fenetre cid intempestives..
Dernière réponse : dans Sécurité
bonjour..g beaucoup de fentre cid qui s ouvrent quand je navigue...je ne c pas de quoi ca provient....si quelqu un pouvait m aider?merci
Autres pages sur : fenetre cid intempestives
Lassé par la pub ? Créez un compte
bonsoir
1
Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.
2
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
1
Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.
2
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Citation :
bonjour..g beaucoup de fentre cid qui s ouvrent quand je navigue...je ne c pas de quoi ca provient....si quelqu un pouvait m aider?mercije traduis pour Angeldark
Bonjour...
J'ai beaucoup de fenêtres CID qui s'ouvrent quand je navigue... Je ne sais pas de quoi ça provient... Si un helper plein de mansuétude pouvait m'aider.
Merci
-------------------------------[ Lop S&D ]------------------------------
Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
Lancé depuis : "C:\Documents and Settings\julien\Bureau\Lop S&D"
Rapport crée : Le 01/10/2007 à 22:28:43,17 PC : GUILLOT-0B5D56F
! Faire analyser le rapport par un Helper avant intervention !
---------------------[ Listing des Applications Data ]--------------------
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users\Application Data\Sony Corporation
C:\Documents and Settings\All Users\Application Data\QuickTime
C:\Documents and Settings\All Users\Application Data\desktop.ini
C:\Documents and Settings\All Users\Application Data\Ahead
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\SBSI
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
C:\Documents and Settings\All Users.WINDOWS\Application Data\LauncherAccess.dt
C:\Documents and Settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool
C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache
C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Corporation
C:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User\Application Data\Identities
C:\Documents and Settings\Default User.WINDOWS\Application Data\desktop.ini
C:\Documents and Settings\Default User.WINDOWS\Application Data\Microsoft
C:\Documents and Settings\julien\Application Data\Azureus
C:\Documents and Settings\julien\Application Data\Shareaza
C:\Documents and Settings\julien\Application Data\vctooltitle
C:\Documents and Settings\julien\Application Data\Move Networks
C:\Documents and Settings\julien\Application Data\Temporary
C:\Documents and Settings\julien\Application Data\Talkback
C:\Documents and Settings\julien\Application Data\Mozilla
C:\Documents and Settings\julien\Application Data\TransRender
C:\Documents and Settings\julien\Application Data\WinRAR
C:\Documents and Settings\julien\Application Data\Microsoft
C:\Documents and Settings\julien\Application Data\ViewerApp.dat
C:\Documents and Settings\julien\Application Data\ConvertTemp
C:\Documents and Settings\julien\Application Data\Samsung
C:\Documents and Settings\julien\Application Data\Vso
C:\Documents and Settings\julien\Application Data\AdobeUM
C:\Documents and Settings\julien\Application Data\dvdcss
C:\Documents and Settings\julien\Application Data\vlc
C:\Documents and Settings\julien\Application Data\CDRusersDB.v12
C:\Documents and Settings\julien\Application Data\Apple Computer
C:\Documents and Settings\julien\Application Data\InterVideo
C:\Documents and Settings\julien\Application Data\Datalayer
C:\Documents and Settings\julien\Application Data\Nokia
C:\Documents and Settings\julien\Application Data\DeepBurner
C:\Documents and Settings\julien\Application Data\Adobe
C:\Documents and Settings\julien\Application Data\Sun
C:\Documents and Settings\julien\Application Data\Google
C:\Documents and Settings\julien\Application Data\MSNInstaller
C:\Documents and Settings\julien\Application Data\Macromedia
C:\Documents and Settings\julien\Application Data\Help
C:\Documents and Settings\julien\Application Data\desktop.ini
C:\Documents and Settings\julien\Application Data\Identities
C:\Documents and Settings\julien guillot\Application Data\Azureus
C:\Documents and Settings\julien guillot\Application Data\Shareaza
C:\Documents and Settings\julien guillot\Application Data\vctooltitle
C:\Documents and Settings\julien guillot\Application Data\Move Networks
C:\Documents and Settings\julien guillot\Application Data\Temporary
C:\Documents and Settings\julien guillot\Application Data\Talkback
C:\Documents and Settings\julien guillot\Application Data\Mozilla
C:\Documents and Settings\julien guillot\Application Data\TransRender
C:\Documents and Settings\julien guillot\Application Data\WinRAR
C:\Documents and Settings\julien guillot\Application Data\Microsoft
C:\Documents and Settings\julien guillot\Application Data\ViewerApp.dat
C:\Documents and Settings\julien guillot\Application Data\ConvertTemp
C:\Documents and Settings\julien guillot\Application Data\Samsung
C:\Documents and Settings\julien guillot\Application Data\Vso
C:\Documents and Settings\julien guillot\Application Data\AdobeUM
C:\Documents and Settings\julien guillot\Application Data\dvdcss
C:\Documents and Settings\julien guillot\Application Data\vlc
C:\Documents and Settings\julien guillot\Application Data\CDRusersDB.v12
C:\Documents and Settings\julien guillot\Application Data\Apple Computer
C:\Documents and Settings\julien guillot\Application Data\InterVideo
C:\Documents and Settings\julien guillot\Application Data\Datalayer
C:\Documents and Settings\julien guillot\Application Data\Nokia
C:\Documents and Settings\julien guillot\Application Data\DeepBurner
C:\Documents and Settings\julien guillot\Application Data\Adobe
C:\Documents and Settings\julien guillot\Application Data\Sun
C:\Documents and Settings\julien guillot\Application Data\Google
C:\Documents and Settings\julien guillot\Application Data\MSNInstaller
C:\Documents and Settings\julien guillot\Application Data\Macromedia
C:\Documents and Settings\julien guillot\Application Data\Help
C:\Documents and Settings\julien guillot\Application Data\desktop.ini
C:\Documents and Settings\julien guillot\Application Data\Identities
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\Microsoft
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Microsoft
C:\Documents and Settings\NetworkService\Application Data\Symantec
C:\Documents and Settings\NetworkService\Application Data\Microsoft
C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
C:\WINDOWS\tasks\AEF1AD2993365F55.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Radiohead - No Surprises.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini
--------------[ Listing des dossiers dans C:\Program Files ]--------------
C:\Program Files\3ivx
C:\Program Files\AC3Filter
C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\AMD
C:\Program Files\Astonsoft
C:\Program Files\Azureus
C:\Program Files\Common Files
C:\Program Files\delete.exe
C:\Program Files\DivX
C:\Program Files\ECI Telecom
C:\Program Files\Fichiers communs
C:\Program Files\Google
C:\Program Files\i tune
C:\Program Files\InterActual
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\Inventel
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\Java
C:\Program Files\JavaSoft
C:\Program Files\Kaspersky Lab
C:\Program Files\Messager Wanadoo
C:\Program Files\Messenger
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft IntelliPoint
C:\Program Files\Microsoft IntelliPoint 5.5
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MUSK Codec Pack v5
C:\Program Files\NetMeeting
C:\Program Files\On2 Technologies
C:\Program Files\Outlook Express
C:\Program Files\PIXELA
C:\Program Files\QuickTime
C:\Program Files\QuickTime Alternative
C:\Program Files\QuickTimeInstaller.exe
C:\Program Files\Raccourcis de programmes
C:\Program Files\Samsung
C:\Program Files\SetAttrib.exe
C:\Program Files\SiS VGA Utilities V3.66
C:\Program Files\sisagp
C:\Program Files\SiSLan
C:\Program Files\Sony Corporation
C:\Program Files\Synaptics
C:\Program Files\vctooltitle
C:\Program Files\VIAudioi
C:\Program Files\VideoLAN
C:\Program Files\VSO
C:\Program Files\vso_image_resizer_setup.exe
C:\Program Files\Wanadoo
C:\Program Files\win rar.exe
C:\Program Files\Winamp
C:\Program Files\winamp524_full.exe
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\winrar.exe
C:\Program Files\xerox
C:\Program Files\XviD
C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]-----
C:\Program Files\Fichiers communs\{EC55E02F-031E-1036-0615-050202050021}
C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\Apple
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\muvee Technologies
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Sony Shared
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\Symantec Shared
C:\Program Files\Fichiers communs\System
----------------------[ Recherche dans le Registre ]----------------------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Curb tool help dart"="C:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\Move Bore Curb Tool\\skip ooze.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"PokeOwns"="C:\\DOCUME~1\\julien\\APPLIC~1\\VCTOOL~1\\DELETEAMOKJUGS.exe"
-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------
C:\Documents and settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool
C:\Documents and settings\julien\Application Data\VCTOOL~1
C:\Program Files\VCTOOL~1
C:\WINDOWS\tasks\AEF1AD2993365F55.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Radiohead
--------------------[ Vérification du fichier Hosts ]---------------------
Fichier Hosts : MODIFIE
127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
--------------------[ Recherche d'autres infections ]---------------------
--------------------[ Fin du rapport à 22:29:38,12 ]----------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:07, on 01/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Curb tool help dart] C:\Documents and Settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool\skip ooze.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PokeOwns] C:\DOCUME~1\julien\APPLIC~1\VCTOOL~1\DELETEAMOKJUGS.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpl...
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe
--
End of file - 7080 bytes
Scan saved at 22:34:07, on 01/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Curb tool help dart] C:\Documents and Settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool\skip ooze.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PokeOwns] C:\DOCUME~1\julien\APPLIC~1\VCTOOL~1\DELETEAMOKJUGS.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpl...
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe
--
End of file - 7080 bytes
ok
~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Curb tool help dart] C:\Documents and Settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool\skip ooze.exe
O4 - HKCU\..\Run: [PokeOwns] C:\DOCUME~1\julien\APPLIC~1\VCTOOL~1\DELETEAMOKJUGS.exe
Clique sur Fix checked (en bas à gauche)
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "S" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer.exe puis valide.
~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Curb tool help dart] C:\Documents and Settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool\skip ooze.exe
O4 - HKCU\..\Run: [PokeOwns] C:\DOCUME~1\julien\APPLIC~1\VCTOOL~1\DELETEAMOKJUGS.exe
Clique sur Fix checked (en bas à gauche)
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "S" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer.exe puis valide.
-------------------------------[ Lop S&D ]------------------------------
Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
Lancé depuis : "C:\Documents and Settings\julien\Bureau\Lop S&D"
Rapport crée : Le 01/10/2007 à 22:53:53,70 PC : GUILLOT-0B5D56F
! Faire analyser le rapport par un Helper avant intervention !
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////////
Supprimé - C:\WINDOWS\tasks\AEF1AD2993365F55.job
Supprimé - C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Supprimé - C:\WINDOWS\tasks\Radiohead
Restauré - Fichier Hosts
\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////
Supprimé - C:\WINDOWS\tasks\Radiohead
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Copié ! - [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
Copié ! - [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
---------------------[ Listing des Applications Data ]--------------------
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users\Application Data\Sony Corporation
C:\Documents and Settings\All Users\Application Data\QuickTime
C:\Documents and Settings\All Users\Application Data\desktop.ini
C:\Documents and Settings\All Users\Application Data\Ahead
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\SBSI
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
C:\Documents and Settings\All Users.WINDOWS\Application Data\LauncherAccess.dt
C:\Documents and Settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool
C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache
C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Corporation
C:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User\Application Data\Identities
C:\Documents and Settings\Default User.WINDOWS\Application Data\desktop.ini
C:\Documents and Settings\Default User.WINDOWS\Application Data\Microsoft
C:\Documents and Settings\julien\Application Data\Azureus
C:\Documents and Settings\julien\Application Data\Shareaza
C:\Documents and Settings\julien\Application Data\vctooltitle
C:\Documents and Settings\julien\Application Data\Move Networks
C:\Documents and Settings\julien\Application Data\Temporary
C:\Documents and Settings\julien\Application Data\Talkback
C:\Documents and Settings\julien\Application Data\Mozilla
C:\Documents and Settings\julien\Application Data\TransRender
C:\Documents and Settings\julien\Application Data\WinRAR
C:\Documents and Settings\julien\Application Data\Microsoft
C:\Documents and Settings\julien\Application Data\ViewerApp.dat
C:\Documents and Settings\julien\Application Data\ConvertTemp
C:\Documents and Settings\julien\Application Data\Samsung
C:\Documents and Settings\julien\Application Data\Vso
C:\Documents and Settings\julien\Application Data\AdobeUM
C:\Documents and Settings\julien\Application Data\dvdcss
C:\Documents and Settings\julien\Application Data\vlc
C:\Documents and Settings\julien\Application Data\CDRusersDB.v12
C:\Documents and Settings\julien\Application Data\Apple Computer
C:\Documents and Settings\julien\Application Data\InterVideo
C:\Documents and Settings\julien\Application Data\Datalayer
C:\Documents and Settings\julien\Application Data\Nokia
C:\Documents and Settings\julien\Application Data\DeepBurner
C:\Documents and Settings\julien\Application Data\Adobe
C:\Documents and Settings\julien\Application Data\Sun
C:\Documents and Settings\julien\Application Data\Google
C:\Documents and Settings\julien\Application Data\MSNInstaller
C:\Documents and Settings\julien\Application Data\Macromedia
C:\Documents and Settings\julien\Application Data\Help
C:\Documents and Settings\julien\Application Data\desktop.ini
C:\Documents and Settings\julien\Application Data\Identities
C:\Documents and Settings\julien guillot\Application Data\Azureus
C:\Documents and Settings\julien guillot\Application Data\Shareaza
C:\Documents and Settings\julien guillot\Application Data\vctooltitle
C:\Documents and Settings\julien guillot\Application Data\Move Networks
C:\Documents and Settings\julien guillot\Application Data\Temporary
C:\Documents and Settings\julien guillot\Application Data\Talkback
C:\Documents and Settings\julien guillot\Application Data\Mozilla
C:\Documents and Settings\julien guillot\Application Data\TransRender
C:\Documents and Settings\julien guillot\Application Data\WinRAR
C:\Documents and Settings\julien guillot\Application Data\Microsoft
C:\Documents and Settings\julien guillot\Application Data\ViewerApp.dat
C:\Documents and Settings\julien guillot\Application Data\ConvertTemp
C:\Documents and Settings\julien guillot\Application Data\Samsung
C:\Documents and Settings\julien guillot\Application Data\Vso
C:\Documents and Settings\julien guillot\Application Data\AdobeUM
C:\Documents and Settings\julien guillot\Application Data\dvdcss
C:\Documents and Settings\julien guillot\Application Data\vlc
C:\Documents and Settings\julien guillot\Application Data\CDRusersDB.v12
C:\Documents and Settings\julien guillot\Application Data\Apple Computer
C:\Documents and Settings\julien guillot\Application Data\InterVideo
C:\Documents and Settings\julien guillot\Application Data\Datalayer
C:\Documents and Settings\julien guillot\Application Data\Nokia
C:\Documents and Settings\julien guillot\Application Data\DeepBurner
C:\Documents and Settings\julien guillot\Application Data\Adobe
C:\Documents and Settings\julien guillot\Application Data\Sun
C:\Documents and Settings\julien guillot\Application Data\Google
C:\Documents and Settings\julien guillot\Application Data\MSNInstaller
C:\Documents and Settings\julien guillot\Application Data\Macromedia
C:\Documents and Settings\julien guillot\Application Data\Help
C:\Documents and Settings\julien guillot\Application Data\desktop.ini
C:\Documents and Settings\julien guillot\Application Data\Identities
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\Microsoft
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Microsoft
C:\Documents and Settings\NetworkService\Application Data\Symantec
C:\Documents and Settings\NetworkService\Application Data\Microsoft
C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
C:\WINDOWS\tasks\Radiohead - No Surprises.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini
--------------[ Listing des dossiers dans C:\Program Files ]--------------
C:\Program Files\3ivx
C:\Program Files\AC3Filter
C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\AMD
C:\Program Files\Astonsoft
C:\Program Files\Azureus
C:\Program Files\Common Files
C:\Program Files\delete.exe
C:\Program Files\DivX
C:\Program Files\ECI Telecom
C:\Program Files\Fichiers communs
C:\Program Files\Google
C:\Program Files\i tune
C:\Program Files\InterActual
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\Inventel
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\Java
C:\Program Files\JavaSoft
C:\Program Files\Kaspersky Lab
C:\Program Files\Messager Wanadoo
C:\Program Files\Messenger
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft IntelliPoint
C:\Program Files\Microsoft IntelliPoint 5.5
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MUSK Codec Pack v5
C:\Program Files\NetMeeting
C:\Program Files\On2 Technologies
C:\Program Files\Outlook Express
C:\Program Files\PIXELA
C:\Program Files\QuickTime
C:\Program Files\QuickTime Alternative
C:\Program Files\QuickTimeInstaller.exe
C:\Program Files\Raccourcis de programmes
C:\Program Files\Samsung
C:\Program Files\SetAttrib.exe
C:\Program Files\SiS VGA Utilities V3.66
C:\Program Files\sisagp
C:\Program Files\SiSLan
C:\Program Files\Sony Corporation
C:\Program Files\Synaptics
C:\Program Files\Trend Micro
C:\Program Files\vctooltitle
C:\Program Files\VIAudioi
C:\Program Files\VideoLAN
C:\Program Files\VSO
C:\Program Files\vso_image_resizer_setup.exe
C:\Program Files\Wanadoo
C:\Program Files\win rar.exe
C:\Program Files\Winamp
C:\Program Files\winamp524_full.exe
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\winrar.exe
C:\Program Files\xerox
C:\Program Files\XviD
C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]-----
C:\Program Files\Fichiers communs\{EC55E02F-031E-1036-0615-050202050021}
C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\Apple
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\muvee Technologies
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Sony Shared
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\Symantec Shared
C:\Program Files\Fichiers communs\System
----------------------[ Recherche dans le Registre ]----------------------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------
C:\WINDOWS\tasks\Radiohead
--------------------[ Vérification du fichier Hosts ]---------------------
Fichier Hosts : Propre
--------------------[ Recherche d'autres infections ]---------------------
--------------------[ Fin du rapport à 22:54:37,68 ]----------------------
~Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
~Sélectionne TOUS les emplacements suivants :
---> Clique-droit puis Copier (ou Ctrl+C)
~Double-clique sur OTMoveIt.exe afin de le lancer.
fais un Clique-droit sur le cadre de gauche puis choisis Coller. (ou Ctrl+V).
~Clique maintenant sur [#ff0000]MoveIt![/#f]
!! Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES
~Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.
~Sélectionne TOUS les emplacements suivants :
C:\Documents and settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool
C:\Documents and settings\julien\Application Data\VCTOOL~1
C:\Program Files\VCTOOL~1
C:\WINDOWS\tasks\Radiohead
C:\Documents and settings\julien\Application Data\VCTOOL~1
C:\Program Files\VCTOOL~1
C:\WINDOWS\tasks\Radiohead
---> Clique-droit puis Copier (ou Ctrl+C)
~Double-clique sur OTMoveIt.exe afin de le lancer.
fais un Clique-droit sur le cadre de gauche puis choisis Coller. (ou Ctrl+V).
~Clique maintenant sur [#ff0000]MoveIt![/#f]
!! Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES
~Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.
bonjour
quand tu auras fait ça, je te mets la suite:
Séléctionne l'encadré ci dessous en entier , puis clique droit , choisis Copier
exit
Puis , menu Démarrer / Executer , tape cmd et valide par OK
fais un clique droit dans la fenêtre noire et choisis Coller
quand tu auras fait ça, je te mets la suite:
Séléctionne l'encadré ci dessous en entier , puis clique droit , choisis Copier
Citation :
MOVE "C:\Documents and Settings\julien\Bureau\Lop S&D\BackupLop\AppleSoftwareUpdate.job" "C:\WINDOWS\tasks"exit
Puis , menu Démarrer / Executer , tape cmd et valide par OK
fais un clique droit dans la fenêtre noire et choisis Coller
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumProbleme fenetre cid et autres pubs
- ForumProbleme fenetre cid
- ForumRecherche par rapport au fenetre cid
- ForumLes intenable fenetre cid
- ForumRapport fenetre cid
- ForumFenetre cid qui s'ouvre constamment
- ForumFenetre cid
- solutionsInfection fenetre cid
- ForumComment supprimer une fenetre cid
- ForumSupprimer fenetre cid
- Voir plus
