Google
[30/03/2008|11:27] C:\Program Files\GSM
[01/04/2008|17:49] C:\Program Files\Guitar Pro 5
[14/10/2008|16:37] C:\Program Files\htm
[23/08/2006|15:04] C:\Program Files\InstallShield Installation Information
[15/10/2003|16:50] C:\Program Files\InterActual
[15/10/2008|18:08] C:\Program Files\Internet Explorer
[03/12/2008|19:54] C:\Program Files\Java
[16/09/2003|18:02] C:\Program Files\JavaSoft
[10/06/2007|08:57] C:\Program Files\Jeux classiques
[01/01/2004|17:36] C:\Program Files\Labtec
[21/02/2006|17:09] C:\Program Files\Learn2.com
[05/12/2008|17:54] C:\Program Files\Malwarebytes' Anti-Malware
[03/09/2008|13:53] C:\Program Files\Messenger
[30/09/2002|12:05] C:\Program Files\microsoft frontpage
[05/05/2005|17:36] C:\Program Files\Microsoft Office
[06/05/2005|16:59] C:\Program Files\Microsoft Visual Studio
[24/05/2006|16:13] C:\Program Files\Mindscape
[04/08/2003|15:26] C:\Program Files\MouseWare
[03/09/2008|13:45] C:\Program Files\Movie Maker
[16/02/2007|17:17] C:\Program Files\mp3
[17/07/2004|23:37] C:\Program Files\MSN
[25/07/2004|16:10] C:\Program Files\MSN Apps
[30/09/2002|12:00] C:\Program Files\MSN Gaming Zone
[30/04/2004|16:21] C:\Program Files\Nabisco
[26/06/2008|18:08] C:\Program Files\NCH Swift Sound
[03/09/2008|13:42] C:\Program Files\NetMeeting
[01/07/2008|09:01] C:\Program Files\Norton AntiVirus
[25/11/2008|10:33] C:\Program Files\Norton SystemWorks
[18/09/2003|18:03] C:\Program Files\Nullsoft
[03/09/2008|13:42] C:\Program Files\Outlook Express
[11/03/2007|18:27] C:\Program Files\photo
[16/02/2007|17:18] C:\Program Files\ppt
[04/12/2007|11:06] C:\Program Files\QuickTime
[04/03/2005|14:59] C:\Program Files\QuickZip
[28/04/2005|17:33] C:\Program Files\QuickZip4
[03/07/2007|14:55] C:\Program Files\Real
[09/01/2005|11:26] C:\Program Files\Samsung
[30/09/2002|12:00] C:\Program Files\Services en ligne
[12/12/2003|05:23] C:\Program Files\ShareMonkey
[01/02/2004|17:30] C:\Program Files\SLD CODEC PACK 1.5.3
[21/05/2005|13:29] C:\Program Files\Smart Projects
[28/09/2003|11:12] C:\Program Files\Snapshot Viewer
[13/07/2008|17:50] C:\Program Files\Sun
[01/11/2006|11:03] C:\Program Files\Symantec
[15/03/2005|17:20] C:\Program Files\SymNetDrv
[06/12/2008|16:39] C:\Program Files\Trend Micro
[03/07/2004|07:50] C:\Program Files\Uninstall Information
[03/08/2007|17:22] C:\Program Files\VideoLAN
[18/09/2003|18:03] C:\Program Files\Viewpoint
[04/08/2003|15:40] C:\Program Files\Virtual CD v4 SDK
[07/10/2004|18:13] C:\Program Files\WildTangent
[11/03/2006|15:52] C:\Program Files\Winamp
[03/03/2005|18:11] C:\Program Files\Wind
[14/11/2004|16:10] C:\Program Files\Windows Media Components
[06/01/2007|11:27] C:\Program Files\Windows Media Connect 2
[03/09/2008|13:42] C:\Program Files\Windows Media Player
[03/09/2008|13:42] C:\Program Files\Windows NT
[03/09/2008|10:59] C:\Program Files\WindowsUpdate
[14/12/2006|07:14] C:\Program Files\WinMX
[14/12/2006|07:21] C:\Program Files\WinZip
[30/09/2002|12:05] C:\Program Files\xerox
[03/08/2004|19:44] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/12/2008|06:38] C:\Program Files\Fichiers communs\Adobe
[01/02/2004|19:21] C:\Program Files\Fichiers communs\Borland Shared
[06/05/2005|16:59] C:\Program Files\Fichiers communs\Designer
[01/02/2004|16:38] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|17:37] C:\Program Files\Fichiers communs\Logitech
[22/11/2008|08:54] C:\Program Files\Fichiers communs\Microsoft Shared
[30/09/2002|12:02] C:\Program Files\Fichiers communs\MSSoap
[21/02/2006|17:08] C:\Program Files\Fichiers communs\Nullsoft
[18/03/2006|15:37] C:\Program Files\Fichiers communs\ODBC
[07/07/2007|08:04] C:\Program Files\Fichiers communs\Real
[29/01/2006|10:54] C:\Program Files\Fichiers communs\Services
[30/09/2002|11:55] C:\Program Files\Fichiers communs\SpeechEngines
[29/11/2008|15:14] C:\Program Files\Fichiers communs\Symantec Shared
[03/09/2008|13:41] C:\Program Files\Fichiers communs\System
[04/08/2003|15:36] C:\Program Files\Fichiers communs\TVNavigTechnologies Shared
[21/05/2005|17:20] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 50 Processes )

iexplore.exe ~ [PID:1596]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\SERRELI\Cookies\serreli@advertstream[2].txt
C:\DOCUME~1\SERRELI\Cookies\serreli@advertising[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-06 17:40:45
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:40][D:13]-> C:\DOCUME~1\SERRELI\LOCALS~1\Temp
[F:189][D:0]-> C:\DOCUME~1\SERRELI\Cookies
[F:5564][D:16]-> C:\DOCUME~1\SERRELI\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|17:41 - Option : [1]

--------------------\\ Fin du rapport a 17:41:39
0
Réponse 10 / 62
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
6 déc. 2008 à 17:45
--------------nettoyage------------------------------

Relance Lop S&D :

Là,laisses toi guider:
--->choisis l'option 2 (suppression) et valides.
0
Réponse 11 / 62
fenderrory
6 déc. 2008 à 17:52
--------------------\\ Lop S&D 4.2.4-9c XP/Vista


"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 06/12/2008|17:48 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\SERRELI\Cookies\serreli@advertstream[2].txt
Supprime! - C:\DOCUME~1\SERRELI\Cookies\serreli@advertising[2].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[05/12/2008|06:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/07/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[23/09/2003|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Canon
[04/08/2003|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[31/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/12/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[29/07/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/09/2003|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[04/08/2003|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/09/2002|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[28/09/2003|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[10/05/2004|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[16/08/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[30/09/2002|12:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[30/09/2002|11:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/08/2003|15:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[14/10/2008|17:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[03/01/2007|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[26/12/2006|12:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
[07/08/2006|12:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/06/2005|10:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec


[05/12/2008|07:18] C:\DOCUME~1\SERRELI\APPLIC~1\Adobe
[29/10/2008|20:07] C:\DOCUME~1\SERRELI\APPLIC~1\AdobeUM
[31/07/2007|06:39] C:\DOCUME~1\SERRELI\APPLIC~1\Anuman Interactive
[14/02/2006|15:21] C:\DOCUME~1\SERRELI\APPLIC~1\COWON
[19/10/2003|17:45] C:\DOCUME~1\SERRELI\APPLIC~1\CyberLink
[23/11/2008|16:12] C:\DOCUME~1\SERRELI\APPLIC~1\dvdcss
[06/12/2008|15:33] C:\DOCUME~1\SERRELI\APPLIC~1\EoRezo
[27/01/2008|18:56] C:\DOCUME~1\SERRELI\APPLIC~1\Google
[31/10/2003|12:58] C:\DOCUME~1\SERRELI\APPLIC~1\Help
[30/09/2002|12:09] C:\DOCUME~1\SERRELI\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\SERRELI\APPLIC~1\InterTrust
[20/11/2003|20:17] C:\DOCUME~1\SERRELI\APPLIC~1\Kazaa Lite
[17/08/2004|14:08] C:\DOCUME~1\SERRELI\APPLIC~1\Macromedia
[05/12/2008|17:54] C:\DOCUME~1\SERRELI\APPLIC~1\Malwarebytes
[20/02/2007|13:45] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft
[28/09/2003|11:11] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft Web Folders
[03/07/2007|15:01] C:\DOCUME~1\SERRELI\APPLIC~1\Mozilla
[19/04/2006|16:56] C:\DOCUME~1\SERRELI\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\SERRELI\APPLIC~1\NCH Swift Sound
[07/07/2007|08:04] C:\DOCUME~1\SERRELI\APPLIC~1\Real
[20/08/2006|09:26] C:\DOCUME~1\SERRELI\APPLIC~1\Sun
[30/01/2004|18:20] C:\DOCUME~1\SERRELI\APPLIC~1\Symantec
[22/11/2003|19:01] C:\DOCUME~1\SERRELI\APPLIC~1\VERITAS
[01/12/2008|19:51] C:\DOCUME~1\SERRELI\APPLIC~1\vlc
[21/02/2006|17:09] C:\DOCUME~1\SERRELI\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[05/12/2008 20:00][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
[05/12/2008 17:30][--a------] C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[06/12/2008 15:17][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[06/12/2008 15:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[05/12/2008|06:37] C:\Program Files\Adobe
[26/02/2004|20:17] C:\Program Files\Alcatel
[11/03/2006|15:51] C:\Program Files\BitComet
[16/02/2007|17:16] C:\Program Files\blonde004
[19/11/2005|11:49] C:\Program Files\Cannon Smash
[09/11/2003|09:44] C:\Program Files\Canon
[18/03/2006|15:37] C:\Program Files\CDBurnerXP Pro 3
[04/08/2003|15:43] C:\Program Files\CyberLink
[07/03/2007|18:38] C:\Program Files\DivX
[23/06/2007|10:07] C:\Program Files\doc
[26/08/2005|16:05] C:\Program Files\EasyBurning
[09/12/2007|10:49] C:\Program Files\EHMINSTALL
[06/12/2008|15:33] C:\Program Files\Fichiers communs
[28/06/2006|12:25] C:\Program Files\Free
[09/12/2007|10:45] C:\Program Files\Freeplayer
[28/01/2008|10:49] C:\Program Files\Google
[30/03/2008|11:27] C:\Program Files\GSM
[01/04/2008|17:49] C:\Program Files\Guitar Pro 5
[14/10/2008|16:37] C:\Program Files\htm
[23/08/2006|15:04] C:\Program Files\InstallShield Installation Information
[15/10/2003|16:50] C:\Program Files\InterActual
[15/10/2008|18:08] C:\Program Files\Internet Explorer
[03/12/2008|19:54] C:\Program Files\Java
[16/09/2003|18:02] C:\Program Files\JavaSoft
[10/06/2007|08:57] C:\Program Files\Jeux classiques
[01/01/2004|17:36] C:\Program Files\Labtec
[21/02/2006|17:09] C:\Program Files\Learn2.com
[05/12/2008|17:54] C:\Program Files\Malwarebytes' Anti-Malware
[03/09/2008|13:53] C:\Program Files\Messenger
[30/09/2002|12:05] C:\Program Files\microsoft frontpage
[05/05/2005|17:36] C:\Program Files\Microsoft Office
[06/05/2005|16:59] C:\Program Files\Microsoft Visual Studio
[24/05/2006|16:13] C:\Program Files\Mindscape
[04/08/2003|15:26] C:\Program Files\MouseWare
[03/09/2008|13:45] C:\Program Files\Movie Maker
[16/02/2007|17:17] C:\Program Files\mp3
[17/07/2004|23:37] C:\Program Files\MSN
[25/07/2004|16:10] C:\Program Files\MSN Apps
[30/09/2002|12:00] C:\Program Files\MSN Gaming Zone
[30/04/2004|16:21] C:\Program Files\Nabisco
[26/06/2008|18:08] C:\Program Files\NCH Swift Sound
[03/09/2008|13:42] C:\Program Files\NetMeeting
[01/07/2008|09:01] C:\Program Files\Norton AntiVirus
[25/11/2008|10:33] C:\Program Files\Norton SystemWorks
[18/09/2003|18:03] C:\Program Files\Nullsoft
[03/09/2008|13:42] C:\Program Files\Outlook Express
[11/03/2007|18:27] C:\Program Files\photo
[16/02/2007|17:18] C:\Program Files\ppt
[04/12/2007|11:06] C:\Program Files\QuickTime
[04/03/2005|14:59] C:\Program Files\QuickZip
[28/04/2005|17:33] C:\Program Files\QuickZip4
[03/07/2007|14:55] C:\Program Files\Real
[09/01/2005|11:26] C:\Program Files\Samsung
[30/09/2002|12:00] C:\Program Files\Services en ligne
[12/12/2003|05:23] C:\Program Files\ShareMonkey
[01/02/2004|17:30] C:\Program Files\SLD CODEC PACK 1.5.3
[21/05/2005|13:29] C:\Program Files\Smart Projects
[28/09/2003|11:12] C:\Program Files\Snapshot Viewer
[13/07/2008|17:50] C:\Program Files\Sun
[01/11/2006|11:03] C:\Program Files\Symantec
[15/03/2005|17:20] C:\Program Files\SymNetDrv
[06/12/2008|16:39] C:\Program Files\Trend Micro
[03/07/2004|07:50] C:\Program Files\Uninstall Information
[03/08/2007|17:22] C:\Program Files\VideoLAN
[04/08/2003|15:40] C:\Program Files\Virtual CD v4 SDK
[07/10/2004|18:13] C:\Program Files\WildTangent
[11/03/2006|15:52] C:\Program Files\Winamp
[03/03/2005|18:11] C:\Program Files\Wind
[14/11/2004|16:10] C:\Program Files\Windows Media Components
[06/01/2007|11:27] C:\Program Files\Windows Media Connect 2
[03/09/2008|13:42] C:\Program Files\Windows Media Player
[03/09/2008|13:42] C:\Program Files\Windows NT
[03/09/2008|10:59] C:\Program Files\WindowsUpdate
[14/12/2006|07:14] C:\Program Files\WinMX
[14/12/2006|07:21] C:\Program Files\WinZip
[30/09/2002|12:05] C:\Program Files\xerox
[03/08/2004|19:44] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/12/2008|06:38] C:\Program Files\Fichiers communs\Adobe
[01/02/2004|19:21] C:\Program Files\Fichiers communs\Borland Shared
[06/05/2005|16:59] C:\Program Files\Fichiers communs\Designer
[01/02/2004|16:38] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|17:37] C:\Program Files\Fichiers communs\Logitech
[22/11/2008|08:54] C:\Program Files\Fichiers communs\Microsoft Shared
[30/09/2002|12:02] C:\Program Files\Fichiers communs\MSSoap
[21/02/2006|17:08] C:\Program Files\Fichiers communs\Nullsoft
[18/03/2006|15:37] C:\Program Files\Fichiers communs\ODBC
[07/07/2007|08:04] C:\Program Files\Fichiers communs\Real
[29/01/2006|10:54] C:\Program Files\Fichiers communs\Services
[30/09/2002|11:55] C:\Program Files\Fichiers communs\SpeechEngines
[29/11/2008|15:14] C:\Program Files\Fichiers communs\Symantec Shared
[03/09/2008|13:41] C:\Program Files\Fichiers communs\System
[04/08/2003|15:36] C:\Program Files\Fichiers communs\TVNavigTechnologies Shared
[21/05/2005|17:20] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 48 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-06 17:49:44
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:40][D:13]-> C:\DOCUME~1\SERRELI\LOCALS~1\Temp
[F:187][D:0]-> C:\DOCUME~1\SERRELI\Cookies
[F:5593][D:16]-> C:\DOCUME~1\SERRELI\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|17:41 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06/12/2008|17:50 - Option : [2]

--------------------\\ Fin du rapport a 17:50:35
0
Réponse 12 / 62
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
6 déc. 2008 à 18:01
-------------------recherche---------------------------

Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://neor244.free.fr/AD­R.exe

/!\ Déconnectes toi et fermes toutes applications en cours

● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
Réponse 13 / 62
fenderrory
6 déc. 2008 à 18:09
IMPOSSIBLE DE TELECHARGER ERREUR 404
0
Réponse 14 / 62
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
6 déc. 2008 à 18:11
http://neor244.free.fr/ADR.exe
0
Réponse 15 / 62
fenderrory
6 déc. 2008 à 18:19
--------- Logfile of AD-Remover 1.0.5.9 by C_XX ---------

# START at: 18:16:20 | 06/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal

# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat

# PC: SN400174860002 | USER: SERRELI ( Current user is an administrator )

# DRIVE(S): A:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.11

--------- [ RUNNING PROCESSES: 43 ] ---------

\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Messenger\msmsgs.exe

-----------------------------------


+---------------------------------------------------------------------------+
+------------------------------- SERVICES FOUND ..
+---------------------------------------------------------------------------+

Found ! - "Boonty Games"

+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS FOUND ..
+---------------------------------------------------------------------------+

"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS FOUND ..
+---------------------------------------------------------------------------+

[29/07/2007 18:05|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY
[06/12/2008 15:33|d--------] C:\Documents and Settings\SERRELI\Application Data\EoRezo
[04/12/2008 19:22|--a------] C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf
[04/12/2008 19:21|--a------] C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf

+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+



+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\1zdgz1tl.default\prefs.js :

~~~~ Mozilla FireFox version ~~~~


+----------+


+---------------------------------------------------------------------------+

+--[HKEY_CURRENT_USER\...\Run]

ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AnumanLive REG_SZ C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
kamsoft REG_SZ C:\WINDOWS\system32\kamsoft.exe

+--[HKEY_LOCAL_MACHINE\...\Run]

EM_EXEC REG_SZ C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
ATIModeChange REG_SZ Ati2mdxx.exe
ATIPTA REG_SZ C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
VCSPlayer REG_SZ "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
MPTBox REG_SZ C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
SpeedTouch USB Diagnostics REG_SZ "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
LVCOMS REG_SZ C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
GhostStartTrayApp REG_SZ C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
ccApp REG_SZ "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
QD FastAndSafe REG_SZ
Symantec NetDriver Monitor REG_SZ C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
EoEngine REG_SZ "C:\Program Files\EoRezo\EoEngine.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

+--[HKEY_USERS\.DEFAULT\...\Run]


+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]

Start Page : hxxp://free.fr/

+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]

Start Page : hxxp://www.msn.com/

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 138 lines ]
+---------------------------------------------------------------------------+
0
Réponse 16 / 62
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
6 déc. 2008 à 18:21
------------------------nettoyage----------------------------------

relance ad remover choisi l'option B et coche boonty,eorezo et colle le rapport de désinfection
0
Réponse 17 / 62
fenderrory
6 déc. 2008 à 18:33
--------- Logfile of AD-Remover 1.0.5.9 by C_XX ---------

*** Limited to ***

Boonty/BoontyGames
Eorezo

******************

# START at: 18:25:01 | 06/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal

# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat

# PC: SN400174860002 | USER: SERRELI ( Current user is an administrator )

# DRIVE(S): A:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.11

--------- [ RUNNING PROCESSES: 45 ] ---------

\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spider.exe
C:\Program Files\Messenger\msmsgs.exe

-----------------------------------

(!) ---- IE start pages reset

+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED ..
+---------------------------------------------------------------------------+

Deleted successfully ! - "Boonty Games"

+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED ..
+---------------------------------------------------------------------------+

"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED ..
+---------------------------------------------------------------------------+

[29/07/2007 18:05|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY
[06/12/2008 15:33|d--------] C:\Documents and Settings\SERRELI\Application Data\EoRezo
/!\ NOT DELETED - [04/12/2008 19:22|--a------] C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf
/!\ NOT DELETED - [04/12/2008 19:21|--a------] C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


************* /!\ File(s)/Folder(s) Not Deleted /!\ *************

"C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf"
"C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf"

Second run ...

"C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf" - RESIST !
"C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf" - RESIST !


+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+

+--[HKEY_CURRENT_USER\...\Run]

ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AnumanLive REG_SZ C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
kamsoft REG_SZ C:\WINDOWS\system32\kamsoft.exe

+--[HKEY_LOCAL_MACHINE\...\Run]

EM_EXEC REG_SZ C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
ATIModeChange REG_SZ Ati2mdxx.exe
ATIPTA REG_SZ C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
VCSPlayer REG_SZ "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
MPTBox REG_SZ C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
SpeedTouch USB Diagnostics REG_SZ "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
LVCOMS REG_SZ C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
GhostStartTrayApp REG_SZ C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
ccApp REG_SZ "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
QD FastAndSafe REG_SZ
Symantec NetDriver Monitor REG_SZ C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

+--[HKEY_USERS\.DEFAULT\...\Run]


+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 146 lines ]
+---------------------------------------------------------------------------+
0
Réponse 18 / 62
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
6 déc. 2008 à 18:34
refais un hijack
0
Réponse 19 / 62
fenderrory
6 déc. 2008 à 18:38
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:26, on 06/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\spider.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - Global Startup: Digimax Viewer 2.0.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
0
Réponse 20 / 62
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
6 déc. 2008 à 18:50
normalement c'est bon

evite de faire des analyses tout seul la tu avais cache boonty et eoreza

tu peux faire un malwarebyte complet pour voir
0

Discussions similaires

Je veux retrouver mon ancienne page d'accueil
... -
leNul -

9 réponses
restaurer la page google comme page d'accueil
gitana -
richard -

10 réponses
mon écran d'accueil google chrome est décalé à droite
89pierrot! -
LEZE -

5 réponses
[référencement] Ne pas être référencé
kij_82 -
Searaphina -

10 réponses