probleme fenetre intempestive , help persiste !
Dernière réponse : dans Sécurité
bonjour tout le monde . apres avoir subit un formatage et essayé plusieurs logiciel antivirus , je n ai pas reussi a venir a bout de ces problemes de fenetre intempestive . J ai vu plusieurs solution avec hijackthis , mais a chaque fois je n arrive pas a aboutir car il manque certaine chose enfin bref , j aimerais si cela ne vous derange pas , que vous preniez un petit peu de votre temps et m expliquer la procedure entiere pour pouvoir en venir a bout ( des fenetre intempestive xD ![:love:]( ":love:")
) je vous remercie bonne journée ![:)]( ":)")
) je vous remercie bonne journée 
Autres pages sur : probleme fenetre intempestive help persiste
Lassé par la pub ? Créez un compte
Bonjour,
Pas d'UP avant 24h !
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
Double clique sur HJTInstall.exe pour lancer l'installation.
Clique sur Install.
Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
Accepte la licence en cliquant sur Yes.
Clique sur Do a system scan and save a logfile.
Poste ici le rapport généré.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
Pas d'UP avant 24h !
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
merci ; voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:57, on 09/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\steam\steam.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Roland\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Win Data Book Sect] C:\Documents and Settings\All Users.WINDOWS\Application Data\One idol win data\Bib vga.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [hide chin] C:\DOCUME~1\Roland\APPLIC~1\FOURME~1\OnceOkay.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Documents and Settings\Roland\Menu Démarrer\Programmes\CarbonPoker\CarbonPoker.lnk (HKCU)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 3652 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:57, on 09/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\steam\steam.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Roland\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Win Data Book Sect] C:\Documents and Settings\All Users.WINDOWS\Application Data\One idol win data\Bib vga.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [hide chin] C:\DOCUME~1\Roland\APPLIC~1\FOURME~1\OnceOkay.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Documents and Settings\Roland\Menu Démarrer\Programmes\CarbonPoker\CarbonPoker.lnk (HKCU)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 3652 bytes
Re,
Télécharge Lop S&D.exe (d’ Eric 71) sur ton bureau.
Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
Patiente jusqu'à la fin du scan
Poste le rapport généré (C:\lopR.txt)
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
Télécharge Lop S&D.exe (d’ Eric 71) sur ton bureau.
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
-----------------------[ Lop S&D 4.2.2-0 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 3 ]
[ USER : Roland ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 09/07/2008 | 14:34:57,04 ] [ PC : GUILZ ]
[ MAJ : 06-07-2008 | 10:55 ]
-------------[ Listing des dossiers dans Application Data ]------------
[20/06/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[09/10/2007|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/06/2008|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Emjysoft
[20/05/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14/10/2007|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[16/10/2007|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[22/06/2008|03:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[09/10/2007|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[09/06/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[19/05/2008|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/05/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[21/06/2008|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data
[09/06/2008|13:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[25/05/2008|23:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[25/06/2008|01:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[10/10/2007|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tournament.com Client
[25/06/2008|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[20/10/2007|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/07/2008|16:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
[08/07/2008|18:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Logitech
[08/07/2008|17:43] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[08/07/2008|16:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[08/07/2008|17:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\One idol win data
[09/07/2008|02:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[08/07/2008|16:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[09/10/2007|22:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|03:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/07/2008|16:38] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini
[08/07/2008|14:52] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[28/05/2008|15:50] C:\DOCUME~1\GuiLz\APPLIC~1\Adobe
[09/10/2007|22:43] C:\DOCUME~1\GuiLz\APPLIC~1\desktop.ini
[30/06/2008|19:38] C:\DOCUME~1\GuiLz\APPLIC~1\DivX
[12/06/2008|23:13] C:\DOCUME~1\GuiLz\APPLIC~1\dvdcss
[25/06/2008|02:11] C:\DOCUME~1\GuiLz\APPLIC~1\Emjysoft
[21/06/2008|21:27] C:\DOCUME~1\GuiLz\APPLIC~1\Four Meow Name
[15/03/2008|23:50] C:\DOCUME~1\GuiLz\APPLIC~1\Google
[09/10/2007|20:59] C:\DOCUME~1\GuiLz\APPLIC~1\Identities
[09/05/2008|21:48] C:\DOCUME~1\GuiLz\APPLIC~1\InstallShield
[01/07/2008|01:07] C:\DOCUME~1\GuiLz\APPLIC~1\LimeWire
[15/03/2008|23:01] C:\DOCUME~1\GuiLz\APPLIC~1\Macromedia
[09/06/2008|12:56] C:\DOCUME~1\GuiLz\APPLIC~1\Malwarebytes
[30/04/2008|16:54] C:\DOCUME~1\GuiLz\APPLIC~1\Microsoft
[27/06/2008|22:32] C:\DOCUME~1\GuiLz\APPLIC~1\mIRC
[25/06/2008|23:49] C:\DOCUME~1\GuiLz\APPLIC~1\Mozilla
[05/12/2007|19:49] C:\DOCUME~1\GuiLz\APPLIC~1\Sony Ericsson
[02/06/2008|15:50] C:\DOCUME~1\GuiLz\APPLIC~1\Sun
[03/07/2008|14:29] C:\DOCUME~1\GuiLz\APPLIC~1\teamspeak2
[05/12/2007|19:51] C:\DOCUME~1\GuiLz\APPLIC~1\Teleca
[16/06/2008|19:18] C:\DOCUME~1\GuiLz\APPLIC~1\uTorrent
[10/10/2007|00:39] C:\DOCUME~1\GuiLz\APPLIC~1\vlc
[11/10/2007|21:18] C:\DOCUME~1\GuiLz\APPLIC~1\WinRAR
[09/10/2007|20:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/07/2008|14:52] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[09/10/2007|20:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/07/2008|14:52] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[08/07/2008|15:21] C:\DOCUME~1\Roland\APPLIC~1\Adobe
[08/07/2008|16:38] C:\DOCUME~1\Roland\APPLIC~1\desktop.ini
[08/07/2008|17:27] C:\DOCUME~1\Roland\APPLIC~1\Four Meow Name
[08/07/2008|15:01] C:\DOCUME~1\Roland\APPLIC~1\Identities
[08/07/2008|15:21] C:\DOCUME~1\Roland\APPLIC~1\Macromedia
[09/07/2008|03:33] C:\DOCUME~1\Roland\APPLIC~1\Microsoft
[08/07/2008|15:43] C:\DOCUME~1\Roland\APPLIC~1\mIRC
[08/07/2008|15:17] C:\DOCUME~1\Roland\APPLIC~1\Mozilla
[08/07/2008|16:23] C:\DOCUME~1\Roland\APPLIC~1\teamspeak2
[09/07/2008|02:19] C:\DOCUME~1\Roland\APPLIC~1\vlc
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[09/07/2008 14:00][--ah-----] C:\WINDOWS\tasks\AD46670091BA1AC4.job
[09/07/2008 12:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
AD46670091BA1AC4.job <--> c:\docume~1\roland\applic~1\fourme~1\buildfunkdownload.exe
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/04/2008|15:44] C:\Program Files\3DO
[21/05/2008|16:26] C:\Program Files\Alwil Software
[05/03/2008|16:30] C:\Program Files\Apr2005_d3dx9_25_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2005_d3dx9_25_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_d3dx9_30_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_d3dx9_30_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_MDX1_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx10_33_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx10_33_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx9_33_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx9_33_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\Aug2005_d3dx9_27_x64.cab
[05/03/2008|16:30] C:\Program Files\Aug2005_d3dx9_27_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx10_35_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx10_35_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx9_35_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx9_35_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\BDANT.cab
[05/03/2008|16:30] C:\Program Files\BDAXP.cab
[20/06/2008|12:42] C:\Program Files\BitDefender
[08/07/2008|15:42] C:\Program Files\CamStudio
[08/07/2008|15:49] C:\Program Files\CarbonPoker
[08/07/2008|17:26] C:\Program Files\Circle Developement
[09/10/2007|20:51] C:\Program Files\ComPlus Applications
[05/03/2008|16:30] C:\Program Files\Dec2005_d3dx9_28_x64.cab
[05/03/2008|16:30] C:\Program Files\Dec2005_d3dx9_28_x86.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx10_00_x64.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx10_00_x86.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx9_32_x64.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx9_32_x86.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_XACT_x86.cab
[05/05/2008|22:10] C:\Program Files\directx
[30/06/2008|17:58] C:\Program Files\DivX
[05/03/2008|16:30] C:\Program Files\DSETUP.dll
[05/03/2008|16:30] C:\Program Files\dsetup32.dll
[05/03/2008|16:30] C:\Program Files\dxdllreg_x86.cab
[05/03/2008|16:30] C:\Program Files\dxnt.cab
[05/03/2008|16:30] C:\Program Files\DXSETUP.exe
[05/03/2008|16:30] C:\Program Files\dxupdate.cab
[24/06/2008|18:57] C:\Program Files\EA Games
[22/06/2008|13:55] C:\Program Files\Easy Lock Pub
[05/03/2008|16:30] C:\Program Files\Feb2005_d3dx9_24_x64.cab
[05/03/2008|16:30] C:\Program Files\Feb2005_d3dx9_24_x86.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_d3dx9_29_x64.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_d3dx9_29_x86.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\FEB2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\FEB2007_XACT_x86.cab
[08/07/2008|16:12] C:\Program Files\Fichiers communs
[08/07/2008|17:26] C:\Program Files\Four Meow Name
[20/05/2008|21:59] C:\Program Files\Google
[14/10/2007|15:42] C:\Program Files\HP
[24/06/2008|19:04] C:\Program Files\InstallShield Installation Information
[09/07/2008|12:31] C:\Program Files\Internet Explorer
[02/06/2008|02:11] C:\Program Files\Java
[25/06/2008|01:52] C:\Program Files\JCA2000
[05/03/2008|16:30] C:\Program Files\Jun2005_d3dx9_26_x64.cab
[05/03/2008|16:30] C:\Program Files\Jun2005_d3dx9_26_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx10_34_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx10_34_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx9_34_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx9_34_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_XACT_x86.cab
[09/10/2007|22:59] C:\Program Files\Logitech
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx10_37_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx10_37_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx9_37_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx9_37_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_X3DAudio_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_X3DAudio_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XAudio_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XAudio_x86.cab
[09/07/2008|02:39] C:\Program Files\Messenger
[08/07/2008|17:26] C:\Program Files\Messenger Plus! Live
[09/10/2007|20:54] C:\Program Files\microsoft frontpage
[15/01/2008|14:54] C:\Program Files\Microsoft Office
[09/07/2008|03:12] C:\Program Files\Microsoft Silverlight
[08/07/2008|15:43] C:\Program Files\mIRC
[09/07/2008|02:38] C:\Program Files\Movie Maker
[09/07/2008|14:33] C:\Program Files\Mozilla Firefox
[30/05/2008|17:04] C:\Program Files\MSN
[09/10/2007|20:50] C:\Program Files\MSN Gaming Zone
[08/07/2008|16:01] C:\Program Files\MSN Messenger
[15/10/2007|17:22] C:\Program Files\MSXML 4.0
[08/07/2008|15:48] C:\Program Files\Mumble
[25/06/2008|02:34] C:\Program Files\Navilog1
[09/07/2008|02:37] C:\Program Files\NetMeeting
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx10_36_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx10_36_x86.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx9_36_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx9_36_x86.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_X3DAudio_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_X3DAudio_x86.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\Oct2005_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\Oct2005_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_d3dx9_31_x64.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_d3dx9_31_x86.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_XACT_x86.cab
[09/10/2007|20:50] C:\Program Files\Online Services
[09/07/2008|02:37] C:\Program Files\Outlook Express
[09/06/2008|13:33] C:\Program Files\Panicware
[03/06/2008|12:41] C:\Program Files\PokerRoom.com
[09/05/2008|21:48] C:\Program Files\Realtek
[11/10/2007|21:27] C:\Program Files\Schmads Inc
[09/10/2007|20:52] C:\Program Files\Services en ligne
[19/12/2007|18:29] C:\Program Files\Sony Setup
[09/07/2008|12:33] C:\Program Files\Steam
[02/06/2008|02:11] C:\Program Files\Sun
[08/07/2008|15:46] C:\Program Files\Teamspeak2_RC2
[23/10/2007|17:12] C:\Program Files\Tournament.com
[21/05/2008|18:27] C:\Program Files\Trust HS-6200 Surround USB Headset
[09/10/2007|20:59] C:\Program Files\Uninstall Information
[13/05/2008|15:57] C:\Program Files\uTorrent
[13/12/2007|14:39] C:\Program Files\VideoLAN
[08/07/2008|16:12] C:\Program Files\Windows Live
[29/01/2008|17:48] C:\Program Files\Windows Media Connect 2
[09/07/2008|03:09] C:\Program Files\Windows Media Player
[09/07/2008|02:37] C:\Program Files\Windows NT
[09/10/2007|20:52] C:\Program Files\WindowsUpdate
[11/10/2007|21:18] C:\Program Files\WinRAR
[09/10/2007|20:54] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[22/05/2008|17:17] C:\Program Files\Fichiers communs\BitDefender
[03/05/2008|16:15] C:\Program Files\Fichiers communs\Blizzard Entertainment
[14/10/2007|15:30] C:\Program Files\Fichiers communs\Hewlett-Packard
[08/07/2008|19:35] C:\Program Files\Fichiers communs\InstallShield
[02/04/2008|16:35] C:\Program Files\Fichiers communs\Java
[08/07/2008|16:12] C:\Program Files\Fichiers communs\Microsoft Shared
[09/10/2007|20:52] C:\Program Files\Fichiers communs\MSSoap
[09/10/2007|22:44] C:\Program Files\Fichiers communs\ODBC
[09/10/2007|20:52] C:\Program Files\Fichiers communs\Services
[09/10/2007|22:44] C:\Program Files\Fichiers communs\SpeechEngines
[25/05/2008|23:33] C:\Program Files\Fichiers communs\Symantec Shared
[09/07/2008|02:37] C:\Program Files\Fichiers communs\System
[15/04/2008|12:29] C:\Program Files\Fichiers communs\Teleca Shared
[08/07/2008|16:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 27
iexplore.exe ~ [1480]
iexplore.exe ~ [1544]
----------------------[ Recherche avec S_Lop ]---------------------
C:\DOCUME~1\Roland\LOCALS~1\Temp\bisD7.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\Bowsjumpgramtick.exe
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\build funk download.exe
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\coydokqv.exe
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\hnksxriu.exe
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\OnceOkay.exe
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\xuuazcsj.exe
C:\DOCUME~1\Roland\APPLIC~1\fourme~1
C:\DOCUME~1\Roland\APPLIC~1\fourme~1\Bowsjumpgramtick.exe
C:\DOCUME~1\Roland\APPLIC~1\fourme~1\build funk download.exe
C:\DOCUME~1\Roland\APPLIC~1\fourme~1\OnceOkay.exe
C:\DOCUME~1\Roland\APPLIC~1\fourme~1\zfbfrvky.exe
C:\Program Files\fourme~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Prefetch\BUILD FUNK DOWNLOAD.EXE-05AB109D.pf
C:\WINDOWS\Prefetch\ONCEOKAY.EXE-085A9951.pf
C:\DOCUME~1\Roland\Cookies\roland@adin.bigpoint[2].txt
C:\DOCUME~1\Roland\Cookies\roland@bigpoint[1].txt
C:\DOCUME~1\Roland\Cookies\roland@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\Roland\Cookies\roland@banner.casinoking[2].txt
C:\DOCUME~1\Roland\Cookies\roland@casinoking[1].txt
C:\DOCUME~1\Roland\Cookies\roland@adopt.euroclick[1].txt
C:\DOCUME~1\Roland\Cookies\roland@pacificpoker[1].txt
C:\DOCUME~1\Roland\Cookies\roland@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\Roland\Cookies\roland@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\AD46670091BA1AC4.job
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hide chin"="C:\\DOCUME~1\\Roland\\APPLIC~1\\FOURME~1\\OnceOkay.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-09 14:36:00
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
[F:95][D:9]-> C:\DOCUME~1\Roland\LOCALS~1\Temp
[F:107][D:0]-> C:\DOCUME~1\Roland\Cookies
[F:2610][D:4]-> C:\DOCUME~1\Roland\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 14:36:20,56 ]----------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 3 ]
[ USER : Roland ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 09/07/2008 | 14:34:57,04 ] [ PC : GUILZ ]
[ MAJ : 06-07-2008 | 10:55 ]
-------------[ Listing des dossiers dans Application Data ]------------
[20/06/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[09/10/2007|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/06/2008|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Emjysoft
[20/05/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14/10/2007|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[16/10/2007|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[22/06/2008|03:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[09/10/2007|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[09/06/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[19/05/2008|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/05/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[21/06/2008|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data
[09/06/2008|13:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[25/05/2008|23:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[25/06/2008|01:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[10/10/2007|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tournament.com Client
[25/06/2008|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[20/10/2007|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/07/2008|16:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
[08/07/2008|18:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Logitech
[08/07/2008|17:43] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[08/07/2008|16:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[08/07/2008|17:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\One idol win data
[09/07/2008|02:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[08/07/2008|16:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[09/10/2007|22:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|03:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/07/2008|16:38] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini
[08/07/2008|14:52] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[28/05/2008|15:50] C:\DOCUME~1\GuiLz\APPLIC~1\Adobe
[09/10/2007|22:43] C:\DOCUME~1\GuiLz\APPLIC~1\desktop.ini
[30/06/2008|19:38] C:\DOCUME~1\GuiLz\APPLIC~1\DivX
[12/06/2008|23:13] C:\DOCUME~1\GuiLz\APPLIC~1\dvdcss
[25/06/2008|02:11] C:\DOCUME~1\GuiLz\APPLIC~1\Emjysoft
[21/06/2008|21:27] C:\DOCUME~1\GuiLz\APPLIC~1\Four Meow Name
[15/03/2008|23:50] C:\DOCUME~1\GuiLz\APPLIC~1\Google
[09/10/2007|20:59] C:\DOCUME~1\GuiLz\APPLIC~1\Identities
[09/05/2008|21:48] C:\DOCUME~1\GuiLz\APPLIC~1\InstallShield
[01/07/2008|01:07] C:\DOCUME~1\GuiLz\APPLIC~1\LimeWire
[15/03/2008|23:01] C:\DOCUME~1\GuiLz\APPLIC~1\Macromedia
[09/06/2008|12:56] C:\DOCUME~1\GuiLz\APPLIC~1\Malwarebytes
[30/04/2008|16:54] C:\DOCUME~1\GuiLz\APPLIC~1\Microsoft
[27/06/2008|22:32] C:\DOCUME~1\GuiLz\APPLIC~1\mIRC
[25/06/2008|23:49] C:\DOCUME~1\GuiLz\APPLIC~1\Mozilla
[05/12/2007|19:49] C:\DOCUME~1\GuiLz\APPLIC~1\Sony Ericsson
[02/06/2008|15:50] C:\DOCUME~1\GuiLz\APPLIC~1\Sun
[03/07/2008|14:29] C:\DOCUME~1\GuiLz\APPLIC~1\teamspeak2
[05/12/2007|19:51] C:\DOCUME~1\GuiLz\APPLIC~1\Teleca
[16/06/2008|19:18] C:\DOCUME~1\GuiLz\APPLIC~1\uTorrent
[10/10/2007|00:39] C:\DOCUME~1\GuiLz\APPLIC~1\vlc
[11/10/2007|21:18] C:\DOCUME~1\GuiLz\APPLIC~1\WinRAR
[09/10/2007|20:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/07/2008|14:52] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[09/10/2007|20:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/07/2008|14:52] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[08/07/2008|15:21] C:\DOCUME~1\Roland\APPLIC~1\Adobe
[08/07/2008|16:38] C:\DOCUME~1\Roland\APPLIC~1\desktop.ini
[08/07/2008|17:27] C:\DOCUME~1\Roland\APPLIC~1\Four Meow Name
[08/07/2008|15:01] C:\DOCUME~1\Roland\APPLIC~1\Identities
[08/07/2008|15:21] C:\DOCUME~1\Roland\APPLIC~1\Macromedia
[09/07/2008|03:33] C:\DOCUME~1\Roland\APPLIC~1\Microsoft
[08/07/2008|15:43] C:\DOCUME~1\Roland\APPLIC~1\mIRC
[08/07/2008|15:17] C:\DOCUME~1\Roland\APPLIC~1\Mozilla
[08/07/2008|16:23] C:\DOCUME~1\Roland\APPLIC~1\teamspeak2
[09/07/2008|02:19] C:\DOCUME~1\Roland\APPLIC~1\vlc
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[09/07/2008 14:00][--ah-----] C:\WINDOWS\tasks\AD46670091BA1AC4.job
[09/07/2008 12:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
AD46670091BA1AC4.job <--> c:\docume~1\roland\applic~1\fourme~1\buildfunkdownload.exe
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/04/2008|15:44] C:\Program Files\3DO
[21/05/2008|16:26] C:\Program Files\Alwil Software
[05/03/2008|16:30] C:\Program Files\Apr2005_d3dx9_25_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2005_d3dx9_25_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_d3dx9_30_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_d3dx9_30_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_MDX1_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx10_33_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx10_33_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx9_33_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx9_33_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\Aug2005_d3dx9_27_x64.cab
[05/03/2008|16:30] C:\Program Files\Aug2005_d3dx9_27_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx10_35_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx10_35_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx9_35_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx9_35_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\BDANT.cab
[05/03/2008|16:30] C:\Program Files\BDAXP.cab
[20/06/2008|12:42] C:\Program Files\BitDefender
[08/07/2008|15:42] C:\Program Files\CamStudio
[08/07/2008|15:49] C:\Program Files\CarbonPoker
[08/07/2008|17:26] C:\Program Files\Circle Developement
[09/10/2007|20:51] C:\Program Files\ComPlus Applications
[05/03/2008|16:30] C:\Program Files\Dec2005_d3dx9_28_x64.cab
[05/03/2008|16:30] C:\Program Files\Dec2005_d3dx9_28_x86.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx10_00_x64.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx10_00_x86.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx9_32_x64.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx9_32_x86.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_XACT_x86.cab
[05/05/2008|22:10] C:\Program Files\directx
[30/06/2008|17:58] C:\Program Files\DivX
[05/03/2008|16:30] C:\Program Files\DSETUP.dll
[05/03/2008|16:30] C:\Program Files\dsetup32.dll
[05/03/2008|16:30] C:\Program Files\dxdllreg_x86.cab
[05/03/2008|16:30] C:\Program Files\dxnt.cab
[05/03/2008|16:30] C:\Program Files\DXSETUP.exe
[05/03/2008|16:30] C:\Program Files\dxupdate.cab
[24/06/2008|18:57] C:\Program Files\EA Games
[22/06/2008|13:55] C:\Program Files\Easy Lock Pub
[05/03/2008|16:30] C:\Program Files\Feb2005_d3dx9_24_x64.cab
[05/03/2008|16:30] C:\Program Files\Feb2005_d3dx9_24_x86.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_d3dx9_29_x64.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_d3dx9_29_x86.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\FEB2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\FEB2007_XACT_x86.cab
[08/07/2008|16:12] C:\Program Files\Fichiers communs
[08/07/2008|17:26] C:\Program Files\Four Meow Name
[20/05/2008|21:59] C:\Program Files\Google
[14/10/2007|15:42] C:\Program Files\HP
[24/06/2008|19:04] C:\Program Files\InstallShield Installation Information
[09/07/2008|12:31] C:\Program Files\Internet Explorer
[02/06/2008|02:11] C:\Program Files\Java
[25/06/2008|01:52] C:\Program Files\JCA2000
[05/03/2008|16:30] C:\Program Files\Jun2005_d3dx9_26_x64.cab
[05/03/2008|16:30] C:\Program Files\Jun2005_d3dx9_26_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx10_34_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx10_34_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx9_34_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx9_34_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_XACT_x86.cab
[09/10/2007|22:59] C:\Program Files\Logitech
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx10_37_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx10_37_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx9_37_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx9_37_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_X3DAudio_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_X3DAudio_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XAudio_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XAudio_x86.cab
[09/07/2008|02:39] C:\Program Files\Messenger
[08/07/2008|17:26] C:\Program Files\Messenger Plus! Live
[09/10/2007|20:54] C:\Program Files\microsoft frontpage
[15/01/2008|14:54] C:\Program Files\Microsoft Office
[09/07/2008|03:12] C:\Program Files\Microsoft Silverlight
[08/07/2008|15:43] C:\Program Files\mIRC
[09/07/2008|02:38] C:\Program Files\Movie Maker
[09/07/2008|14:33] C:\Program Files\Mozilla Firefox
[30/05/2008|17:04] C:\Program Files\MSN
[09/10/2007|20:50] C:\Program Files\MSN Gaming Zone
[08/07/2008|16:01] C:\Program Files\MSN Messenger
[15/10/2007|17:22] C:\Program Files\MSXML 4.0
[08/07/2008|15:48] C:\Program Files\Mumble
[25/06/2008|02:34] C:\Program Files\Navilog1
[09/07/2008|02:37] C:\Program Files\NetMeeting
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx10_36_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx10_36_x86.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx9_36_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx9_36_x86.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_X3DAudio_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_X3DAudio_x86.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\Oct2005_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\Oct2005_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_d3dx9_31_x64.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_d3dx9_31_x86.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_XACT_x86.cab
[09/10/2007|20:50] C:\Program Files\Online Services
[09/07/2008|02:37] C:\Program Files\Outlook Express
[09/06/2008|13:33] C:\Program Files\Panicware
[03/06/2008|12:41] C:\Program Files\PokerRoom.com
[09/05/2008|21:48] C:\Program Files\Realtek
[11/10/2007|21:27] C:\Program Files\Schmads Inc
[09/10/2007|20:52] C:\Program Files\Services en ligne
[19/12/2007|18:29] C:\Program Files\Sony Setup
[09/07/2008|12:33] C:\Program Files\Steam
[02/06/2008|02:11] C:\Program Files\Sun
[08/07/2008|15:46] C:\Program Files\Teamspeak2_RC2
[23/10/2007|17:12] C:\Program Files\Tournament.com
[21/05/2008|18:27] C:\Program Files\Trust HS-6200 Surround USB Headset
[09/10/2007|20:59] C:\Program Files\Uninstall Information
[13/05/2008|15:57] C:\Program Files\uTorrent
[13/12/2007|14:39] C:\Program Files\VideoLAN
[08/07/2008|16:12] C:\Program Files\Windows Live
[29/01/2008|17:48] C:\Program Files\Windows Media Connect 2
[09/07/2008|03:09] C:\Program Files\Windows Media Player
[09/07/2008|02:37] C:\Program Files\Windows NT
[09/10/2007|20:52] C:\Program Files\WindowsUpdate
[11/10/2007|21:18] C:\Program Files\WinRAR
[09/10/2007|20:54] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[22/05/2008|17:17] C:\Program Files\Fichiers communs\BitDefender
[03/05/2008|16:15] C:\Program Files\Fichiers communs\Blizzard Entertainment
[14/10/2007|15:30] C:\Program Files\Fichiers communs\Hewlett-Packard
[08/07/2008|19:35] C:\Program Files\Fichiers communs\InstallShield
[02/04/2008|16:35] C:\Program Files\Fichiers communs\Java
[08/07/2008|16:12] C:\Program Files\Fichiers communs\Microsoft Shared
[09/10/2007|20:52] C:\Program Files\Fichiers communs\MSSoap
[09/10/2007|22:44] C:\Program Files\Fichiers communs\ODBC
[09/10/2007|20:52] C:\Program Files\Fichiers communs\Services
[09/10/2007|22:44] C:\Program Files\Fichiers communs\SpeechEngines
[25/05/2008|23:33] C:\Program Files\Fichiers communs\Symantec Shared
[09/07/2008|02:37] C:\Program Files\Fichiers communs\System
[15/04/2008|12:29] C:\Program Files\Fichiers communs\Teleca Shared
[08/07/2008|16:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 27
iexplore.exe ~ [1480]
iexplore.exe ~ [1544]
----------------------[ Recherche avec S_Lop ]---------------------
C:\DOCUME~1\Roland\LOCALS~1\Temp\bisD7.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\Bowsjumpgramtick.exe
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\build funk download.exe
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\coydokqv.exe
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\hnksxriu.exe
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\OnceOkay.exe
C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\xuuazcsj.exe
C:\DOCUME~1\Roland\APPLIC~1\fourme~1
C:\DOCUME~1\Roland\APPLIC~1\fourme~1\Bowsjumpgramtick.exe
C:\DOCUME~1\Roland\APPLIC~1\fourme~1\build funk download.exe
C:\DOCUME~1\Roland\APPLIC~1\fourme~1\OnceOkay.exe
C:\DOCUME~1\Roland\APPLIC~1\fourme~1\zfbfrvky.exe
C:\Program Files\fourme~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Prefetch\BUILD FUNK DOWNLOAD.EXE-05AB109D.pf
C:\WINDOWS\Prefetch\ONCEOKAY.EXE-085A9951.pf
C:\DOCUME~1\Roland\Cookies\roland@adin.bigpoint[2].txt
C:\DOCUME~1\Roland\Cookies\roland@bigpoint[1].txt
C:\DOCUME~1\Roland\Cookies\roland@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\Roland\Cookies\roland@banner.casinoking[2].txt
C:\DOCUME~1\Roland\Cookies\roland@casinoking[1].txt
C:\DOCUME~1\Roland\Cookies\roland@adopt.euroclick[1].txt
C:\DOCUME~1\Roland\Cookies\roland@pacificpoker[1].txt
C:\DOCUME~1\Roland\Cookies\roland@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\Roland\Cookies\roland@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\AD46670091BA1AC4.job
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hide chin"="C:\\DOCUME~1\\Roland\\APPLIC~1\\FOURME~1\\OnceOkay.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-09 14:36:00
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
[F:95][D:9]-> C:\DOCUME~1\Roland\LOCALS~1\Temp
[F:107][D:0]-> C:\DOCUME~1\Roland\Cookies
[F:2610][D:4]-> C:\DOCUME~1\Roland\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 14:36:20,56 ]----------------------
Re,
Sélectionne entièrement l'encadré ci-dessous , puis clique droit Copier
Relance Lop S&D.
Choisis cette fois ci l'Option 4 (LopScript)
Une page blanche va s'ouvrir , clique droit dessus et choisis Coller
Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré (C:\lopR.txt)
Sélectionne entièrement l'encadré ci-dessous , puis clique droit Copier
C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\One idol win data
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\One idol win data
Relance Lop S&D.
-----------------------[ Lop S&D 4.2.2-0 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 3 ]
[ USER : Roland ] [ "C:\Lop SD" ] [ Selection : 4 ]
[ 09/07/2008 | 15:17:25,76 ] [ PC : GUILZ ]
[ MAJ : 06-07-2008 | 10:55 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ LopScript //////////////////////////////////
C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\One idol win data
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data
Echec ! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\One idol win data
Echec ! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\One idol win data
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprime! - C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\Bowsjumpgramtick.exe
Supprime! - C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\build funk download.exe
Supprime! - C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\coydokqv.exe
Supprime! - C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\hnksxriu.exe
Supprime! - C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\OnceOkay.exe
Supprime! - C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1\xuuazcsj.exe
Supprime! - C:\DOCUME~1\Roland\APPLIC~1\fourme~1\Bowsjumpgramtick.exe
Supprime! - C:\DOCUME~1\Roland\APPLIC~1\fourme~1\build funk download.exe
Supprime! - C:\DOCUME~1\Roland\APPLIC~1\fourme~1\OnceOkay.exe
Supprime! - C:\DOCUME~1\Roland\APPLIC~1\fourme~1\zfbfrvky.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\WINDOWS\Prefetch\BUILD FUNK DOWNLOAD.EXE-05AB109D.pf
Supprime! - C:\WINDOWS\Prefetch\ONCEOKAY.EXE-085A9951.pf
Supprime! - C:\DOCUME~1\Roland\Cookies\roland@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\Roland\Cookies\roland@bigpoint[1].txt
Supprime! - C:\DOCUME~1\Roland\Cookies\roland@fr1.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\Roland\Cookies\roland@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\Roland\Cookies\roland@casinoking[1].txt
Supprime! - C:\DOCUME~1\Roland\Cookies\roland@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\Roland\Cookies\roland@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\Roland\Cookies\roland@www.2xmoinscher[1].txt
Supprime! - C:\WINDOWS\Tasks\AD46670091BA1AC4.job
Supprime! - C:\DOCUME~1\Roland\LOCALS~1\Temp\bisD7.exe
Supprime! - C:\DOCUME~1\GuiLz\APPLIC~1\fourme~1
Supprime! - C:\DOCUME~1\Roland\APPLIC~1\fourme~1
Supprime! - C:\Program Files\fourme~1
Supprime! - C:\Program Files\Circle Developement
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans APPLIC~1 ]------------
[20/06/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[09/10/2007|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/06/2008|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Emjysoft
[20/05/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14/10/2007|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[16/10/2007|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[22/06/2008|03:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[09/10/2007|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[09/06/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[19/05/2008|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/05/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/06/2008|13:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[25/05/2008|23:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[25/06/2008|01:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[10/10/2007|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tournament.com Client
[25/06/2008|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[20/10/2007|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/07/2008|16:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
[08/07/2008|18:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Logitech
[08/07/2008|17:43] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[08/07/2008|16:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[08/07/2008|17:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\One idol win data
[09/07/2008|02:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[08/07/2008|16:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[09/10/2007|22:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|03:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/07/2008|16:38] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini
[08/07/2008|14:52] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[28/05/2008|15:50] C:\DOCUME~1\GuiLz\APPLIC~1\Adobe
[09/10/2007|22:43] C:\DOCUME~1\GuiLz\APPLIC~1\desktop.ini
[30/06/2008|19:38] C:\DOCUME~1\GuiLz\APPLIC~1\DivX
[12/06/2008|23:13] C:\DOCUME~1\GuiLz\APPLIC~1\dvdcss
[25/06/2008|02:11] C:\DOCUME~1\GuiLz\APPLIC~1\Emjysoft
[15/03/2008|23:50] C:\DOCUME~1\GuiLz\APPLIC~1\Google
[09/10/2007|20:59] C:\DOCUME~1\GuiLz\APPLIC~1\Identities
[09/05/2008|21:48] C:\DOCUME~1\GuiLz\APPLIC~1\InstallShield
[01/07/2008|01:07] C:\DOCUME~1\GuiLz\APPLIC~1\LimeWire
[15/03/2008|23:01] C:\DOCUME~1\GuiLz\APPLIC~1\Macromedia
[09/06/2008|12:56] C:\DOCUME~1\GuiLz\APPLIC~1\Malwarebytes
[30/04/2008|16:54] C:\DOCUME~1\GuiLz\APPLIC~1\Microsoft
[27/06/2008|22:32] C:\DOCUME~1\GuiLz\APPLIC~1\mIRC
[25/06/2008|23:49] C:\DOCUME~1\GuiLz\APPLIC~1\Mozilla
[05/12/2007|19:49] C:\DOCUME~1\GuiLz\APPLIC~1\Sony Ericsson
[02/06/2008|15:50] C:\DOCUME~1\GuiLz\APPLIC~1\Sun
[03/07/2008|14:29] C:\DOCUME~1\GuiLz\APPLIC~1\teamspeak2
[05/12/2007|19:51] C:\DOCUME~1\GuiLz\APPLIC~1\Teleca
[16/06/2008|19:18] C:\DOCUME~1\GuiLz\APPLIC~1\uTorrent
[10/10/2007|00:39] C:\DOCUME~1\GuiLz\APPLIC~1\vlc
[11/10/2007|21:18] C:\DOCUME~1\GuiLz\APPLIC~1\WinRAR
[09/10/2007|20:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/07/2008|14:52] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[09/10/2007|20:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/07/2008|14:52] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[08/07/2008|15:21] C:\DOCUME~1\Roland\APPLIC~1\Adobe
[08/07/2008|16:38] C:\DOCUME~1\Roland\APPLIC~1\desktop.ini
[08/07/2008|15:01] C:\DOCUME~1\Roland\APPLIC~1\Identities
[08/07/2008|15:21] C:\DOCUME~1\Roland\APPLIC~1\Macromedia
[09/07/2008|03:33] C:\DOCUME~1\Roland\APPLIC~1\Microsoft
[08/07/2008|15:43] C:\DOCUME~1\Roland\APPLIC~1\mIRC
[08/07/2008|15:17] C:\DOCUME~1\Roland\APPLIC~1\Mozilla
[08/07/2008|16:23] C:\DOCUME~1\Roland\APPLIC~1\teamspeak2
[09/07/2008|02:19] C:\DOCUME~1\Roland\APPLIC~1\vlc
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[09/07/2008 12:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/04/2008|15:44] C:\Program Files\3DO
[21/05/2008|16:26] C:\Program Files\Alwil Software
[05/03/2008|16:30] C:\Program Files\Apr2005_d3dx9_25_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2005_d3dx9_25_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_d3dx9_30_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_d3dx9_30_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_MDX1_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\Apr2006_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx10_33_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx10_33_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx9_33_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_d3dx9_33_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\APR2007_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\APR2007_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\Aug2005_d3dx9_27_x64.cab
[05/03/2008|16:30] C:\Program Files\Aug2005_d3dx9_27_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2006_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx10_35_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx10_35_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx9_35_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_d3dx9_35_x86.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\AUG2007_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\BDANT.cab
[05/03/2008|16:30] C:\Program Files\BDAXP.cab
[20/06/2008|12:42] C:\Program Files\BitDefender
[08/07/2008|15:42] C:\Program Files\CamStudio
[08/07/2008|15:49] C:\Program Files\CarbonPoker
[09/10/2007|20:51] C:\Program Files\ComPlus Applications
[05/03/2008|16:30] C:\Program Files\Dec2005_d3dx9_28_x64.cab
[05/03/2008|16:30] C:\Program Files\Dec2005_d3dx9_28_x86.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx10_00_x64.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx10_00_x86.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx9_32_x64.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_d3dx9_32_x86.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\DEC2006_XACT_x86.cab
[05/05/2008|22:10] C:\Program Files\directx
[30/06/2008|17:58] C:\Program Files\DivX
[05/03/2008|16:30] C:\Program Files\DSETUP.dll
[05/03/2008|16:30] C:\Program Files\dsetup32.dll
[05/03/2008|16:30] C:\Program Files\dxdllreg_x86.cab
[05/03/2008|16:30] C:\Program Files\dxnt.cab
[05/03/2008|16:30] C:\Program Files\DXSETUP.exe
[05/03/2008|16:30] C:\Program Files\dxupdate.cab
[24/06/2008|18:57] C:\Program Files\EA Games
[22/06/2008|13:55] C:\Program Files\Easy Lock Pub
[05/03/2008|16:30] C:\Program Files\Feb2005_d3dx9_24_x64.cab
[05/03/2008|16:30] C:\Program Files\Feb2005_d3dx9_24_x86.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_d3dx9_29_x64.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_d3dx9_29_x86.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\Feb2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\FEB2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\FEB2007_XACT_x86.cab
[08/07/2008|16:12] C:\Program Files\Fichiers communs
[20/05/2008|21:59] C:\Program Files\Google
[14/10/2007|15:42] C:\Program Files\HP
[24/06/2008|19:04] C:\Program Files\InstallShield Installation Information
[09/07/2008|12:31] C:\Program Files\Internet Explorer
[02/06/2008|02:11] C:\Program Files\Java
[25/06/2008|01:52] C:\Program Files\JCA2000
[05/03/2008|16:30] C:\Program Files\Jun2005_d3dx9_26_x64.cab
[05/03/2008|16:30] C:\Program Files\Jun2005_d3dx9_26_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2006_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx10_34_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx10_34_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx9_34_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_d3dx9_34_x86.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\JUN2007_XACT_x86.cab
[09/10/2007|22:59] C:\Program Files\Logitech
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx10_37_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx10_37_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx9_37_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_d3dx9_37_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_X3DAudio_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_X3DAudio_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XAudio_x64.cab
[05/03/2008|16:30] C:\Program Files\Mar2008_XAudio_x86.cab
[09/07/2008|02:39] C:\Program Files\Messenger
[08/07/2008|17:26] C:\Program Files\Messenger Plus! Live
[09/10/2007|20:54] C:\Program Files\microsoft frontpage
[15/01/2008|14:54] C:\Program Files\Microsoft Office
[09/07/2008|03:12] C:\Program Files\Microsoft Silverlight
[08/07/2008|15:43] C:\Program Files\mIRC
[09/07/2008|02:38] C:\Program Files\Movie Maker
[09/07/2008|15:15] C:\Program Files\Mozilla Firefox
[30/05/2008|17:04] C:\Program Files\MSN
[09/10/2007|20:50] C:\Program Files\MSN Gaming Zone
[08/07/2008|16:01] C:\Program Files\MSN Messenger
[15/10/2007|17:22] C:\Program Files\MSXML 4.0
[08/07/2008|15:48] C:\Program Files\Mumble
[25/06/2008|02:34] C:\Program Files\Navilog1
[09/07/2008|02:37] C:\Program Files\NetMeeting
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx10_36_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx10_36_x86.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx9_36_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_d3dx9_36_x86.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_X3DAudio_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_X3DAudio_x86.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\NOV2007_XACT_x86.cab
[05/03/2008|16:30] C:\Program Files\Oct2005_xinput_x64.cab
[05/03/2008|16:30] C:\Program Files\Oct2005_xinput_x86.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_d3dx9_31_x64.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_d3dx9_31_x86.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_XACT_x64.cab
[05/03/2008|16:30] C:\Program Files\OCT2006_XACT_x86.cab
[09/10/2007|20:50] C:\Program Files\Online Services
[09/07/2008|02:37] C:\Program Files\Outlook Express
[09/06/2008|13:33] C:\Program Files\Panicware
[03/06/2008|12:41] C:\Program Files\PokerRoom.com
[09/05/2008|21:48] C:\Program Files\Realtek
[11/10/2007|21:27] C:\Program Files\Schmads Inc
[09/10/2007|20:52] C:\Program Files\Services en ligne
[19/12/2007|18:29] C:\Program Files\Sony Setup
[09/07/2008|12:33] C:\Program Files\Steam
[02/06/2008|02:11] C:\Program Files\Sun
[08/07/2008|15:46] C:\Program Files\Teamspeak2_RC2
[23/10/2007|17:12] C:\Program Files\Tournament.com
[21/05/2008|18:27] C:\Program Files\Trust HS-6200 Surround USB Headset
[09/10/2007|20:59] C:\Program Files\Uninstall Information
[13/05/2008|15:57] C:\Program Files\uTorrent
[13/12/2007|14:39] C:\Program Files\VideoLAN
[08/07/2008|16:12] C:\Program Files\Windows Live
[29/01/2008|17:48] C:\Program Files\Windows Media Connect 2
[09/07/2008|03:09] C:\Program Files\Windows Media Player
[09/07/2008|02:37] C:\Program Files\Windows NT
[09/10/2007|20:52] C:\Program Files\WindowsUpdate
[11/10/2007|21:18] C:\Program Files\WinRAR
[09/10/2007|20:54] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[22/05/2008|17:17] C:\Program Files\Fichiers communs\BitDefender
[03/05/2008|16:15] C:\Program Files\Fichiers communs\Blizzard Entertainment
[14/10/2007|15:30] C:\Program Files\Fichiers communs\Hewlett-Packard
[08/07/2008|19:35] C:\Program Files\Fichiers communs\InstallShield
[02/04/2008|16:35] C:\Program Files\Fichiers communs\Java
[08/07/2008|16:12] C:\Program Files\Fichiers communs\Microsoft Shared
[09/10/2007|20:52] C:\Program Files\Fichiers communs\MSSoap
[09/10/2007|22:44] C:\Program Files\Fichiers communs\ODBC
[09/10/2007|20:52] C:\Program Files\Fichiers communs\Services
[09/10/2007|22:44] C:\Program Files\Fichiers communs\SpeechEngines
[25/05/2008|23:33] C:\Program Files\Fichiers communs\Symantec Shared
[09/07/2008|02:37] C:\Program Files\Fichiers communs\System
[15/04/2008|12:29] C:\Program Files\Fichiers communs\Teleca Shared
[08/07/2008|16:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 27
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-09 15:18:32
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
[F:78][D:9]-> C:\DOCUME~1\Roland\LOCALS~1\Temp
[F:99][D:0]-> C:\DOCUME~1\Roland\Cookies
[F:2611][D:4]-> C:\DOCUME~1\Roland\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 15:18:49,87 ]----------------------
Re,
Tu vas ici via le poste de travail:
C:\Documents and Settings\All users.WIN\Application Data
et tu supprimes ce dossier : One idol win data
Fais le en mode sans échec.
Redémarrer en mode sans échec
Tu vas ici via le poste de travail:
C:\Documents and Settings\All users.WIN\Application Data
et tu supprimes ce dossier : One idol win data
Fais le en mode sans échec.
Redémarrer en mode sans échec
Il doit être caché.
- Poste de travail/outils/option des dossiers/affichage/cocher afficher les fichiers et dossiers cachés/Appliquer - - > OK
- Poste de travail/outils/option des dossiers/affichage/décocher masquer les fichiers protégés du système d’exploitation./Appliquer - - > OK
- Poste de travail/outils/option des dossiers/affichage/décocher masquer les extensions dont le type est connu/Appliquer - - > OK
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
- Poste de travail/outils/option des dossiers/affichage/cocher afficher les fichiers et dossiers cachés/Appliquer - - > OK
- Poste de travail/outils/option des dossiers/affichage/décocher masquer les fichiers protégés du système d’exploitation./Appliquer - - > OK
- Poste de travail/outils/option des dossiers/affichage/décocher masquer les extensions dont le type est connu/Appliquer - - > OK
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
voici le rapport ^^ je vais surfer xd <.< je te tien ou courant si j ai encore de nouvelle fenetre .
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:00, on 10/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\steam\steam.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Roland\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Win Data Book Sect] C:\Documents and Settings\All Users.WINDOWS\Application Data\One idol win data\Bib vga.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Documents and Settings\Roland\Menu Démarrer\Programmes\CarbonPoker\CarbonPoker.lnk (HKCU)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 3446 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:00, on 10/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\steam\steam.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Roland\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Win Data Book Sect] C:\Documents and Settings\All Users.WINDOWS\Application Data\One idol win data\Bib vga.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Documents and Settings\Roland\Menu Démarrer\Programmes\CarbonPoker\CarbonPoker.lnk (HKCU)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 3446 bytes
Re,
On finit![:)]( ":)")
Tu n'as pas d'antivirus :
Télécharge AntiVir sur ton Bureau.
Double clique sur l'exécutable téléchargé pour lancer l'installation.
A la fin de l'installation, clique sur Finish.
Ouvre Antivir, assure-toi qu’il soit bien à jour !
Aide : Comment installer et utiliser AntiVir.
*****************
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées :
Redémarre en mode sans échec
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
[#FF0000]Aide : Comment utiliser MBAM.
**************
Relance Hijackthis (clique droit -> lancer en tant qu'adminstrateur sous Vista), do a system scan only, coche ces lignes (si toujours présentes) :
Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
Puis Fix Checked !
On finit
Tu n'as pas d'antivirus :
Télécharge AntiVir sur ton Bureau.
Aide : Comment installer et utiliser AntiVir.
*****************
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Une fois l'installation et la mise à jour effectuées :
Redémarre en mode sans échec
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
[#FF0000]Aide : Comment utiliser MBAM.
**************
Relance Hijackthis (clique droit -> lancer en tant qu'adminstrateur sous Vista), do a system scan only, coche ces lignes (si toujours présentes) :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Win Data Book Sect] C:\Documents and Settings\All Users.WINDOWS\Application Data\One idol win data\Bib vga.exe
O4 - HKLM\..\Run: [Win Data Book Sect] C:\Documents and Settings\All Users.WINDOWS\Application Data\One idol win data\Bib vga.exe
Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
Puis Fix Checked !
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumProbleme fenetre intempestive cid
- ForumOrdi infecte help fenetre intempestive.
- ForumProbleme fenetre intempestives
- ForumSpy pub intempestive help
- ForumFenetre intempestive pub et fenetre blanche
- ForumOuverture fenetre intempestive dans firefox
- ForumFenetre intempestive ou pop up
- ForumFenetre intempestive de publicite
- ForumFenetre intempestive avast
- ForumMozilla ouverture fenetre intempestive
- Voir plus
