Pub intempestive msn - Sécurité - Virus
TomsGuide.com : 700 000 inscrits répondent à toutes vos questions high-tech et informatique.
Pour obtenir de l'aide, inscrivez-vous gratuitement !
 

Ajouter une réponse



 Mot :   Pseudo :  
 
Bas de page
Auteur
 Sujet : Pub intempestive msn
 
marseb41
Profil : IDNaute
Plus d'informations
n°313024
02-06-2008 à 21:58:29

Bonjour, enfin re, j ai deja écrit un sujet que je ne retrouve plus donc je remets mon probleme. Mon fils a installé msn plus et depuis j ai de la pub qui apparait sans arret, comment la supprimer
Voici mon rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:28, on 02/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RavMonE.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\RavMonE.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\TANDEM POUR L'ECOLE\Mes documents\Téléchargement\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33568
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing)
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\RavMonE.exe
O4 - HKLM\..\Run: [Proc Deaf Delete Peak] C:\Documents and Settings\All Users\Application Data\file joy proc deaf\Tick Data.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.fnacphoto.com/ECTelecha [...] oader4.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://privateannazouette.spaces.l [...] nPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Merci de votre aide
seb

Liens spon sorisés

Inscrivez-vous ou connectez-vous pour masquer ceci.

XmichouX
Profil : Helper
Plus d'informations
n°313097
03-06-2008 à 14:01:06

Bonjour,

 

Télécharge Flash Disinfector (de sUBs) sur ton Bureau.

 
  • Connecte tous les périphériques externes ( DD , USB , ..... )
  • Double clique sur Flash Disinfector et laisse toi guider.


*******

 

Télécharge Lop S&D.exe (d' Eric 71 & Angeldark) sur ton bureau.

 
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)


Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau


Message édité par XmichouX le 03-06-2008 à 14:01:52

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention
marseb41
Profil : IDNaute
Plus d'informations
n°313249
03-06-2008 à 21:44:06

Ci dessous mon rapport

-----------------------[ Lop S&D 4.2.0-9 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : TANDEM POUR L'ECOLE ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 03/06/2008 | 21:39:57.64 ] [ PC : TANDEM ]
[ MAJ : 16-05-2008 | 23:35 ]

-------------[ Listing des dossiers dans Application Data ]------------

[01/01/2003|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[13/09/2004|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[14/05/2008|13:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\file joy proc deaf
[16/12/2006|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/12/2006|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[20/04/2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[16/12/2007|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Data Security
[13/09/2004|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/11/2005|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/05/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[09/03/2008|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Snapfish Livres de photo
[01/12/2006|20:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[24/05/2008|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/04/2005|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[16/12/2007|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UniversalisV12
[07/07/2006|13:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22/08/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[22/08/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[13/09/2004|19:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[13/06/2006|17:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[13/09/2004|19:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[17/10/2006|21:52] C:\DOCUME~1\TANDEM~1\APPLIC~1\3M
[19/04/2005|16:25] C:\DOCUME~1\TANDEM~1\APPLIC~1\Adobe
[19/04/2005|16:51] C:\DOCUME~1\TANDEM~1\APPLIC~1\AdobeUM
[31/05/2005|18:26] C:\DOCUME~1\TANDEM~1\APPLIC~1\Apple Computer
[17/10/2005|16:53] C:\DOCUME~1\TANDEM~1\APPLIC~1\CopyToDvd
[21/05/2005|14:00] C:\DOCUME~1\TANDEM~1\APPLIC~1\CyberLink
[13/09/2004|19:17] C:\DOCUME~1\TANDEM~1\APPLIC~1\desktop.ini
[29/08/2006|12:11] C:\DOCUME~1\TANDEM~1\APPLIC~1\ezpinst.exe
[02/09/2006|23:27] C:\DOCUME~1\TANDEM~1\APPLIC~1\Google
[14/05/2008|22:48] C:\DOCUME~1\TANDEM~1\APPLIC~1\gpl second noun
[10/12/2006|13:56] C:\DOCUME~1\TANDEM~1\APPLIC~1\Help
[01/12/2006|20:14] C:\DOCUME~1\TANDEM~1\APPLIC~1\HP
[13/09/2004|19:31] C:\DOCUME~1\TANDEM~1\APPLIC~1\Identities
[23/09/2007|01:02] C:\DOCUME~1\TANDEM~1\APPLIC~1\internaldb41.dat
[23/09/2007|01:03] C:\DOCUME~1\TANDEM~1\APPLIC~1\internaldb6334.dat
[23/09/2007|00:54] C:\DOCUME~1\TANDEM~1\APPLIC~1\internaldb8467.dat
[27/07/2005|15:17] C:\DOCUME~1\TANDEM~1\APPLIC~1\Lavasoft
[31/08/2005|20:22] C:\DOCUME~1\TANDEM~1\APPLIC~1\Leadertech
[02/05/2008|00:06] C:\DOCUME~1\TANDEM~1\APPLIC~1\LimeWire
[19/04/2005|13:31] C:\DOCUME~1\TANDEM~1\APPLIC~1\Macromedia
[17/11/2005|11:46] C:\DOCUME~1\TANDEM~1\APPLIC~1\Media Player Classic
[13/09/2004|19:17] C:\DOCUME~1\TANDEM~1\APPLIC~1\Microsoft
[16/12/2007|18:00] C:\DOCUME~1\TANDEM~1\APPLIC~1\Mozilla
[30/04/2005|23:24] C:\DOCUME~1\TANDEM~1\APPLIC~1\MSNInstaller
[29/08/2006|12:11] C:\DOCUME~1\TANDEM~1\APPLIC~1\pcouffin.cat
[29/08/2006|12:11] C:\DOCUME~1\TANDEM~1\APPLIC~1\pcouffin.inf
[29/08/2006|12:12] C:\DOCUME~1\TANDEM~1\APPLIC~1\pcouffin.log
[29/08/2006|12:11] C:\DOCUME~1\TANDEM~1\APPLIC~1\pcouffin.sys
[16/12/2006|14:14] C:\DOCUME~1\TANDEM~1\APPLIC~1\Real
[02/05/2008|18:56] C:\DOCUME~1\TANDEM~1\APPLIC~1\skypePM
[03/01/2007|13:46] C:\DOCUME~1\TANDEM~1\APPLIC~1\Snapfish
[19/04/2005|15:00] C:\DOCUME~1\TANDEM~1\APPLIC~1\Sun
[19/04/2005|12:39] C:\DOCUME~1\TANDEM~1\APPLIC~1\Symantec
[16/12/2007|18:00] C:\DOCUME~1\TANDEM~1\APPLIC~1\Universalis V12
[12/05/2008|22:19] C:\DOCUME~1\TANDEM~1\APPLIC~1\vlc
[09/04/2006|17:33] C:\DOCUME~1\TANDEM~1\APPLIC~1\Vso
[09/12/2006|11:08] C:\DOCUME~1\TANDEM~1\APPLIC~1\XTND_BTUIObjects

[22/10/2006|15:28] C:\DOCUME~1\INVIT\APPLIC~1\3M
[20/08/2007|22:20] C:\DOCUME~1\INVIT\APPLIC~1\Adobe
[13/09/2004|19:17] C:\DOCUME~1\INVIT\APPLIC~1\desktop.ini
[16/12/2006|15:36] C:\DOCUME~1\INVIT\APPLIC~1\Google
[18/05/2008|17:25] C:\DOCUME~1\INVIT\APPLIC~1\gpl second noun
[09/12/2006|17:03] C:\DOCUME~1\INVIT\APPLIC~1\HP
[13/09/2004|19:31] C:\DOCUME~1\INVIT\APPLIC~1\Identities
[06/10/2006|19:21] C:\DOCUME~1\INVIT\APPLIC~1\Macromedia
[28/12/2007|10:44] C:\DOCUME~1\INVIT\APPLIC~1\Media Player Classic
[13/09/2004|19:17] C:\DOCUME~1\INVIT\APPLIC~1\Microsoft
[30/04/2008|21:36] C:\DOCUME~1\INVIT\APPLIC~1\Mozilla
[16/12/2006|15:32] C:\DOCUME~1\INVIT\APPLIC~1\Real
[24/05/2007|15:45] C:\DOCUME~1\INVIT\APPLIC~1\Sun
[24/05/2008|22:21] C:\DOCUME~1\INVIT\APPLIC~1\vlc

[30/04/2008|22:28] C:\DOCUME~1\EMILIEN\APPLIC~1\Adobe
[13/09/2004|19:17] C:\DOCUME~1\EMILIEN\APPLIC~1\desktop.ini
[30/04/2008|22:34] C:\DOCUME~1\EMILIEN\APPLIC~1\EoRezo
[14/05/2008|13:01] C:\DOCUME~1\EMILIEN\APPLIC~1\gpl second noun
[13/09/2004|19:31] C:\DOCUME~1\EMILIEN\APPLIC~1\Identities
[30/04/2008|22:31] C:\DOCUME~1\EMILIEN\APPLIC~1\Macromedia
[13/09/2004|19:17] C:\DOCUME~1\EMILIEN\APPLIC~1\Microsoft
[30/04/2008|22:44] C:\DOCUME~1\EMILIEN\APPLIC~1\Mozilla
[14/05/2008|14:48] C:\DOCUME~1\EMILIEN\APPLIC~1\vlc


----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[03/06/2008 21:00][--ah-----] C:\WINDOWS\tasks\A9B332AA9148B226.job
[23/09/2007 01:04][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
[03/06/2008 18:47][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

A9B332AA9148B226.job <--> c:\docume~1\emilien\applic~1\gplsec~1\antiproxydefy.exe

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[28/12/2007|10:42] C:\Program Files\7-Zip
[01/01/2003|22:02] C:\Program Files\Acer Inc
[01/01/2003|22:07] C:\Program Files\Adobe
[06/01/2008|21:21] C:\Program Files\Alwil Software
[01/01/2003|21:51] C:\Program Files\AMD
[28/02/2006|09:38] C:\Program Files\ColiPoste
[13/09/2004|19:23] C:\Program Files\ComPlus Applications
[07/09/2007|17:27] C:\Program Files\Cyanide
[01/01/2003|22:04] C:\Program Files\CyberLink
[01/11/2005|15:31] C:\Program Files\DAP
[30/04/2008|22:34] C:\Program Files\EoRezo
[09/12/2006|11:01] C:\Program Files\Extended Systems
[13/09/2004|19:18] C:\Program Files\Fichiers communs
[30/05/2008|20:31] C:\Program Files\gpl second noun
[20/04/2006|10:10] C:\Program Files\Hewlett-Packard
[01/12/2006|19:58] C:\Program Files\HP
[13/09/2004|19:24] C:\Program Files\Internet Explorer
[04/07/2006|21:47] C:\Program Files\Inventel
[30/04/2008|22:36] C:\Program Files\ItsLabel
[19/04/2005|14:57] C:\Program Files\Java
[01/01/2003|21:59] C:\Program Files\Launch Manager
[01/01/2003|22:06] C:\Program Files\Ligos
[24/02/2007|13:42] C:\Program Files\LimeWire
[19/04/2005|12:29] C:\Program Files\ltmoh
[26/02/2006|22:39] C:\Program Files\Macrogaming
[13/04/2007|22:38] C:\Program Files\MarkAny
[13/09/2004|19:23] C:\Program Files\Messenger
[23/08/2007|23:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[20/02/2007|20:45] C:\Program Files\Microsoft Carioca
[13/09/2004|19:26] C:\Program Files\microsoft frontpage
[22/09/2007|21:47] C:\Program Files\Microsoft IntelliPoint
[19/04/2005|13:12] C:\Program Files\Microsoft Office
[19/07/2005|10:03] C:\Program Files\Microsoft Works
[01/11/2007|15:17] C:\Program Files\MIKSOFT
[13/09/2004|19:24] C:\Program Files\Movie Maker
[30/04/2008|21:35] C:\Program Files\Mozilla Firefox
[01/01/2008|22:50] C:\Program Files\MSECache
[13/09/2004|19:22] C:\Program Files\MSN
[13/09/2004|19:23] C:\Program Files\MSN Gaming Zone
[19/08/2007|22:11] C:\Program Files\MSN Messenger
[03/12/2006|00:32] C:\Program Files\MSXML 4.0
[13/09/2004|19:24] C:\Program Files\NetMeeting
[01/01/2003|22:05] C:\Program Files\NewTech Infosystems
[19/04/2005|12:39] C:\Program Files\Norton AntiVirus
[10/02/2008|10:54] C:\Program Files\NRJ
[13/09/2004|19:23] C:\Program Files\Online Services
[06/03/2007|00:02] C:\Program Files\outlook
[13/09/2004|19:24] C:\Program Files\Outlook Express
[16/12/2006|14:15] C:\Program Files\Real
[27/05/2007|15:06] C:\Program Files\RM-X Player V4.2
[19/04/2005|12:27] C:\Program Files\S3Inc
[13/04/2007|22:38] C:\Program Files\Samsung
[17/11/2005|11:38] C:\Program Files\Satsuki Decoder Pack
[13/09/2004|19:25] C:\Program Files\Services en ligne
[14/01/2007|20:36] C:\Program Files\Snapfish-livrephoto
[24/05/2008|09:40] C:\Program Files\Spybot - Search & Destroy
[01/01/2003|21:53] C:\Program Files\Synaptics
[16/12/2007|17:40] C:\Program Files\Universalis
[16/08/2005|12:39] C:\Program Files\VDCodecPack1.3
[05/02/2006|19:01] C:\Program Files\VIA
[01/01/2003|21:53] C:\Program Files\VIAudioi
[12/05/2008|21:22] C:\Program Files\VideoLAN
[03/02/2008|14:22] C:\Program Files\VISUAL PLANNING 4.3
[12/10/2005|09:51] C:\Program Files\VSO
[22/08/2007|15:02] C:\Program Files\Windows Live
[10/12/2006|14:21] C:\Program Files\Windows Media Connect 2
[13/09/2004|19:23] C:\Program Files\Windows Media Player
[13/09/2004|19:22] C:\Program Files\Windows NT
[13/09/2004|19:25] C:\Program Files\WindowsUpdate
[13/09/2004|19:27] C:\Program Files\xerox
[01/05/2008|11:13] C:\Program Files\Xilisoft
[20/04/2006|10:17] C:\Program Files\Zero G Registry

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[19/04/2005|16:25] C:\Program Files\Fichiers communs\Adobe
[22/09/2007|22:17] C:\Program Files\Fichiers communs\BitDefender
[19/04/2005|13:13] C:\Program Files\Fichiers communs\DESIGNER
[04/07/2006|21:48] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[01/12/2006|20:03] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2003|21:51] C:\Program Files\Fichiers communs\InstallShield
[19/04/2005|14:54] C:\Program Files\Fichiers communs\Java
[13/09/2004|19:18] C:\Program Files\Fichiers communs\Microsoft Shared
[13/09/2004|19:24] C:\Program Files\Fichiers communs\MSSoap
[13/09/2004|19:18] C:\Program Files\Fichiers communs\ODBC
[16/12/2006|14:15] C:\Program Files\Fichiers communs\Real
[13/09/2004|19:24] C:\Program Files\Fichiers communs\Services
[13/09/2004|19:18] C:\Program Files\Fichiers communs\SpeechEngines
[20/04/2006|10:08] C:\Program Files\Fichiers communs\SWF Studio
[19/04/2005|12:39] C:\Program Files\Fichiers communs\Symantec Shared
[13/09/2004|19:24] C:\Program Files\Fichiers communs\System
[26/02/2006|15:33] C:\Program Files\Fichiers communs\Vbox
[02/03/2008|10:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 37

iexplore.exe ~ [3128]
iexplore.exe ~ [3812]
iexplore.exe ~ [1420]
iexplore.exe ~ [2664]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf\locks plus.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf\OWNS DALE.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf\Tick Data.exe
C:\DOCUME~1\TANDEM~1\APPLIC~1\gplsec~1
C:\DOCUME~1\INVIT\APPLIC~1\gplsec~1
C:\DOCUME~1\INVIT\APPLIC~1\gplsec~1\LONGLOVETITLE.exe
C:\DOCUME~1\INVIT\APPLIC~1\gplsec~1\rrehqgfx.exe
C:\DOCUME~1\INVIT\APPLIC~1\gplsec~1\view bolt junk build.exe
C:\DOCUME~1\INVIT\APPLIC~1\gplsec~1\anti proxy defy.exe
C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1
C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\LONGLOVETITLE.exe
C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\ybcauvlf.exe
C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\view bolt junk build.exe
C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\anti proxy defy.exe
C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\gbusmtbr.exe
C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\pyvtxtat.exe
C:\Program Files\gplsec~1
C:\WINDOWS\Tasks\A9B332AA9148B226.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Proc Deaf Delete Peak"="C:\\Documents and Settings\\All Users\\Application Data\\file joy proc deaf\\Tick Data.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-03 21:41:02
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Solitaire.Pop [ISO + Crack).zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Winrar v 3 70 Beta 2 (Cracked).zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Mac Crack Attack 1.0.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Autocad 2007 Incl Crack.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Jedi Knight II Jedi Outcast Crack of Doom map .zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Commodore 64 Games (cracked and cheats).zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\WinZIP 11 02 PRO+Crack.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\SlySoft AnyDVD HD 6 1 3 0 final cracked By Punjab rar.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Access Password Cracker 1.0 build 20060201.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\RA Games - Ice Cream Tycoon + Crack {DanManInSane}.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\RAR Password Cracker 4.12.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Alcohol 120 v1 9 5 4327 Retail WinALL Cracked-BLiZZARD zip.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Limewire Pro 4 10 Cracked - BLiZZARD zip.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Titan Quest Immortal Throne NoDVD CRACK-Unleashed.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\SlySoft CloneCD v5 3 0 1 With Crack-BLiZZARD zip.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Diskeeper Corporation 2007 Pro Premier + crack rar.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Ultimate ZIP Cracker 7.3.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Windows VIsta Crack Finale.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Windows Vista Crack for all Versions + Updater.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Windows Vista Crack Ultimate AllVersion NEW REALLY WORK EASY.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\WinRar Lifetime KEY (no crack, all versions).zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Windows XP ALL Versions Crack.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Alcohol 120 v2 0 1 4212 Retail WinALL Cracked-BLiZZARD.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\SpywareDoctor v 4 0 0 2613 With Crack-BLaCkLitE zip.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\PowerIso 3 3 With Crack-BLaCkLitE zip.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Limewire Pro 4 10 Cracked-BLaCkLitE zip.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\PalmCrack 1.1.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Registry Repair Wizard 2007 4 52 + crack.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\DVD and CD Cover Print v3 4 2 WinAll Cracked-BRD[www.NeMeSYZ.com].zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Bigfish Games - Peggle + Crack {DanManInSane}.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\L0phtCrack LC5 v5 04 3586606 TPB.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Alcohol 120 v1 9 5 4327 Retail + Crack By Odiliada.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\The Elder Scrolls IV Oblivion + NoDVD Crack.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Windows Vista Crack.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\[Demonoid com]-Microsoft Windows XP Media Center Edition 2005 Activation crack.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Vista Ultimate Crack (PatchUnlock) 100% works.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Microsoft Windows Vista RTM PROPER Activation Crack-ReeBSaW rar.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Winrar 3 70 + Crack.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Adobe Acrobat 8 Professional FULL DVD Incl CRACK.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Webroot Spy Sweeper v5.3.2 Build 2361 [ENG][+crack].zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Windows Vista All Versions x86 x64 Final Best Crack-VanVan zip.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Microsoft Windows Vista Ultimate X86 (c) Microsoft KEYGEN + NOACTIVATION.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Microsoft Office 2007 keygen.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\anapod 9 0 with keygen rar.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\diablo2 duper+keygen+maphack+d2hackit rar.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Cyberlink PowerDVD Ultra Deluxe v7 3 Multilingual Incl Keygen-ViRiLiTY.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Windows Vista Keygen.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\SlySoft AnyDVD HD v6 1 3 0 WinALL Keygen and Patch Only.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Alcohol 120% 1 9 6 4629 Retail With Activator+Keygen-BLiZZARD zip.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Winamp v5 33 x86 Professionall Build 13 02 2007 + Keygen.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Cyberlink PowerDVD Ultra Deluxe v7 3 Multilingual Incl Keygen-ViRiLiTY www.NEWTORRENTS.info .zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\BS Player Pro v2 12 942 Pro + Keygen.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Winamp 5 33 Pro + Keygen - [www slotorrent net].zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\System Mechanic 7 Pro + Keygen.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Registry Mechanic 6 0 + Keygen.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Webroot Spy Sweeper v5 3 1 2344 Plus Keygen-BLiZZARD.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Hide IP Platnium 3 31 + Keygen.zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\ACDSee Photo Manager v9.0 Build 108 [ENG][+keygen].zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\Keygenerator pentru Microsoft Office 2007(httptorrents c-net ro).zip
=> C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete\WinAVI Video Converter 7 7 + Keygen [www.andrew-fu.net].zip


[F:108][D:26]-> C:\DOCUME~1\TANDEM~1\LOCALS~1\Temp
[F:33][D:0]-> C:\DOCUME~1\TANDEM~1\Cookies
[F:385][D:6]-> C:\DOCUME~1\TANDEM~1\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

--------------------[ Fin du rapport a 21:42:01.59 ]----------------------

XmichouX
Profil : Helper
Plus d'informations
n°313267
03-06-2008 à 22:40:39

Re,

Sélectionne entièrement l'encadré ci-dessous , puis clique droit Copier

C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete



Relance Lop S&D

  • Choisis cette fois ci l'Option 4 (LopScript)
  • Une page blanche va s'ouvrir , clique droit dessus et choisis Coller
  • Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)


---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention
marseb41
Profil : IDNaute
Plus d'informations
n°313735
06-06-2008 à 22:08:49

Voici le rapport


-----------------------[ Lop S&D 4.2.0-9 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : TANDEM POUR L'ECOLE ] [ "C:\Lop SD" ] [ Selection : 4 ]
[ 06/06/2008 | 21:58:51.50 ] [ PC : TANDEM ]
[ MAJ : 16-05-2008 | 23:35 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ LopScript //////////////////////////////////

C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete

Supprimé! - C:\Documents and Settings\TANDEM POUR L'ECOLE\Complete

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf\locks plus.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf\OWNS DALE.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf\Tick Data.exe
Supprimé! - C:\DOCUME~1\INVIT\APPLIC~1\gplsec~1\LONGLOVETITLE.exe
Supprimé! - C:\DOCUME~1\INVIT\APPLIC~1\gplsec~1\rrehqgfx.exe
Supprimé! - C:\DOCUME~1\INVIT\APPLIC~1\gplsec~1\view bolt junk build.exe
Supprimé! - C:\DOCUME~1\INVIT\APPLIC~1\gplsec~1\anti proxy defy.exe
Supprimé! - C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\LONGLOVETITLE.exe
Supprimé! - C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\ybcauvlf.exe
Supprimé! - C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\view bolt junk build.exe
Supprimé! - C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\anti proxy defy.exe
Supprimé! - C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\gbusmtbr.exe
Supprimé! - C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1\pyvtxtat.exe
Supprimé! - C:\WINDOWS\Tasks\A9B332AA9148B226.job
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf
Supprimé! - C:\DOCUME~1\TANDEM~1\APPLIC~1\gplsec~1
Supprimé! - C:\DOCUME~1\INVIT\APPLIC~1\gplsec~1
Supprimé! - C:\DOCUME~1\EMILIEN\APPLIC~1\gplsec~1
Supprimé! - C:\Program Files\gplsec~1

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[01/01/2003|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[13/09/2004|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[16/12/2006|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/12/2006|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[20/04/2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[16/12/2007|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Data Security
[13/09/2004|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/11/2005|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/05/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[09/03/2008|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Snapfish Livres de photo
[01/12/2006|20:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[24/05/2008|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/04/2005|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[16/12/2007|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UniversalisV12
[07/07/2006|13:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22/08/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[22/08/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[13/09/2004|19:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[13/06/2006|17:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[13/09/2004|19:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[17/10/2006|21:52] C:\DOCUME~1\TANDEM~1\APPLIC~1\3M
[19/04/2005|16:25] C:\DOCUME~1\TANDEM~1\APPLIC~1\Adobe
[19/04/2005|16:51] C:\DOCUME~1\TANDEM~1\APPLIC~1\AdobeUM
[31/05/2005|18:26] C:\DOCUME~1\TANDEM~1\APPLIC~1\Apple Computer
[17/10/2005|16:53] C:\DOCUME~1\TANDEM~1\APPLIC~1\CopyToDvd
[21/05/2005|14:00] C:\DOCUME~1\TANDEM~1\APPLIC~1\CyberLink
[13/09/2004|19:17] C:\DOCUME~1\TANDEM~1\APPLIC~1\desktop.ini
[29/08/2006|12:11] C:\DOCUME~1\TANDEM~1\APPLIC~1\ezpinst.exe
[02/09/2006|23:27] C:\DOCUME~1\TANDEM~1\APPLIC~1\Google
[10/12/2006|13:56] C:\DOCUME~1\TANDEM~1\APPLIC~1\Help
[01/12/2006|20:14] C:\DOCUME~1\TANDEM~1\APPLIC~1\HP
[13/09/2004|19:31] C:\DOCUME~1\TANDEM~1\APPLIC~1\Identities
[23/09/2007|01:02] C:\DOCUME~1\TANDEM~1\APPLIC~1\internaldb41.dat
[23/09/2007|01:03] C:\DOCUME~1\TANDEM~1\APPLIC~1\internaldb6334.dat
[23/09/2007|00:54] C:\DOCUME~1\TANDEM~1\APPLIC~1\internaldb8467.dat
[27/07/2005|15:17] C:\DOCUME~1\TANDEM~1\APPLIC~1\Lavasoft
[31/08/2005|20:22] C:\DOCUME~1\TANDEM~1\APPLIC~1\Leadertech
[02/05/2008|00:06] C:\DOCUME~1\TANDEM~1\APPLIC~1\LimeWire
[19/04/2005|13:31] C:\DOCUME~1\TANDEM~1\APPLIC~1\Macromedia
[17/11/2005|11:46] C:\DOCUME~1\TANDEM~1\APPLIC~1\Media Player Classic
[13/09/2004|19:17] C:\DOCUME~1\TANDEM~1\APPLIC~1\Microsoft
[16/12/2007|18:00] C:\DOCUME~1\TANDEM~1\APPLIC~1\Mozilla
[30/04/2005|23:24] C:\DOCUME~1\TANDEM~1\APPLIC~1\MSNInstaller
[29/08/2006|12:11] C:\DOCUME~1\TANDEM~1\APPLIC~1\pcouffin.cat
[29/08/2006|12:11] C:\DOCUME~1\TANDEM~1\APPLIC~1\pcouffin.inf
[29/08/2006|12:12] C:\DOCUME~1\TANDEM~1\APPLIC~1\pcouffin.log
[29/08/2006|12:11] C:\DOCUME~1\TANDEM~1\APPLIC~1\pcouffin.sys
[16/12/2006|14:14] C:\DOCUME~1\TANDEM~1\APPLIC~1\Real
[02/05/2008|18:56] C:\DOCUME~1\TANDEM~1\APPLIC~1\skypePM
[03/01/2007|13:46] C:\DOCUME~1\TANDEM~1\APPLIC~1\Snapfish
[19/04/2005|15:00] C:\DOCUME~1\TANDEM~1\APPLIC~1\Sun
[19/04/2005|12:39] C:\DOCUME~1\TANDEM~1\APPLIC~1\Symantec
[16/12/2007|18:00] C:\DOCUME~1\TANDEM~1\APPLIC~1\Universalis V12
[12/05/2008|22:19] C:\DOCUME~1\TANDEM~1\APPLIC~1\vlc
[09/04/2006|17:33] C:\DOCUME~1\TANDEM~1\APPLIC~1\Vso
[09/12/2006|11:08] C:\DOCUME~1\TANDEM~1\APPLIC~1\XTND_BTUIObjects

[22/10/2006|15:28] C:\DOCUME~1\INVIT\APPLIC~1\3M
[20/08/2007|22:20] C:\DOCUME~1\INVIT\APPLIC~1\Adobe
[13/09/2004|19:17] C:\DOCUME~1\INVIT\APPLIC~1\desktop.ini
[16/12/2006|15:36] C:\DOCUME~1\INVIT\APPLIC~1\Google
[09/12/2006|17:03] C:\DOCUME~1\INVIT\APPLIC~1\HP
[13/09/2004|19:31] C:\DOCUME~1\INVIT\APPLIC~1\Identities
[06/10/2006|19:21] C:\DOCUME~1\INVIT\APPLIC~1\Macromedia
[28/12/2007|10:44] C:\DOCUME~1\INVIT\APPLIC~1\Media Player Classic
[13/09/2004|19:17] C:\DOCUME~1\INVIT\APPLIC~1\Microsoft
[30/04/2008|21:36] C:\DOCUME~1\INVIT\APPLIC~1\Mozilla
[16/12/2006|15:32] C:\DOCUME~1\INVIT\APPLIC~1\Real
[24/05/2007|15:45] C:\DOCUME~1\INVIT\APPLIC~1\Sun
[24/05/2008|22:21] C:\DOCUME~1\INVIT\APPLIC~1\vlc

[30/04/2008|22:28] C:\DOCUME~1\EMILIEN\APPLIC~1\Adobe
[13/09/2004|19:17] C:\DOCUME~1\EMILIEN\APPLIC~1\desktop.ini
[30/04/2008|22:34] C:\DOCUME~1\EMILIEN\APPLIC~1\EoRezo
[13/09/2004|19:31] C:\DOCUME~1\EMILIEN\APPLIC~1\Identities
[30/04/2008|22:31] C:\DOCUME~1\EMILIEN\APPLIC~1\Macromedia
[13/09/2004|19:17] C:\DOCUME~1\EMILIEN\APPLIC~1\Microsoft
[30/04/2008|22:44] C:\DOCUME~1\EMILIEN\APPLIC~1\Mozilla
[04/06/2008|13:49] C:\DOCUME~1\EMILIEN\APPLIC~1\Sun
[14/05/2008|14:48] C:\DOCUME~1\EMILIEN\APPLIC~1\vlc


----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[23/09/2007 01:04][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
[06/06/2008 21:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[28/12/2007|10:42] C:\Program Files\7-Zip
[01/01/2003|22:02] C:\Program Files\Acer Inc
[01/01/2003|22:07] C:\Program Files\Adobe
[06/01/2008|21:21] C:\Program Files\Alwil Software
[01/01/2003|21:51] C:\Program Files\AMD
[28/02/2006|09:38] C:\Program Files\ColiPoste
[13/09/2004|19:23] C:\Program Files\ComPlus Applications
[07/09/2007|17:27] C:\Program Files\Cyanide
[01/01/2003|22:04] C:\Program Files\CyberLink
[01/11/2005|15:31] C:\Program Files\DAP
[30/04/2008|22:34] C:\Program Files\EoRezo
[09/12/2006|11:01] C:\Program Files\Extended Systems
[13/09/2004|19:18] C:\Program Files\Fichiers communs
[20/04/2006|10:10] C:\Program Files\Hewlett-Packard
[01/12/2006|19:58] C:\Program Files\HP
[13/09/2004|19:24] C:\Program Files\Internet Explorer
[04/07/2006|21:47] C:\Program Files\Inventel
[30/04/2008|22:36] C:\Program Files\ItsLabel
[19/04/2005|14:57] C:\Program Files\Java
[01/01/2003|21:59] C:\Program Files\Launch Manager
[01/01/2003|22:06] C:\Program Files\Ligos
[24/02/2007|13:42] C:\Program Files\LimeWire
[19/04/2005|12:29] C:\Program Files\ltmoh
[26/02/2006|22:39] C:\Program Files\Macrogaming
[13/04/2007|22:38] C:\Program Files\MarkAny
[13/09/2004|19:23] C:\Program Files\Messenger
[23/08/2007|23:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[20/02/2007|20:45] C:\Program Files\Microsoft Carioca
[13/09/2004|19:26] C:\Program Files\microsoft frontpage
[22/09/2007|21:47] C:\Program Files\Microsoft IntelliPoint
[19/04/2005|13:12] C:\Program Files\Microsoft Office
[19/07/2005|10:03] C:\Program Files\Microsoft Works
[01/11/2007|15:17] C:\Program Files\MIKSOFT
[13/09/2004|19:24] C:\Program Files\Movie Maker
[30/04/2008|21:35] C:\Program Files\Mozilla Firefox
[01/01/2008|22:50] C:\Program Files\MSECache
[13/09/2004|19:22] C:\Program Files\MSN
[13/09/2004|19:23] C:\Program Files\MSN Gaming Zone
[19/08/2007|22:11] C:\Program Files\MSN Messenger
[03/12/2006|00:32] C:\Program Files\MSXML 4.0
[13/09/2004|19:24] C:\Program Files\NetMeeting
[01/01/2003|22:05] C:\Program Files\NewTech Infosystems
[19/04/2005|12:39] C:\Program Files\Norton AntiVirus
[10/02/2008|10:54] C:\Program Files\NRJ
[13/09/2004|19:23] C:\Program Files\Online Services
[06/03/2007|00:02] C:\Program Files\outlook
[13/09/2004|19:24] C:\Program Files\Outlook Express
[16/12/2006|14:15] C:\Program Files\Real
[27/05/2007|15:06] C:\Program Files\RM-X Player V4.2
[19/04/2005|12:27] C:\Program Files\S3Inc
[13/04/2007|22:38] C:\Program Files\Samsung
[17/11/2005|11:38] C:\Program Files\Satsuki Decoder Pack
[13/09/2004|19:25] C:\Program Files\Services en ligne
[14/01/2007|20:36] C:\Program Files\Snapfish-livrephoto
[24/05/2008|09:40] C:\Program Files\Spybot - Search & Destroy
[01/01/2003|21:53] C:\Program Files\Synaptics
[16/12/2007|17:40] C:\Program Files\Universalis
[16/08/2005|12:39] C:\Program Files\VDCodecPack1.3
[05/02/2006|19:01] C:\Program Files\VIA
[01/01/2003|21:53] C:\Program Files\VIAudioi
[12/05/2008|21:22] C:\Program Files\VideoLAN
[03/02/2008|14:22] C:\Program Files\VISUAL PLANNING 4.3
[12/10/2005|09:51] C:\Program Files\VSO
[22/08/2007|15:02] C:\Program Files\Windows Live
[10/12/2006|14:21] C:\Program Files\Windows Media Connect 2
[13/09/2004|19:23] C:\Program Files\Windows Media Player
[13/09/2004|19:22] C:\Program Files\Windows NT
[13/09/2004|19:25] C:\Program Files\WindowsUpdate
[13/09/2004|19:27] C:\Program Files\xerox
[01/05/2008|11:13] C:\Program Files\Xilisoft
[20/04/2006|10:17] C:\Program Files\Zero G Registry

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[19/04/2005|16:25] C:\Program Files\Fichiers communs\Adobe
[22/09/2007|22:17] C:\Program Files\Fichiers communs\BitDefender
[19/04/2005|13:13] C:\Program Files\Fichiers communs\DESIGNER
[04/07/2006|21:48] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[01/12/2006|20:03] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2003|21:51] C:\Program Files\Fichiers communs\InstallShield
[19/04/2005|14:54] C:\Program Files\Fichiers communs\Java
[13/09/2004|19:18] C:\Program Files\Fichiers communs\Microsoft Shared
[13/09/2004|19:24] C:\Program Files\Fichiers communs\MSSoap
[13/09/2004|19:18] C:\Program Files\Fichiers communs\ODBC
[16/12/2006|14:15] C:\Program Files\Fichiers communs\Real
[13/09/2004|19:24] C:\Program Files\Fichiers communs\Services
[13/09/2004|19:18] C:\Program Files\Fichiers communs\SpeechEngines
[20/04/2006|10:08] C:\Program Files\Fichiers communs\SWF Studio
[19/04/2005|12:39] C:\Program Files\Fichiers communs\Symantec Shared
[13/09/2004|19:24] C:\Program Files\Fichiers communs\System
[26/02/2006|15:33] C:\Program Files\Fichiers communs\Vbox
[02/03/2008|10:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 27

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-06 22:07:33
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

[F:117][D:26]-> C:\DOCUME~1\TANDEM~1\LOCALS~1\Temp
[F:55][D:0]-> C:\DOCUME~1\TANDEM~1\Cookies
[F:1008][D:6]-> C:\DOCUME~1\TANDEM~1\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

--------------------[ Fin du rapport a 22:08:16.96 ]----------------------

XmichouX
Profil : Helper
Plus d'informations
n°313749
06-06-2008 à 23:28:46

Re,

Sélectionne l’intégralité du cadre ci-dessous :

@echo off & cls
dir /a /s "C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Data Security" > youpi.log
youpi.log & del youpi.log
exit


Copie/colle le dans le Bloc-notes (Démarrer\Tous les programmes\Accessoires\Bloc-notes.)
Enregistre le sous sur ton Bureau sous le nom de Correction.bat
Double-clique dessus. Poste le rapport généré (si présent).


---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention
marseb41
Profil : IDNaute
Plus d'informations
n°313770
07-06-2008 à 10:22:06

Voici le rapport, merci de l aide

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 0A2A-1AD4

R‚pertoire de C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Data Security

16/12/2007 17:59 <REP> .
16/12/2007 17:59 <REP> ..
16/12/2007 17:59 <REP> ENCYCUNI_DVDEUV12110906
0 fichier(s) 0 octets

R‚pertoire de C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Data Security\ENCYCUNI_DVDEUV12110906

16/12/2007 17:59 <REP> .
16/12/2007 17:59 <REP> ..
16/12/2007 17:59 256 settings.bin
1 fichier(s) 256 octets

Total des fichiers list‚sÿ:
1 fichier(s) 256 octets
5 R‚p(s) 979ÿ517ÿ440 octets libres

XmichouX
Profil : Helper
Plus d'informations
n°313816
07-06-2008 à 13:20:42

Re,

Supprime ce dossier.

Poste un nouveau rapport HijackThis.


---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention
marseb41
Profil : IDNaute
Plus d'informations
n°313902
07-06-2008 à 17:28:22

Je ne sais pas coment supprimer le fichier dont tu parles.
Voici quand meme mon rapport

ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:16:43, on 07/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RavMonE.exe
C:\WINDOWS\system32\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\TANDEM POUR L'ECOLE\Mes documents\Téléchargement\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33568
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing)
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\RavMonE.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.fnacphoto.com/ECTelecha [...] oader4.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://privateannazouette.spaces.l [...] nPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 5173 bytes

XmichouX
Profil : Helper
Pl