pub CID tres tres enervante
Forum Sécurité - Virus : pub CID tres tres enervante
Bonjour
a chaque fois que j'ouvre internet des pub CID apparaisse et etant un joueur de Counter strike ces pub me font "ralentir " mon ordinateur 
aide moi s'il vous plait
Salut,
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
- Double clique sur HJTInstall.exe pour lancer l'installation.
- Clique sur Install.
- Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer.
- Accepte la licence en cliquant sur Yes.
- Clique sur "Do a system scan and save a logfile".
- Poste ici le rapport généré.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
Répondre à XmichouX
bon voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:43:15, on 09/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Steam\Steam.exe
C:\Users\maximinho45\AppData\Local\piuborgrgc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/adve [...] &x_dp_id=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXDICATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXDItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [piuborgrgc] c:\users\maximinho45\appdata\local\piuborgrgc.exe piuborgrgc
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/p [...] taller.exe
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 9575 bytes
Pas mal infecté !
Télécharge Navilog (de Il-Mafioso)
- Enregistre-le sur ton Bureau.
- Installe-le en double cliquant sur navilog.exe.
- Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau) [Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista)]
- Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2,3 et 4 sans notre accord !
- Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
- Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.
- Poste le rapport généré.
Le rapport se trouve ici :C:\fixnavi.txt
Si tu as Vista, fais ceci avant :
Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )
Répondre à XmichouX
d'accord ... merci c'est en train de rechercher
Search Navipromo version 3.5.6 commencé le 09/05/2008 à 23:44:24,27
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "maximinho45"
Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS
Executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\Windows" ***
*** Recherche dossiers dans "C:\Program Files" ***
C:\Program Files\InternetGameBox trouvé !
*** Recherche dossiers dans "C:\ProgramData" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
...\InternetGameBox trouvé !
*** Recherche dossiers dans "c:\users\maximi~1\appdata\roaming\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "C:\Users\maximinho45\AppData\Local\virtualstore\Program Files" ***
...\InternetGameBox trouvé !
*** Recherche dossiers dans "C:\Users\maximinho45\AppData\Roaming" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Fichier(s) caché(s) :
C:\Users\maximinho45\AppData\Local\piuborgrgc.dat
C:\Users\maximinho45\AppData\Local\piuborgrgc.exe
C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat
C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\Windows\system32" *
* Recherche dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Recherche dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Recherche dans "C:\Users\maximinho45\AppData\Local" *
Fichiers trouvés :
piuborgrgc.exe trouvé !
*** Recherche fichiers ***
c:\users\public\desktop\InternetGameBox.lnk trouvé !
C:\Windows\system32\nvs2.inf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_CURRENT_USER\Software\mc trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\Windows\system32" :
* Dans "C:\Users\maximinho45\AppData\Local\Microsoft" :
* Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" :
* Dans "C:\Users\maximinho45\AppData\Local" :
piuborgrgc.dat trouvé !
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 09/05/2008 à 23:52:04,66 ***
Re,
Ton infection est dûe au téléchargement et à l'installation de InternetGameBox.
- Double clique sur le raccourci de Navilog1.
- Choisis l'option 2 puis valide. (Entrée)
- Laisse toi guider.
- Ton ordinateur va redémarrer, sinon fais le manuellement.
- Ton bureau va disparaître.
- Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
- Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.
- Sauvegarde le rapport.
- Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
Démarrer -> panneau de configuration -> options internet
Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :
Montorgueil ; VIP
Si tu les trouves, fais ceci :
* Sélectionne chacun de ces certificats et clique sur exporter. Enregistre le/les sur ton bureau.
* Supprime ensuite ceux présents dans l'onglet "certificats" des options de ton naviguateur.
Ensuite pour chacun des certificats présents sur ton bureau :
* Va sur le site Web :
http://www.bleepingcomputer.com/su [...] channel=35
* Copie/colle ceci dans la case 'Link to Topic' :
le nom du certificat (Montorgueil ,......)
* Copie/colle ceci dans la case 'Browse to the File' :
Le certificat correspondant que tu avais exportés vers ton bureau
Si c'est fait, supprime enfin le certificat présent sur ton bureau.
Les programmes suivants installent cette infection :
* Go-astro
* GoRecord
* HotTVPlayer
* MailSkinner
* Messenger Skinner
* Instant Access
* InternetGameBox
* sudoplanet
* Webmediaplayer : sauf celui provenant du site suivant > http://www.azertysite.new.fr/
* Sur le site www.games-desktop.com (Ne pas aller dessus!)
- Poste le rapport sauvegardé auparavant (C:\cleannavi.txt) ainsi qu'un nouveau rapport Hijackthis.
Répondre à XmichouX
euuh ... la je suis arriver a 
émarrer -> panneau de configuration -> options internet
Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :
Montorgueil ; VIP
Mais je n'est trouver aucun de ces 2 certificat comment je fais ?...
non rien c'est bon ... je continue comme si je les avait supprimer Désolée 
Donc voila le rapport sauvegarder :
Clean Navipromo version 3.5.6 commencé le 10/05/2008 à 0:03:47,49
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "maximinho45"
Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
*** Creation backups fichiers trouvés par Catchme ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc.dat réalisée avec succès !
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc.exe réalisée avec succès !
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat réalisée avec succès !
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat réalisée avec succès !
*** Suppression des fichiers trouvés avec Catchme ***
C:\Users\maximinho45\AppData\Local\piuborgrgc.dat supprimé !
C:\Users\maximinho45\AppData\Local\piuborgrgc.exe supprimé !
C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat supprimé !
C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat supprimé !
** 2ème passage avec résultats Catchme **
* Dans "C:\Windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local" *
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\Windows\System32" *
* Suppression dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Suppression dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Suppression dans "C:\Users\maximinho45\AppData\Local" *
*** Suppression dossiers dans "C:\Windows" ***
*** Suppression dossiers dans "C:\Program Files" ***
C:\Program Files\InternetGamebox ...suppression...
C:\Program Files\InternetGamebox supprimé !
*** Suppression dossiers dans "C:\ProgramData" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
...\InternetGamebox ...suppression...
...\InternetGamebox supprimé !
*** Suppression dossiers dans c:\users\maximi~1\appdata\roaming\micros~1\windows\startm~1\programs ***
*** Suppression dossiers dans "C:\Users\maximinho45\AppData\Local\virtualstore\Program Files" ***
...\InternetGamebox ...suppression...
...\InternetGamebox supprimé !
*** Suppression dossiers dans "C:\Users\maximinho45\AppData\Roaming" ***
*** Suppression fichiers ***
c:\users\public\desktop\InternetGameBox.lnk supprimé !
C:\Windows\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\MAXIMI~1\AppData\Local\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\Windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 10/05/2008 à 0:08:27,49 ***
je refait un raport Hijackthis
et voici le raport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:29:26, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/adve [...] &x_dp_id=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/p [...] taller.exe
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 8572 bytes
Bon je vais me coucher
étonner vous pas que je ne vous répondent pas
envoyer quand même vos post j'y redonderais demain
a demain ...
bien, on continue .
Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau.
- Double-clique dessus pour lancer l'installation
- Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
- Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
- Patiente jusqu'à la fin du scan
- Poste le rapport généré (C:\lopR.txt)
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
Répondre à XmichouX
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ USER : maximinho45 ] [ "C:\Windows\system32" ] [ Selection : 1 ]
[ 10/05/2008 | 12:47:06,64 ] [ PC : PC-DE-MAXIMINHO ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
-------------[ ]------------
[07/01/2008|00:23] C:\Users\maximinho45\AppData\Roaming\Adobe\Flash Player
[04/01/2008|18:53] C:\Users\maximinho45\AppData\Roaming\Adobe\Acrobat
[14/04/2008|22:55] C:\Users\maximinho45\AppData\Roaming\Apple Computer\iTunes
[03/02/2008|12:30] C:\Users\maximinho45\AppData\Roaming\ATI\ACE
[22/04/2008|21:13] C:\Users\maximinho45\AppData\Roaming\Audacity\audacity.cfg
[22/04/2008|21:13] C:\Users\maximinho45\AppData\Roaming\Audacity\AutoSave
[22/04/2008|20:51] C:\Users\maximinho45\AppData\Roaming\Audacity\presets
[26/04/2008|00:58] C:\Users\maximinho45\AppData\Roaming\AVS4YOU\AVSVideoConverter
[24/04/2008|22:52] C:\Users\maximinho45\AppData\Roaming\Bitdefender\Desktop
[01/05/2008|23:36] C:\Users\maximinho45\AppData\Roaming\DivX\DivX Codec
[08/04/2008|15:50] C:\Users\maximinho45\AppData\Roaming\DivX\DivX Player
[01/05/2008|21:08] C:\Users\maximinho45\AppData\Roaming\Download Manager\VideoConstructor
[22/04/2008|20:46] C:\Users\maximinho45\AppData\Roaming\Download Manager\Power MP3 Cutter Joiner
[12/04/2008|00:36] C:\Users\maximinho45\AppData\Roaming\eMule\config
[08/05/2008|21:04] C:\Users\maximinho45\AppData\Roaming\EoRezo\user.cyp
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\db
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\eoDesktop
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\ConfMedia.cyp
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\cmhost.cyp
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\host.cyp
[31/03/2008|21:28] C:\Users\maximinho45\AppData\Roaming\EoRezo\EoWeather.cfg
[31/03/2008|21:25] C:\Users\maximinho45\AppData\Roaming\EoRezo\EoWeather
[13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.DBF
[13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.FPT
[13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.CDX
[01/05/2008|20:11] C:\Users\maximinho45\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.data
[01/05/2008|20:11] C:\Users\maximinho45\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.d000
[08/05/2008|01:10] C:\Users\maximinho45\AppData\Roaming\Google\Local Search History
[22/02/2008|19:19] C:\Users\maximinho45\AppData\Roaming\Google\GoogleEarth
[18/01/2008|23:05] C:\Users\maximinho45\AppData\Roaming\gtk-2.0\gtkfilechooser
[04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Identities\{11E9382B-1A5F-4F18-B7B9-94D2A7CE5CE1}
[09/05/2008|23:41] C:\Users\maximinho45\AppData\Roaming\ItsLabel\ItsTV
[06/05/2008|18:24] C:\Users\maximinho45\AppData\Roaming\Lexmark Imaging Studio\LXDIPDS.xml
[09/05/2008|02:10] C:\Users\maximinho45\AppData\Roaming\LimeWire\library.dat
[09/05/2008|02:08] C:\Users\maximinho45\AppData\Roaming\LimeWire\fileurns.cache
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\filters.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\questions.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\tables.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\installation.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\mojito.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\limewire.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\createtimes.cache
[08/05/2008|19:01] C:\Users\maximinho45\AppData\Roaming\LimeWire\active.mojito
[03/05/2008|23:58] C:\Users\maximinho45\AppData\Roaming\LimeWire\spam.dat
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\ttrees.cache
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\ttroot.cache
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\.AppSpecialShare
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\gnutella.net
[14/04/2008|09:15] C:\Users\maximinho45\AppData\Roaming\LimeWire\version.xml
[13/04/2008|22:49] C:\Users\maximinho45\AppData\Roaming\LimeWire\simpp.xml
[09/03/2008|02:00] C:\Users\maximinho45\AppData\Roaming\LimeWire\responses.cache
[04/03/2008|21:34] C:\Users\maximinho45\AppData\Roaming\LimeWire\passive.mojito
[29/02/2008|18:42] C:\Users\maximinho45\AppData\Roaming\LimeWire\xml
[29/02/2008|18:38] C:\Users\maximinho45\AppData\Roaming\LimeWire\fileurns.bak
[29/02/2008|18:38] C:\Users\maximinho45\AppData\Roaming\LimeWire\themes
[08/05/2008|01:14] C:\Users\maximinho45\AppData\Roaming\Macromedia\Flash Player
[08/05/2008|21:04] C:\Users\maximinho45\AppData\Roaming\Microsoft\Installer
[08/05/2008|16:20] C:\Users\maximinho45\AppData\Roaming\Microsoft\Office
[08/05/2008|16:20] C:\Users\maximinho45\AppData\Roaming\Microsoft\OneNote
[03/05/2008|22:55] C:\Users\maximinho45\AppData\Roaming\Microsoft\Windows Photo Gallery
[28/04/2008|21:32] C:\Users\maximinho45\AppData\Roaming\Microsoft\MSN Messenger
[18/04/2008|08:01] C:\Users\maximinho45\AppData\Roaming\Microsoft\Templates
[18/04/2008|07:59] C:\Users\maximinho45\AppData\Roaming\Microsoft\Document Building Blocks
[18/04/2008|07:59] C:\Users\maximinho45\AppData\Roaming\Microsoft\Word
[15/04/2008|21:43] C:\Users\maximinho45\AppData\Roaming\Microsoft\MMC
[18/03/2008|23:00] C:\Users\maximinho45\AppData\Roaming\Microsoft\Speech
[05/03/2008|09:54] C:\Users\maximinho45\AppData\Roaming\Microsoft\OIS
[13/02/2008|23:35] C:\Users\maximinho45\AppData\Roaming\Microsoft\HTML Help
[24/01/2008|19:09] C:\Users\maximinho45\AppData\Roaming\Microsoft\Excel
[24/01/2008|19:09] C:\Users\maximinho45\AppData\Roaming\Microsoft\AddIns
[09/01/2008|20:28] C:\Users\maximinho45\AppData\Roaming\Microsoft\preuve
[06/01/2008|20:17] C:\Users\maximinho45\AppData\Roaming\Microsoft\Internet Explorer
[06/01/2008|20:13] C:\Users\maximinho45\AppData\Roaming\Microsoft\IdentityCRL
[05/01/2008|19:35] C:\Users\maximinho45\AppData\Roaming\Microsoft\Windows
[05/01/2008|18:40] C:\Users\maximinho45\AppData\Roaming\Microsoft\Network
[05/01/2008|18:38] C:\Users\maximinho45\AppData\Roaming\Microsoft\Crypto
[04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Microsoft\SystemCertificates
[04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Microsoft\Protect
[04/01/2008|18:04] C:\Users\maximinho45\AppData\Roaming\Microsoft\Credentials
[13/02/2008|23:37] C:\Users\maximinho45\AppData\Roaming\Mozilla\Firefox
[14/03/2008|23:52] C:\Users\maximinho45\AppData\Roaming\Real\RealMediaSDK
[25/02/2008|18:32] C:\Users\maximinho45\AppData\Roaming\Real\RealPlayer
[03/08/2000|20:36] C:\Users\maximinho45\AppData\Roaming\Template\Normal.wpt
[04/04/2008|08:52] C:\Users\maximinho45\AppData\Roaming\UserTile.png\UserTile.png
[27/02/2008|23:40] C:\Users\maximinho45\AppData\Roaming\video-for-mobile\3gpMobile
[01/05/2008|20:03] C:\Users\maximinho45\AppData\Roaming\vlc\vlcrc
[29/02/2008|23:26] C:\Users\maximinho45\AppData\Roaming\vlc\cache
[11/02/2008|21:17] C:\Users\maximinho45\AppData\Roaming\VUPlayer\default.vpl
[29/04/2008|20:03] C:\Users\maximinho45\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ ]---------------
[10/05/2008 12:35][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 01:05][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ ]------
[06/05/2007|21:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2007|21:23] C:\ProgramData\Adobe
[01/03/2008|16:20] C:\ProgramData\Apple
[01/03/2008|16:23] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[26/04/2008|00:57] C:\ProgramData\AVS4YOU
[02/03/2008|23:55] C:\ProgramData\BitDefender
[04/01/2008|18:00] C:\ProgramData\Bureau
[06/05/2007|21:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[11/02/2008|21:25] C:\ProgramData\Downloaded Installations
[26/04/2008|00:38] C:\ProgramData\DVD Shrink
[12/04/2008|00:43] C:\ProgramData\eMule
[04/01/2008|18:14] C:\ProgramData\eSobi
[04/01/2008|18:00] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/04/2008|16:36] C:\ProgramData\FaxCtr
[08/05/2008|13:18] C:\ProgramData\Google
[09/02/2008|12:46] C:\ProgramData\Logishrd
[08/01/2008|19:38] C:\ProgramData\Logitech
[08/05/2008|21:32] C:\ProgramData\Lx_cats
[04/01/2008|18:00] C:\ProgramData\Menu D‚marrer
[10/01/2008|21:21] C:\ProgramData\Messenger Plus!
[03/03/2008|00:31] C:\ProgramData\Microsoft
[10/04/2008|11:57] C:\ProgramData\Microsoft Help
[04/01/2008|18:00] C:\ProgramData\ModŠles
[27/04/2008|08:34] C:\ProgramData\proxy dash
[04/02/2008|22:25] C:\ProgramData\RTL Winter Sports 2008
[02/11/2006|15:02] C:\ProgramData\Start Menu
[14/02/2008|16:43] C:\ProgramData\Symantec
[10/03/2008|21:42] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[27/04/2008|08:34] C:\ProgramData\Tool Eggs Less City
[27/04/2008|18:41] C:\ProgramData\TrackMania
[11/03/2008|21:29] C:\ProgramData\Trymedia
[27/04/2008|08:34] C:\ProgramData\type bash hold.rtoux
[31/01/2008|23:55] C:\ProgramData\Ulead Systems
[30/03/2008|22:58] C:\ProgramData\Upload Bags Bags.0la34z
[27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.awwnf
[27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.ks12p0f
[03/04/2008|21:34] C:\ProgramData\WLInstaller
[27/02/2008|22:27] C:\ProgramData\ywasvxup.hvs
---------------[ ]--------------
[12/04/2008|16:36] C:\Program Files\Abbyy FineReader 6.0 Sprint
[06/05/2007|21:33] C:\Program Files\Acer Arcade Live
[22/06/2007|02:00] C:\Program Files\Acer Inc
[22/01/2008|22:25] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|21:23] C:\Program Files\Adobe
[03/03/2008|00:17] C:\Program Files\Alwil Software
[22/06/2007|01:56] C:\Program Files\ATI
[22/06/2007|01:57] C:\Program Files\ATI Technologies
[30/04/2008|23:15] C:\Program Files\AVS4YOU
[01/05/2008|23:54] C:\Program Files\bobyte
[01/03/2008|16:22] C:\Program Files\Bonjour
[08/05/2008|01:05] C:\Program Files\CCleaner
[30/04/2008|23:21] C:\Program Files\Common Files
[08/05/2008|13:24] C:\Program Files\Conduit
[06/05/2007|21:30] C:\Program Files\CyberLink
[14/01/2008|22:49] C:\Program Files\desktop.ini
[17/03/2008|21:15] C:\Program Files\Dictionnaire
[02/05/2008|00:01] C:\Program Files\Digital Video Converter
[24/04/2008|23:18] C:\Program Files\DivX
[08/05/2008|21:04] C:\Program Files\EoRezo
[07/01/2008|22:36] C:\Program Files\eSobi
[02/03/2008|02:05] C:\Program Files\FBrowserAdvisor
[04/01/2008|18:00] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/05/2008|20:10] C:\Program Files\FLV Player
[01/05/2008|20:13] C:\Program Files\FLV PlayerFCSetup.exe
[01/05/2008|20:12] C:\Program Files\FLV PlayerRCATSetup.exe
[01/05/2008|20:10] C:\Program Files\FLV PlayerRCSetup.exe
[22/02/2008|19:04] C:\Program Files\Foreignword
[08/05/2008|13:24] C:\Program Files\Freecorder
[08/05/2008|13:24] C:\Program Files\Google
[18/04/2008|20:38] C:\Program Files\Half-Life
[01/04/2008|10:39] C:\Program Files\IEToolbar
[16/04/2008|22:33] C:\Program Files\ImTOO
[24/04/2008|23:13] C:\Program Files\InstallShield Installation Information
[10/04/2008|11:57] C:\Program Files\Internet Explorer
[09/05/2008|23:42] C:\Program Files\ItsLabel
[04/03/2008|20:32] C:\Program Files\Java
[12/04/2008|16:37] C:\Program Files\Lexmark 3500-4500 Series
[12/04/2008|16:37] C:\Program Files\Lexmark Fax Solutions
[29/02/2008|18:38] C:\Program Files\LimeWire
[09/02/2008|12:38] C:\Program Files\Logitech
[17/04/2008|18:05] C:\Program Files\MediaCoder
[08/05/2008|12:40] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[06/05/2007|21:22] C:\Program Files\Microsoft Office
[04/01/2008|18:52] C:\Program Files\Microsoft Works
[06/05/2007|21:20] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[18/04/2008|21:06] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[07/01/2008|18:26] C:\Program Files\MSXML 4.0
[10/05/2008|00:08] C:\Program Files\Navilog1
[13/01/2008|21:04] C:\Program Files\Neuf
[30/04/2008|23:21] C:\Program Files\newObjects
[06/05/2007|21:18] C:\Program Files\NewTech Infosystems
[13/01/2008|20:50] C:\Program Files\Orange HSS
[06/05/2008|22:31] C:\Program Files\Paint.NET
[03/05/2008|13:44] C:\Program Files\PhotoFiltre
[27/04/2008|20:59] C:\Program Files\Project64 1.6
[01/03/2008|16:22] C:\Program Files\QuickTime
[25/02/2008|18:26] C:\Program Files\Real
[06/05/2007|21:05] C:\Program Files\Realtek
[16/04/2008|20:42] C:\Program Files\Red Kawa
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[01/05/2008|20:49] C:\Program Files\Replay Converter
[01/05/2008|20:48] C:\Program Files\Replay Media Catcher
[26/03/2008|18:03] C:\Program Files\Samsung
[05/01/2008|18:37] C:\Program Files\Securitoo
[02/03/2008|23:54] C:\Program Files\Softwin
[15/03/2008|20:21] C:\Program Files\Sonic the Hedgehog Adventure 2
[10/05/2008|12:36] C:\Program Files\Steam
[16/04/2008|16:17] C:\Program Files\TmNationsForever
[09/05/2008|19:42] C:\Program Files\Trend Micro
[20/04/2008|17:06] C:\Program Files\Ubisoft
[01/02/2008|00:20] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[27/02/2008|23:39] C:\Program Files\Video-For-Mobile
[01/05/2008|20:04] C:\Program Files\VideoLAN
[27/01/2008|22:50] C:\Program Files\Virtools
[24/04/2008|23:15] C:\Program Files\VirtualDJ
[01/03/2008|15:42] C:\Program Files\VistaCodecPack
[05/01/2008|18:33] C:\Program Files\Wanadoo
[14/01/2008|22:46] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[10/01/2008|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[06/01/2008|20:09] C:\Program Files\Windows Live
[10/04/2008|11:57] C:\Program Files\Windows Mail
[10/01/2008|00:42] C:\Program Files\Windows Media Player
[04/01/2008|18:00] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[11/01/2008|00:24] C:\Program Files\Windows Sidebar
[11/04/2008|12:47] C:\Program Files\WinRAR
[08/05/2008|13:15] C:\Program Files\Yahoo!
------[ ]------
[06/05/2007|21:23] C:\Program Files\Common Files\Adobe
[30/04/2008|23:15] C:\Program Files\Common Files\AVSMedia
[06/05/2007|21:20] C:\Program Files\Common Files\DESIGNER
[06/05/2007|21:30] C:\Program Files\Common Files\InstallShield
[29/02/2008|18:36] C:\Program Files\Common Files\Java
[06/05/2007|21:17] C:\Program Files\Common Files\LightScribe
[09/02/2008|12:40] C:\Program Files\Common Files\LogiShrd
[27/02/2008|23:39] C:\Program Files\Common Files\microsoft shared
[06/05/2007|21:17] C:\Program Files\Common Files\muvee Technologies
[30/04/2008|23:21] C:\Program Files\Common Files\newObjects
[06/05/2007|21:18] C:\Program Files\Common Files\NewTech Infosystems
[24/04/2008|23:18] C:\Program Files\Common Files\PX Storage Engine
[25/02/2008|18:32] C:\Program Files\Common Files\Real
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[24/04/2008|22:14] C:\Program Files\Common Files\Softwin
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[08/05/2008|13:27] C:\Program Files\Common Files\Steam
[14/02/2008|16:46] C:\Program Files\Common Files\Symantec Shared
[10/01/2008|00:42] C:\Program Files\Common Files\System
[06/01/2008|20:04] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... OK !
----------------------[ ]---------------------
Commande ECHO d‚sactiv‚e.
-----------------[ ]-----------------
Commande ECHO d‚sactiv‚e.
----------------------[ ]----------------------
..... OK !
--------------------[ ]---------------------
Commande ECHO d‚sactiv‚e.
----------------[ ]-----------------
--------------------[ ]---------------------
Commande ECHO d‚sactiv‚e.
/!\ [Fich:10][Doss:2] C:\Users\MAXIMI~1\AppData\Local\Temp
[ UAC => 1 ]
--------------------[ 12:47:12,59 ]----------------------
Re,
Tu as trafiqué le rapport ou il est sorti comme ça ?
Répondre à XmichouX
il est sorti comme sa pourquoi ?
Re,
Tu peux ressayer pour voir ?
Répondre à XmichouX
tien sa ne fait pas la meme chose ...
voila le raport
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : maximinho45 ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 10/05/2008 | 19:33:02,39 ] [ PC : PC-DE-MAXIMINHO ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Application Data ]------------
[07/01/2008|00:23] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Flash Player
[04/01/2008|18:53] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Acrobat
[14/04/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Apple Computer\iTunes
[03/02/2008|12:30] C:\Users\MAXIMI~1\AppData\Roaming\ATI\ACE
[22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\audacity.cfg
[22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\AutoSave
[22/04/2008|20:51] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\presets
[26/04/2008|00:58] C:\Users\MAXIMI~1\AppData\Roaming\AVS4YOU\AVSVideoConverter
[24/04/2008|22:52] C:\Users\MAXIMI~1\AppData\Roaming\Bitdefender\Desktop
[01/05/2008|23:36] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Codec
[08/04/2008|15:50] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Player
[01/05/2008|21:08] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\VideoConstructor
[22/04/2008|20:46] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\Power MP3 Cutter Joiner
[12/04/2008|00:36] C:\Users\MAXIMI~1\AppData\Roaming\eMule\config
[08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\user.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\db
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\eoDesktop
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\ConfMedia.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\cmhost.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\host.cyp
[31/03/2008|21:28] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather.cfg
[31/03/2008|21:25] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.DBF
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.FPT
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.CDX
[01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.data
[01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.d000
[08/05/2008|01:10] C:\Users\MAXIMI~1\AppData\Roaming\Google\Local Search History
[22/02/2008|19:19] C:\Users\MAXIMI~1\AppData\Roaming\Google\GoogleEarth
[18/01/2008|23:05] C:\Users\MAXIMI~1\AppData\Roaming\gtk-2.0\gtkfilechooser
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Identities\{11E9382B-1A5F-4F18-B7B9-94D2A7CE5CE1}
[09/05/2008|23:41] C:\Users\MAXIMI~1\AppData\Roaming\ItsLabel\ItsTV
[06/05/2008|18:24] C:\Users\MAXIMI~1\AppData\Roaming\Lexmark Imaging Studio\LXDIPDS.xml
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\filters.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\questions.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\tables.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\installation.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\mojito.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\library.dat
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\limewire.props
[10/05/2008|13:15] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\createtimes.cache
[09/05/2008|02:08] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.cache
[08/05/2008|19:01] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\active.mojito
[03/05/2008|23:58] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\spam.dat
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttrees.cache
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttroot.cache
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\.AppSpecialShare
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\gnutella.net
[14/04/2008|09:15] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\version.xml
[13/04/2008|22:49] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\simpp.xml
[09/03/2008|02:00] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\responses.cache
[04/03/2008|21:34] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\passive.mojito
[29/02/2008|18:42] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\xml
[29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.bak
[29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\themes
[08/05/2008|01:14] C:\Users\MAXIMI~1\AppData\Roaming\Macromedia\Flash Player
[08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Installer
[08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Office
[08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OneNote
[03/05/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[28/04/2008|21:32] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MSN Messenger
[18/04/2008|08:01] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Templates
[18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Document Building Blocks
[18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Word
[15/04/2008|21:43] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MMC
[18/03/2008|23:00] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Speech
[05/03/2008|09:54] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OIS
[13/02/2008|23:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\HTML Help
[24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Excel
[24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\AddIns
[09/01/2008|20:28] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\preuve
[06/01/2008|20:17] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Internet Explorer
[06/01/2008|20:13] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\IdentityCRL
[05/01/2008|19:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows
[05/01/2008|18:40] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Network
[05/01/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Crypto
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\SystemCertificates
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Protect
[04/01/2008|18:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Credentials
[13/02/2008|23:37] C:\Users\MAXIMI~1\AppData\Roaming\Mozilla\Firefox
[14/03/2008|23:52] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealMediaSDK
[25/02/2008|18:32] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealPlayer
[03/08/2000|20:36] C:\Users\MAXIMI~1\AppData\Roaming\Template\Normal.wpt
[04/04/2008|08:52] C:\Users\MAXIMI~1\AppData\Roaming\UserTile.png\UserTile.png
[27/02/2008|23:40] C:\Users\MAXIMI~1\AppData\Roaming\video-for-mobile\3gpMobile
[01/05/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\vlc\vlcrc
[29/02/2008|23:26] C:\Users\MAXIMI~1\AppData\Roaming\vlc\cache
[11/02/2008|21:17] C:\Users\MAXIMI~1\AppData\Roaming\VUPlayer\default.vpl
[29/04/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[10/05/2008 19:32][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 19:29][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[06/05/2007|21:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2007|21:23] C:\ProgramData\Adobe
[01/03/2008|16:20] C:\ProgramData\Apple
[01/03/2008|16:23] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[26/04/2008|00:57] C:\ProgramData\AVS4YOU
[02/03/2008|23:55] C:\ProgramData\BitDefender
[04/01/2008|18:00] C:\ProgramData\Bureau
[06/05/2007|21:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[11/02/2008|21:25] C:\ProgramData\Downloaded Installations
[26/04/2008|00:38] C:\ProgramData\DVD Shrink
[12/04/2008|00:43] C:\ProgramData\eMule
[04/01/2008|18:14] C:\ProgramData\eSobi
[04/01/2008|18:00] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/04/2008|16:36] C:\ProgramData\FaxCtr
[08/05/2008|13:18] C:\ProgramData\Google
[09/02/2008|12:46] C:\ProgramData\Logishrd
[08/01/2008|19:38] C:\ProgramData\Logitech
[08/05/2008|21:32] C:\ProgramData\Lx_cats
[04/01/2008|18:00] C:\ProgramData\Menu D‚marrer
[10/01/2008|21:21] C:\ProgramData\Messenger Plus!
[03/03/2008|00:31] C:\ProgramData\Microsoft
[10/04/2008|11:57] C:\ProgramData\Microsoft Help
[04/01/2008|18:00] C:\ProgramData\ModŠles
[27/04/2008|08:34] C:\ProgramData\proxy dash
[04/02/2008|22:25] C:\ProgramData\RTL Winter Sports 2008
[02/11/2006|15:02] C:\ProgramData\Start Menu
[14/02/2008|16:43] C:\ProgramData\Symantec
[10/03/2008|21:42] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[27/04/2008|08:34] C:\ProgramData\Tool Eggs Less City
[27/04/2008|18:41] C:\ProgramData\TrackMania
[11/03/2008|21:29] C:\ProgramData\Trymedia
[27/04/2008|08:34] C:\ProgramData\type bash hold.rtoux
[31/01/2008|23:55] C:\ProgramData\Ulead Systems
[30/03/2008|22:58] C:\ProgramData\Upload Bags Bags.0la34z
[27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.awwnf
[27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.ks12p0f
[03/04/2008|21:34] C:\ProgramData\WLInstaller
[27/02/2008|22:27] C:\ProgramData\ywasvxup.hvs
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[12/04/2008|16:36] C:\Program Files\Abbyy FineReader 6.0 Sprint
[06/05/2007|21:33] C:\Program Files\Acer Arcade Live
[22/06/2007|02:00] C:\Program Files\Acer Inc
[22/01/2008|22:25] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|21:23] C:\Program Files\Adobe
[03/03/2008|00:17] C:\Program Files\Alwil Software
[22/06/2007|01:56] C:\Program Files\ATI
[22/06/2007|01:57] C:\Program Files\ATI Technologies
[30/04/2008|23:15] C:\Program Files\AVS4YOU
[01/05/2008|23:54] C:\Program Files\bobyte
[01/03/2008|16:22] C:\Program Files\Bonjour
[08/05/2008|01:05] C:\Program Files\CCleaner
[30/04/2008|23:21] C:\Program Files\Common Files
[08/05/2008|13:24] C:\Program Files\Conduit
[06/05/2007|21:30] C:\Program Files\CyberLink
[14/01/2008|22:49] C:\Program Files\desktop.ini
[17/03/2008|21:15] C:\Program Files\Dictionnaire
[02/05/2008|00:01] C:\Program Files\Digital Video Converter
[24/04/2008|23:18] C:\Program Files\DivX
[08/05/2008|21:04] C:\Program Files\EoRezo
[07/01/2008|22:36] C:\Program Files\eSobi
[02/03/2008|02:05] C:\Program Files\FBrowserAdvisor
[04/01/2008|18:00] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/05/2008|20:10] C:\Program Files\FLV Player
[01/05/2008|20:13] C:\Program Files\FLV PlayerFCSetup.exe
[01/05/2008|20:12] C:\Program Files\FLV PlayerRCATSetup.exe
[01/05/2008|20:10] C:\Program Files\FLV PlayerRCSetup.exe
[22/02/2008|19:04] C:\Program Files\Foreignword
[08/05/2008|13:24] C:\Program Files\Freecorder
[08/05/2008|13:24] C:\Program Files\Google
[18/04/2008|20:38] C:\Program Files\Half-Life
[01/04/2008|10:39] C:\Program Files\IEToolbar
[16/04/2008|22:33] C:\Program Files\ImTOO
[24/04/2008|23:13] C:\Program Files\InstallShield Installation Information
[10/04/2008|11:57] C:\Program Files\Internet Explorer
[09/05/2008|23:42] C:\Program Files\ItsLabel
[04/03/2008|20:32] C:\Program Files\Java
[12/04/2008|16:37] C:\Program Files\Lexmark 3500-4500 Series
[12/04/2008|16:37] C:\Program Files\Lexmark Fax Solutions
[29/02/2008|18:38] C:\Program Files\LimeWire
[09/02/2008|12:38] C:\Program Files\Logitech
[17/04/2008|18:05] C:\Program Files\MediaCoder
[08/05/2008|12:40] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[06/05/2007|21:22] C:\Program Files\Microsoft Office
[04/01/2008|18:52] C:\Program Files\Microsoft Works
[06/05/2007|21:20] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[18/04/2008|21:06] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[07/01/2008|18:26] C:\Program Files\MSXML 4.0
[10/05/2008|00:08] C:\Program Files\Navilog1
[13/01/2008|21:04] C:\Program Files\Neuf
[30/04/2008|23:21] C:\Program Files\newObjects
[06/05/2007|21:18] C:\Program Files\NewTech Infosystems
[13/01/2008|20:50] C:\Program Files\Orange HSS
[06/05/2008|22:31] C:\Program Files\Paint.NET
[03/05/2008|13:44] C:\Program Files\PhotoFiltre
[27/04/2008|20:59] C:\Program Files\Project64 1.6
[01/03/2008|16:22] C:\Program Files\QuickTime
[25/02/2008|18:26] C:\Program Files\Real
[06/05/2007|21:05] C:\Program Files\Realtek
[16/04/2008|20:42] C:\Program Files\Red Kawa
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[01/05/2008|20:49] C:\Program Files\Replay Converter
[01/05/2008|20:48] C:\Program Files\Replay Media Catcher
[26/03/2008|18:03] C:\Program Files\Samsung
[05/01/2008|18:37] C:\Program Files\Securitoo
[02/03/2008|23:54] C:\Program Files\Softwin
[15/03/2008|20:21] C:\Program Files\Sonic the Hedgehog Adventure 2
[10/05/2008|19:33] C:\Program Files\Steam
[16/04/2008|16:17] C:\Program Files\TmNationsForever
[09/05/2008|19:42] C:\Program Files\Trend Micro
[20/04/2008|17:06] C:\Program Files\Ubisoft
[01/02/2008|00:20] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[27/02/2008|23:39] C:\Program Files\Video-For-Mobile
[01/05/2008|20:04] C:\Program Files\VideoLAN
[27/01/2008|22:50] C:\Program Files\Virtools
[24/04/2008|23:15] C:\Program Files\VirtualDJ
[01/03/2008|15:42] C:\Program Files\VistaCodecPack
[05/01/2008|18:33] C:\Program Files\Wanadoo
[14/01/2008|22:46] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[10/01/2008|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[06/01/2008|20:09] C:\Program Files\Windows Live
[10/04/2008|11:57] C:\Program Files\Windows Mail
[10/01/2008|00:42] C:\Program Files\Windows Media Player
[04/01/2008|18:00] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[11/01/2008|00:24] C:\Program Files\Windows Sidebar
[11/04/2008|12:47] C:\Program Files\WinRAR
[08/05/2008|13:15] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[06/05/2007|21:23] C:\Program Files\Common Files\Adobe
[30/04/2008|23:15] C:\Program Files\Common Files\AVSMedia
[06/05/2007|21:20] C:\Program Files\Common Files\DESIGNER
[06/05/2007|21:30] C:\Program Files\Common Files\InstallShield
[29/02/2008|18:36] C:\Program Files\Common Files\Java
[06/05/2007|21:17] C:\Program Files\Common Files\LightScribe
[09/02/2008|12:40] C:\Program Files\Common Files\LogiShrd
[27/02/2008|23:39] C:\Program Files\Common Files\microsoft shared
[06/05/2007|21:17] C:\Program Files\Common Files\muvee Technologies
[30/04/2008|23:21] C:\Program Files\Common Files\newObjects
[06/05/2007|21:18] C:\Program Files\Common Files\NewTech Infosystems
[24/04/2008|23:18] C:\Program Files\Common Files\PX Storage Engine
[25/02/2008|18:32] C:\Program Files\Common Files\Real
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[24/04/2008|22:14] C:\Program Files\Common Files\Softwin
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[08/05/2008|13:27] C:\Program Files\Common Files\Steam
[14/02/2008|16:46] C:\Program Files\Common Files\Symantec Shared
[10/01/2008|00:42] C:\Program Files\Common Files\System
[06/01/2008|20:04] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 63
iexplore.exe ~ [3984]
iexplore.exe ~ [1960]
----------------------[ Recherche avec S_Lop ]---------------------
C:\ProgramData\type bash hold.rtoux
C:\ProgramData\Upload Bags Bags.0la34z
C:\ProgramData\Upload Bags Bags.awwnf
C:\ProgramData\Upload Bags Bags.ks12p0f
C:\ProgramData\type bash hold.rtoux
C:\ProgramData\Upload Bags Bags.0la34z
C:\ProgramData\Upload Bags Bags.ks12p0f
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\ProgramData\proxy dash
C:\ProgramData\proxy dash\brbnbzuv.exe
C:\ProgramData\proxy dash\funkpollmix.exe
C:\ProgramData\proxy dash\idolmapi01gram.exe
C:\ProgramData\proxy dash\yosyynac.exe
C:\ProgramData\Tool Eggs Less City
C:\ProgramData\Tool Eggs Less City\DART KIND.exe
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-10 19:34:15
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:16][Doss:4] C:\Users\MAXIMI~1\AppData\Local\Temp
/!\ [Fich:118][Doss:1] C:\Users\MAXIMI~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:3420][Doss:6] C:\Users\MAXIMI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[ UAC => 1 ]
--------------------[ Fin du rapport a 19:36:29,84 ]----------------------
Re,
Relance Lop S&D
- Choisis cette fois ci l'Option 2 (Suppression)
- Ne ferme pas la fenêtre lors de la suppression !
- Poste le rapport généré (C:\lopR.txt)
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
Répondre à XmichouX
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : maximinho45 ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 10/05/2008 | 20:29:13,16 ] [ PC : PC-DE-MAXIMINHO ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\ProgramData\proxy dash\brbnbzuv.exe
Supprimé! - C:\ProgramData\proxy dash\funkpollmix.exe
Supprimé! - C:\ProgramData\proxy dash\idolmapi01gram.exe
Supprimé! - C:\ProgramData\proxy dash\yosyynac.exe
Echec ! - C:\ProgramData\Tool Eggs Less City\DART KIND.exe
Supprimé! - C:\ProgramData\type bash hold.rtoux
Supprimé! - C:\ProgramData\Upload Bags Bags.0la34z
Supprimé! - C:\ProgramData\Upload Bags Bags.awwnf
Supprimé! - C:\ProgramData\Upload Bags Bags.ks12p0f
Supprimé! - C:\ProgramData\proxy dash
Echec ! - C:\ProgramData\Tool Eggs Less City
Restauré! - Fichier Hosts
\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////
Supprimé! - C:\ProgramData\Tool Eggs Less City\DART KIND.exe
Supprimé! - C:\ProgramData\Tool Eggs Less City
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[07/01/2008|00:23] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Flash Player
[04/01/2008|18:53] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Acrobat
[14/04/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Apple Computer\iTunes
[03/02/2008|12:30] C:\Users\MAXIMI~1\AppData\Roaming\ATI\ACE
[22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\audacity.cfg
[22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\AutoSave
[22/04/2008|20:51] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\presets
[26/04/2008|00:58] C:\Users\MAXIMI~1\AppData\Roaming\AVS4YOU\AVSVideoConverter
[24/04/2008|22:52] C:\Users\MAXIMI~1\AppData\Roaming\Bitdefender\Desktop
[01/05/2008|23:36] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Codec
[08/04/2008|15:50] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Player
[01/05/2008|21:08] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\VideoConstructor
[22/04/2008|20:46] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\Power MP3 Cutter Joiner
[12/04/2008|00:36] C:\Users\MAXIMI~1\AppData\Roaming\eMule\config
[08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\user.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\db
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\eoDesktop
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\ConfMedia.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\cmhost.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\host.cyp
[31/03/2008|21:28] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather.cfg
[31/03/2008|21:25] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.DBF
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.FPT
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.CDX
[01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.data
[01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.d000
[08/05/2008|01:10] C:\Users\MAXIMI~1\AppData\Roaming\Google\Local Search History
[22/02/2008|19:19] C:\Users\MAXIMI~1\AppData\Roaming\Google\GoogleEarth
[18/01/2008|23:05] C:\Users\MAXIMI~1\AppData\Roaming\gtk-2.0\gtkfilechooser
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Identities\{11E9382B-1A5F-4F18-B7B9-94D2A7CE5CE1}
[09/05/2008|23:41] C:\Users\MAXIMI~1\AppData\Roaming\ItsLabel\ItsTV
[06/05/2008|18:24] C:\Users\MAXIMI~1\AppData\Roaming\Lexmark Imaging Studio\LXDIPDS.xml
[10/05/2008|20:25] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\library.dat
[10/05/2008|20:02] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\createtimes.cache
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\filters.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\questions.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\tables.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\installation.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\mojito.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\limewire.props
[09/05/2008|02:08] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.cache
[08/05/2008|19:01] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\active.mojito
[03/05/2008|23:58] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\spam.dat
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttrees.cache
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttroot.cache
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\.AppSpecialShare
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\gnutella.net
[14/04/2008|09:15] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\version.xml
[13/04/2008|22:49] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\simpp.xml
[09/03/2008|02:00] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\responses.cache
[04/03/2008|21:34] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\passive.mojito
[29/02/2008|18:42] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\xml
[29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.bak
[29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\themes
[08/05/2008|01:14] C:\Users\MAXIMI~1\AppData\Roaming\Macromedia\Flash Player
[08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Installer
[08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Office
[08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OneNote
[03/05/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[28/04/2008|21:32] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MSN Messenger
[18/04/2008|08:01] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Templates
[18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Document Building Blocks
[18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Word
[15/04/2008|21:43] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MMC
[18/03/2008|23:00] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Speech
[05/03/2008|09:54] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OIS
[13/02/2008|23:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\HTML Help
[24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Excel
[24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\AddIns
[09/01/2008|20:28] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\preuve
[06/01/2008|20:17] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Internet Explorer
[06/01/2008|20:13] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\IdentityCRL
[05/01/2008|19:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows
[05/01/2008|18:40] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Network
[05/01/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Crypto
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\SystemCertificates
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Protect
[04/01/2008|18:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Credentials
[13/02/2008|23:37] C:\Users\MAXIMI~1\AppData\Roaming\Mozilla\Firefox
[14/03/2008|23:52] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealMediaSDK
[25/02/2008|18:32] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealPlayer
[03/08/2000|20:36] C:\Users\MAXIMI~1\AppData\Roaming\Template\Normal.wpt
[04/04/2008|08:52] C:\Users\MAXIMI~1\AppData\Roaming\UserTile.png\UserTile.png
[27/02/2008|23:40] C:\Users\MAXIMI~1\AppData\Roaming\video-for-mobile\3gpMobile
[01/05/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\vlc\vlcrc
[29/02/2008|23:26] C:\Users\MAXIMI~1\AppData\Roaming\vlc\cache
[11/02/2008|21:17] C:\Users\MAXIMI~1\AppData\Roaming\VUPlayer\default.vpl
[29/04/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[10/05/2008 20:28][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 20:25][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[06/05/2007|21:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2007|21:23] C:\ProgramData\Adobe
[01/03/2008|16:20] C:\ProgramData\Apple
[01/03/2008|16:23] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[26/04/2008|00:57] C:\ProgramData\AVS4YOU
[02/03/2008|23:55] C:\ProgramData\BitDefender
[04/01/2008|18:00] C:\ProgramData\Bureau
[06/05/2007|21:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[11/02/2008|21:25] C:\ProgramData\Downloaded Installations
[26/04/2008|00:38] C:\ProgramData\DVD Shrink
[12/04/2008|00:43] C:\ProgramData\eMule
[04/01/2008|18:14] C:\ProgramData\eSobi
[04/01/2008|18:00] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/04/2008|16:36] C:\ProgramData\FaxCtr
[08/05/2008|13:18] C:\ProgramData\Google
[09/02/2008|12:46] C:\ProgramData\Logishrd
[08/01/2008|19:38] C:\ProgramData\Logitech
[08/05/2008|21:32] C:\ProgramData\Lx_cats
[04/01/2008|18:00] C:\ProgramData\Menu D‚marrer
[10/01/2008|21:21] C:\ProgramData\Messenger Plus!
[03/03/2008|00:31] C:\ProgramData\Microsoft
[10/04/2008|11:57] C:\ProgramData\Microsoft Help
[04/01/2008|18:00] C:\ProgramData\ModŠles
[04/02/2008|22:25] C:\ProgramData\RTL Winter Sports 2008
[02/11/2006|15:02] C:\ProgramData\Start Menu
[14/02/2008|16:43] C:\ProgramData\Symantec
[10/03/2008|21:42] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[27/04/2008|18:41] C:\ProgramData\TrackMania
[11/03/2008|21:29] C:\ProgramData\Trymedia
[31/01/2008|23:55] C:\ProgramData\Ulead Systems
[03/04/2008|21:34] C:\ProgramData\WLInstaller
[27/02/2008|22:27] C:\ProgramData\ywasvxup.hvs
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[12/04/2008|16:36] C:\Program Files\Abbyy FineReader 6.0 Sprint
[06/05/2007|21:33] C:\Program Files\Acer Arcade Live
[22/06/2007|02:00] C:\Program Files\Acer Inc
[22/01/2008|22:25] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|21:23] C:\Program Files\Adobe
[03/03/2008|00:17] C:\Program Files\Alwil Software
[22/06/2007|01:56] C:\Program Files\ATI
[22/06/2007|01:57] C:\Program Files\ATI Technologies
[30/04/2008|23:15] C:\Program Files\AVS4YOU
[01/05/2008|23:54] C:\Program Files\bobyte
[01/03/2008|16:22] C:\Program Files\Bonjour
[08/05/2008|01:05] C:\Program Files\CCleaner
[30/04/2008|23:21] C:\Program Files\Common Files
[08/05/2008|13:24] C:\Program Files\Conduit
[06/05/2007|21:30] C:\Program Files\CyberLink
[14/01/2008|22:49] C:\Program Files\desktop.ini
[17/03/2008|21:15] C:\Program Files\Dictionnaire
[02/05/2008|00:01] C:\Program Files\Digital Video Converter
[24/04/2008|23:18] C:\Program Files\DivX
[08/05/2008|21:04] C:\Program Files\EoRezo
[07/01/2008|22:36] C:\Program Files\eSobi
[02/03/2008|02:05] C:\Program Files\FBrowserAdvisor
[04/01/2008|18:00] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/05/2008|20:10] C:\Program Files\FLV Player
[01/05/2008|20:13] C:\Program Files\FLV PlayerFCSetup.exe
[01/05/2008|20:12] C:\Program Files\FLV PlayerRCATSetup.exe
[01/05/2008|20:10] C:\Program Files\FLV PlayerRCSetup.exe
[22/02/2008|19:04] C:\Program Files\Foreignword
[08/05/2008|13:24] C:\Program Files\Freecorder
[08/05/2008|13:24] C:\Program Files\Google
[18/04/2008|20:38] C:\Program Files\Half-Life
[01/04/2008|10:39] C:\Program Files\IEToolbar
[16/04/2008|22:33] C:\Program Files\ImTOO
[24/04/2008|23:13] C:\Program Files\InstallShield Installation Information
[10/04/2008|11:57] C:\Program Files\Internet Explorer
[09/05/2008|23:42] C:\Program Files\ItsLabel
[04/03/2008|20:32] C:\Program Files\Java
[12/04/2008|16:37] C:\Program Files\Lexmark 3500-4500 Series
[12/04/2008|16:37] C:\Program Files\Lexmark Fax Solutions
[29/02/2008|18:38] C:\Program Files\LimeWire
[09/02/2008|12:38] C:\Program Files\Logitech
[17/04/2008|18:05] C:\Program Files\MediaCoder
[08/05/2008|12:40] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[06/05/2007|21:22] C:\Program Files\Microsoft Office
[04/01/2008|18:52] C:\Program Files\Microsoft Works
[06/05/2007|21:20] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[18/04/2008|21:06] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[07/01/2008|18:26] C:\Program Files\MSXML 4.0
[10/05/2008|00:08] C:\Program Files\Navilog1
[13/01/2008|21:04] C:\Program Files\Neuf
[30/04/2008|23:21] C:\Program Files\newObjects
[06/05/2007|21:18] C:\Program Files\NewTech Infosystems
[13/01/2008|20:50] C:\Program Files\Orange HSS
[06/05/2008|22:31] C:\Program Files\Paint.NET
[03/05/2008|13:44] C:\Program Files\PhotoFiltre
[27/04/2008|20:59] C:\Program Files\Project64 1.6
[01/03/2008|16:22] C:\Program Files\QuickTime
[25/02/2008|18:26] C:\Program Files\Real
[06/05/2007|21:05] C:\Program Files\Realtek
[16/04/2008|20:42] C:\Program Files\Red Kawa
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[01/05/2008|20:49] C:\Program Files\Replay Converter
[01/05/2008|20:48] C:\Program Files\Replay Media Catcher
[26/03/2008|18:03] C:\Program Files\Samsung
[05/01/2008|18:37] C:\Program Files\Securitoo
[02/03/2008|23:54] C:\Program Files\Softwin
[15/03/2008|20:21] C:\Program Files\Sonic the Hedgehog Adventure 2
[10/05/2008|20:29] C:\Program Files\Steam
[16/04/2008|16:17] C:\Program Files\TmNationsForever
[09/05/2008|19:42] C:\Program Files\Trend Micro
[20/04/2008|17:06] C:\Program Files\Ubisoft
[01/02/2008|00:20] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[27/02/2008|23:39] C:\Program Files\Video-For-Mobile
[01/05/2008|20:04] C:\Program Files\VideoLAN
[27/01/2008|22:50] C:\Program Files\Virtools
[24/04/2008|23:15] C:\Program Files\VirtualDJ
[01/03/2008|15:42] C:\Program Files\VistaCodecPack
[05/01/2008|18:33] C:\Program Files\Wanadoo
[14/01/2008|22:46] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[10/01/2008|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[06/01/2008|20:09] C:\Program Files\Windows Live
[10/04/2008|11:57] C:\Program Files\Windows Mail
[10/01/2008|00:42] C:\Program Files\Windows Media Player
[04/01/2008|18:00] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[11/01/2008|00:24] C:\Program Files\Windows Sidebar
[11/04/2008|12:47] C:\Program Files\WinRAR
[08/05/2008|13:15] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[06/05/2007|21:23] C:\Program Files\Common Files\Adobe
[30/04/2008|23:15] C:\Program Files\Common Files\AVSMedia
[06/05/2007|21:20] C:\Program Files\Common Files\DESIGNER
[06/05/2007|21:30] C:\Program Files\Common Files\InstallShield
[29/02/2008|18:36] C:\Program Files\Common Files\Java
[06/05/2007|21:17] C:\Program Files\Common Files\LightScribe
[09/02/2008|12:40] C:\Program Files\Common Files\LogiShrd
[27/02/2008|23:39] C:\Program Files\Common Files\microsoft shared
[06/05/2007|21:17] C:\Program Files\Common Files\muvee Technologies
[30/04/2008|23:21] C:\Program Files\Common Files\newObjects
[06/05/2007|21:18] C:\Program Files\Common Files\NewTech Infosystems
[24/04/2008|23:18] C:\Program Files\Common Files\PX Storage Engine
[25/02/2008|18:32] C:\Program Files\Common Files\Real
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[24/04/2008|22:14] C:\Program Files\Common Files\Softwin
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[08/05/2008|13:27] C:\Program Files\Common Files\Steam
[14/02/2008|16:46] C:\Program Files\Common Files\Symantec Shared
[10/01/2008|00:42] C:\Program Files\Common Files\System
[06/01/2008|20:04] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 64
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-10 20:30:23
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:19][Doss:5] C:\Users\MAXIMI~1\AppData\Local\Temp
/!\ [Fich:118][Doss:1] C:\Users\MAXIMI~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:3428][Doss:6] C:\Users\MAXIMI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[ UAC => 1 ]
--------------------[ Fin du rapport a 20:32:28,76 ]----------------------
Tu tiens à Eoreozo ..?
Répondre à XmichouX
non ...
Re,
Désinstalle via Ajout/Suppression de Programmes (si présents) :
- Eorezo
- & co
- Poste de travail/outils/option des dossiers/affichage/afficher les fichiers et dossiers cachés/Appliquer - - > OK
- Poste de travail/outils/option des dossiers/affichage/décocher masquer les fichiers protégés du système d'exploitation./Appliquer - - > OK
Tu recocheras après.
Puis supprime les dossiers correspondants :
- Dans Programfiles
- Dans Programfiles\Fichiers communs
- Dans %allusersprofile%\application data
( XP -> C:\Documents and Settings\All users\Application Data,
Vista -> C:\Users\ton nom\appdata\roaming)
- Etc ... (Tu peux rechercher les dossiers à supprimer par une recherche Windows [Démarrer\rechercher])
Télécharge Ccleaner sur ton Bureau.
- Clique sur "download the latest version"
- Installe-le en laissant seulement les options suivantes cochées :
- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner
- Lance le Nettoyage
- Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.
Aide : Comment utiliser CCleaner.
Supprime C:\ProgramData\ywasvxup.hvs
Puis poste un nouveau rapport HijackThis.
Message édité par XmichouX le 11-05-2008 à 13:34:33
Répondre à XmichouX
euh la c'est pour XP .. tu n'aurais pas pour vista
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:29:26, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/adve [...] &x_dp_id=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/p [...] taller.exe
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 8572 bytes
De quoi qui est pour vista ?!
Tu dois poster un nouveau rapport HijackThis
Répondre à XmichouX
bon je refait un rapport
HijackThis ne veux plus s'ouvre par " executer en tant qu'administrateur " mais sa a marcher comme sa ./...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:29:26, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/adve [...] &x_dp_id=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/p [...] taller.exe
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 8572 bytes
Toujours pas nouveau, tu en fais exprès ? 
Tu relances HijackThis, puis tu refais "Do a system scan and save a log file" et tu m'envoies le rapport généré.
Répondre à XmichouX
Il y a 1192 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
