Page cid intempestive
Dernière réponse : dans Sécurité
bonsoir ,je partage mon pc en deux cessions aavec ma femme , mais elle est constament envahie de page cid , alors que moi non ,comment faire pour ne plus avoir ce probleme ? merci
Autres pages sur : page cid intempestive
Lassé par la pub ? Créez un compte
hyunkel30 a dit :
Bonsoir,Je vais te prendre en main,
Cependant je suis en formation, et mes réponses devront être validées par mes formateurs, il se peut donc qu'il y ai un certain temps d'attente lors de nos échanges.
Merci par avance pour ta patiente.
![[:_tom_:7]](http://m.bestofmedia.com/sfp/design/usr/fr/smilies/bd/ec/_tom_:7.gif "[:_tom_:7]")
merci je suis novice en la matiere je vais faire mon maximun pour que tout ce passe bien.
Re,Bien rossdu76,
Les manipulations que je te donnerais à faire seront je l'espère le plus clair possible.
Lis bien la manipulation, et n'hésite pas à demander si tu ne comprends pas quelque chose avant de le faire.
On y va :
Télécharge Lop S&D.exe (de Eric_71) sur ton Bureau.(autre lien)
* le nom de la partition peut changer
bonsoir , voici le rapport
Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : LAURENT ( Not Administrator ! )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:89 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:181 Go (Free:162 Go)
E:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:134 Go (Free:109 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 28/04/2009|17:55 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[03/03/2009|19:05] C:\Users\LAURENT\AppData\Local\Adobe
[17/10/2008|18:24] C:\Users\LAURENT\AppData\Local\Ahead
[26/04/2009|18:12] C:\Users\LAURENT\AppData\Local\Apple
[03/10/2008|17:19] C:\Users\LAURENT\AppData\Local\Application Data
[22/10/2008|17:49] C:\Users\LAURENT\AppData\Local\Apps
[17/10/2008|17:59] C:\Users\LAURENT\AppData\Local\BVRP Software
[22/11/2008|23:25] C:\Users\LAURENT\AppData\Local\d3d8caps.dat
[28/01/2009|19:46] C:\Users\LAURENT\AppData\Local\d3d9caps.dat
[25/04/2009|00:10] C:\Users\LAURENT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[22/04/2009|10:40] C:\Users\LAURENT\AppData\Local\Deployment
[04/10/2008|22:16] C:\Users\LAURENT\AppData\Local\Eggiz
[06/10/2008|18:42] C:\Users\LAURENT\AppData\Local\eMule
[21/03/2009|16:17] C:\Users\LAURENT\AppData\Local\GDIPFONTCACHEV1.DAT
[14/02/2009|15:28] C:\Users\LAURENT\AppData\Local\Google
[03/10/2008|17:19] C:\Users\LAURENT\AppData\Local\Historique
[28/04/2009|00:21] C:\Users\LAURENT\AppData\Local\IconCache.db
[25/03/2009|19:52] C:\Users\LAURENT\AppData\Local\johnsadventures.com
[25/02/2009|19:38] C:\Users\LAURENT\AppData\Local\Microsoft
[11/11/2008|23:01] C:\Users\LAURENT\AppData\Local\Microsoft Games
[09/10/2008|20:21] C:\Users\LAURENT\AppData\Local\MigWiz
[05/10/2008|19:59] C:\Users\LAURENT\AppData\Local\Mozilla
[03/10/2008|20:22] C:\Users\LAURENT\AppData\Local\Neuf
[21/04/2009|09:27] C:\Users\LAURENT\AppData\Local\Opera
[19/10/2008|15:41] C:\Users\LAURENT\AppData\Local\PunkBuster
[06/01/2009|17:48] C:\Users\LAURENT\AppData\Local\sfzekgc.bat
[08/10/2008|19:34] C:\Users\LAURENT\AppData\Local\Shareaza
[28/04/2009|17:55] C:\Users\LAURENT\AppData\Local\Temp
[03/10/2008|17:19] C:\Users\LAURENT\AppData\Local\Temporary Internet Files
[03/10/2008|19:11] C:\Users\LAURENT\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/04/2009 17:38][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-319377553-3057289751-2592643440-1000.job
[28/04/2009 11:29][--a------] C:\Windows\tasks\Google Software Updater.job
[28/04/2009 17:46][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[28/04/2009 17:46][--a------] C:\Windows\tasks\GlaryInitialize.job
[28/04/2009 17:46][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
[28/04/2009 09:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A8F4455C-1AEE-4560-B1B7-2547A030DEE5}.job
[27/04/2009 17:55][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{8CD1B723-FA39-4DF3-A049-8CD950CD9293}.job
[28/04/2009 08:09][--ah-----] C:\Windows\tasks\SA.DAT
[28/04/2009 00:22][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[24/03/2009|17:17] C:\ProgramData\Adobe
[03/10/2008|11:48] C:\ProgramData\Ahead
[26/04/2009|18:12] C:\ProgramData\Apple
[26/04/2009|18:13] C:\ProgramData\Apple Computer
[03/10/2008|17:12] C:\ProgramData\Application Data
[29/01/2009|08:19] C:\ProgramData\avg8
[23/10/2008|00:18] C:\ProgramData\Azureus
[03/10/2008|17:12] C:\ProgramData\Bureau
[17/10/2008|18:10] C:\ProgramData\BVRP Software
[03/10/2008|17:12] C:\ProgramData\Documents
[02/04/2009|01:45] C:\ProgramData\Dvd tray
[06/10/2008|18:30] C:\ProgramData\eMule
[03/10/2008|17:12] C:\ProgramData\Favoris
[20/12/2008|18:24] C:\ProgramData\Google
[27/04/2009|23:24] C:\ProgramData\Google Updater
[04/01/2009|21:26] C:\ProgramData\Grisoft
[02/02/2009|09:38] C:\ProgramData\hope stupid link.jo49e
[02/02/2009|09:38] C:\ProgramData\Lies shim upload curb
[03/10/2008|18:35] C:\ProgramData\LightScribe
[06/01/2009|21:13] C:\ProgramData\Malwarebytes
[03/10/2008|17:12] C:\ProgramData\Menu D‚marrer
[23/02/2009|19:14] C:\ProgramData\Microsoft
[03/10/2008|17:12] C:\ProgramData\ModŠles
[03/10/2008|11:47] C:\ProgramData\Nero
[28/12/2008|21:16] C:\ProgramData\new love win.wice8k4
[11/12/2008|08:36] C:\ProgramData\NOS
[10/04/2009|08:09] C:\ProgramData\ntuser.pol
[06/10/2008|19:01] C:\ProgramData\NVIDIA
[03/01/2009|10:33] C:\ProgramData\Roamlistlist.69hdy
[02/02/2009|09:37] C:\ProgramData\Roamlistlist.ey2vme5
[02/02/2009|09:37] C:\ProgramData\Roamlistlist.jxcgpn
[28/12/2008|21:14] C:\ProgramData\Roamlistlist.pnr57y
[04/04/2009|18:25] C:\ProgramData\Spybot - Search & Destroy
[06/12/2008|12:36] C:\ProgramData\TuneUp Software
[05/10/2008|12:26] C:\ProgramData\UDL
[18/11/2008|20:42] C:\ProgramData\vlc-0.9.6-win32.exe
[03/10/2008|17:56] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[24/03/2009|17:16] C:\Program Files\Adobe
[26/04/2009|18:12] C:\Program Files\Apple Software Update
[05/10/2008|12:25] C:\Program Files\ArcSoft
[15/03/2009|10:01] C:\Program Files\Avanquest update
[03/10/2008|18:15] C:\Program Files\AVG
[26/12/2008|21:54] C:\Program Files\CCleaner
[19/04/2009|17:11] C:\Program Files\Common Files
[11/12/2008|21:19] C:\Program Files\CyberLink
[05/10/2008|12:28] C:\Program Files\epson
[03/10/2008|17:12] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[20/11/2008|21:33] C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[23/01/2009|19:34] C:\Program Files\Glary Utilities
[15/02/2009|10:56] C:\Program Files\Google
[04/01/2009|21:26] C:\Program Files\Grisoft
[15/03/2009|10:12] C:\Program Files\InstallShield Installation Information
[26/04/2009|18:13] C:\Program Files\Internet Explorer
[15/02/2009|10:41] C:\Program Files\Java
[25/03/2009|19:52] C:\Program Files\johnsadventures.com
[26/01/2009|20:16] C:\Program Files\JRE
[19/04/2009|20:43] C:\Program Files\Malwarebytes' Anti-Malware
[25/12/2008|10:53] C:\Program Files\Micro Application
[18/12/2008|21:21] C:\Program Files\Microsoft
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[21/03/2009|16:11] C:\Program Files\Microsoft IntelliType Pro
[25/02/2009|19:30] C:\Program Files\Microsoft LifeCam
[22/11/2008|18:00] C:\Program Files\Microsoft Office
[26/02/2009|18:49] C:\Program Files\Microsoft Silverlight
[23/02/2009|19:40] C:\Program Files\Microsoft SQL Server Compact Edition
[20/11/2008|21:33] C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[19/04/2009|17:11] C:\Program Files\Motorola
[19/04/2009|17:12] C:\Program Files\Motorola Phone Tools
[21/01/2008|04:47] C:\Program Files\Movie Maker
[08/04/2009|18:20] C:\Program Files\Mozilla Firefox
[02/11/2006|14:35] C:\Program Files\MSBuild
[03/10/2008|17:41] C:\Program Files\MSXML 4.0
[03/10/2008|11:47] C:\Program Files\Nero
[08/10/2008|17:56] C:\Program Files\Neuf
[11/12/2008|08:36] C:\Program Files\NOS
[20/01/2009|19:18] C:\Program Files\Notepad++
[26/01/2009|20:16] C:\Program Files\OpenOffice.org 3
[21/04/2009|09:31] C:\Program Files\Opera
[29/10/2008|01:36] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[19/10/2008|17:56] C:\Program Files\Sierra
[05/10/2008|12:24] C:\Program Files\Smart Panel
[02/05/2008|17:35] C:\Program Files\SoftThinks
[25/12/2008|04:09] C:\Program Files\Sony
[04/02/2009|20:57] C:\Program Files\TuneUp Utilities 2008
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[05/10/2008|18:54] C:\Program Files\VideoLAN
[17/04/2009|12:05] C:\Program Files\Virtual Earth 3D
[24/02/2009|21:17] C:\Program Files\WarRock
[29/10/2008|19:27] C:\Program Files\Winamp
[21/01/2008|04:47] C:\Program Files\Windows Calendar
[21/01/2008|04:47] C:\Program Files\Windows Collaboration
[21/01/2008|04:47] C:\Program Files\Windows Defender
[23/02/2009|19:41] C:\Program Files\Windows Live
[18/12/2008|21:21] C:\Program Files\Windows Live SkyDrive
[15/04/2009|17:52] C:\Program Files\Windows Mail
[26/02/2009|18:48] C:\Program Files\Windows Media Player
[03/10/2008|17:12] C:\Program Files\Windows NT
[21/01/2008|04:47] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:47] C:\Program Files\Windows Sidebar
[25/12/2008|03:42] C:\Program Files\WinRAR
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[24/03/2009|17:16] C:\Program Files\Common Files\Adobe
[20/10/2008|20:04] C:\Program Files\Common Files\Adobe AIR
[03/10/2008|11:48] C:\Program Files\Common Files\Ahead
[05/10/2008|12:04] C:\Program Files\Common Files\InstallShield
[23/02/2009|19:38] C:\Program Files\Common Files\microsoft shared
[17/10/2008|18:09] C:\Program Files\Common Files\Motorola Shared
[19/04/2009|17:11] C:\Program Files\Common Files\MSSoap
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/01/2008|04:47] C:\Program Files\Common Files\System
[18/12/2008|21:03] C:\Program Files\Common Files\Windows Live
[03/10/2008|17:59] C:\Program Files\Common Files\WindowsLiveInstaller
[06/12/2008|12:35] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 75 Processes )
iexplore.exe ~ [PID:5052]
iexplore.exe ~ [PID:2364]
iexplore.exe ~ [PID:6428]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\hope stupid link.jo49e
C:\ProgramData\Roamlistlist.69hdy
C:\ProgramData\Roamlistlist.jxcgpn
C:\ProgramData\Roamlistlist.pnr57y
C:\ProgramData\new love win.wice8k4
C:\ProgramData\Roamlistlist.ey2vme5
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Lies shim upload curb
C:\ProgramData\Lies shim upload curb\browse book.dat
C:\ProgramData\Lies shim upload curb\browse book.exe
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-28 17:56:00
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:32][D:8]-> C:\Users\LAURENT\AppData\Local\Temp
[F:85][D:1]-> C:\Users\LAURENT\AppData\Roaming\MICROS~1\Windows\Cookies
[F:121][D:6]-> C:\Users\LAURENT\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:7][D:6]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 28/04/2009|17:57 - Option : [1]
--------------------\\ Fin du rapport a 17:57:10
[ UAC => 1 ]
Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : LAURENT ( Not Administrator ! )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:89 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:181 Go (Free:162 Go)
E:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:134 Go (Free:109 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 28/04/2009|17:55 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[03/03/2009|19:05] C:\Users\LAURENT\AppData\Local\Adobe
[17/10/2008|18:24] C:\Users\LAURENT\AppData\Local\Ahead
[26/04/2009|18:12] C:\Users\LAURENT\AppData\Local\Apple
[03/10/2008|17:19] C:\Users\LAURENT\AppData\Local\Application Data
[22/10/2008|17:49] C:\Users\LAURENT\AppData\Local\Apps
[17/10/2008|17:59] C:\Users\LAURENT\AppData\Local\BVRP Software
[22/11/2008|23:25] C:\Users\LAURENT\AppData\Local\d3d8caps.dat
[28/01/2009|19:46] C:\Users\LAURENT\AppData\Local\d3d9caps.dat
[25/04/2009|00:10] C:\Users\LAURENT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[22/04/2009|10:40] C:\Users\LAURENT\AppData\Local\Deployment
[04/10/2008|22:16] C:\Users\LAURENT\AppData\Local\Eggiz
[06/10/2008|18:42] C:\Users\LAURENT\AppData\Local\eMule
[21/03/2009|16:17] C:\Users\LAURENT\AppData\Local\GDIPFONTCACHEV1.DAT
[14/02/2009|15:28] C:\Users\LAURENT\AppData\Local\Google
[03/10/2008|17:19] C:\Users\LAURENT\AppData\Local\Historique
[28/04/2009|00:21] C:\Users\LAURENT\AppData\Local\IconCache.db
[25/03/2009|19:52] C:\Users\LAURENT\AppData\Local\johnsadventures.com
[25/02/2009|19:38] C:\Users\LAURENT\AppData\Local\Microsoft
[11/11/2008|23:01] C:\Users\LAURENT\AppData\Local\Microsoft Games
[09/10/2008|20:21] C:\Users\LAURENT\AppData\Local\MigWiz
[05/10/2008|19:59] C:\Users\LAURENT\AppData\Local\Mozilla
[03/10/2008|20:22] C:\Users\LAURENT\AppData\Local\Neuf
[21/04/2009|09:27] C:\Users\LAURENT\AppData\Local\Opera
[19/10/2008|15:41] C:\Users\LAURENT\AppData\Local\PunkBuster
[06/01/2009|17:48] C:\Users\LAURENT\AppData\Local\sfzekgc.bat
[08/10/2008|19:34] C:\Users\LAURENT\AppData\Local\Shareaza
[28/04/2009|17:55] C:\Users\LAURENT\AppData\Local\Temp
[03/10/2008|17:19] C:\Users\LAURENT\AppData\Local\Temporary Internet Files
[03/10/2008|19:11] C:\Users\LAURENT\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/04/2009 17:38][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-319377553-3057289751-2592643440-1000.job
[28/04/2009 11:29][--a------] C:\Windows\tasks\Google Software Updater.job
[28/04/2009 17:46][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[28/04/2009 17:46][--a------] C:\Windows\tasks\GlaryInitialize.job
[28/04/2009 17:46][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
[28/04/2009 09:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A8F4455C-1AEE-4560-B1B7-2547A030DEE5}.job
[27/04/2009 17:55][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{8CD1B723-FA39-4DF3-A049-8CD950CD9293}.job
[28/04/2009 08:09][--ah-----] C:\Windows\tasks\SA.DAT
[28/04/2009 00:22][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[24/03/2009|17:17] C:\ProgramData\Adobe
[03/10/2008|11:48] C:\ProgramData\Ahead
[26/04/2009|18:12] C:\ProgramData\Apple
[26/04/2009|18:13] C:\ProgramData\Apple Computer
[03/10/2008|17:12] C:\ProgramData\Application Data
[29/01/2009|08:19] C:\ProgramData\avg8
[23/10/2008|00:18] C:\ProgramData\Azureus
[03/10/2008|17:12] C:\ProgramData\Bureau
[17/10/2008|18:10] C:\ProgramData\BVRP Software
[03/10/2008|17:12] C:\ProgramData\Documents
[02/04/2009|01:45] C:\ProgramData\Dvd tray
[06/10/2008|18:30] C:\ProgramData\eMule
[03/10/2008|17:12] C:\ProgramData\Favoris
[20/12/2008|18:24] C:\ProgramData\Google
[27/04/2009|23:24] C:\ProgramData\Google Updater
[04/01/2009|21:26] C:\ProgramData\Grisoft
[02/02/2009|09:38] C:\ProgramData\hope stupid link.jo49e
[02/02/2009|09:38] C:\ProgramData\Lies shim upload curb
[03/10/2008|18:35] C:\ProgramData\LightScribe
[06/01/2009|21:13] C:\ProgramData\Malwarebytes
[03/10/2008|17:12] C:\ProgramData\Menu D‚marrer
[23/02/2009|19:14] C:\ProgramData\Microsoft
[03/10/2008|17:12] C:\ProgramData\ModŠles
[03/10/2008|11:47] C:\ProgramData\Nero
[28/12/2008|21:16] C:\ProgramData\new love win.wice8k4
[11/12/2008|08:36] C:\ProgramData\NOS
[10/04/2009|08:09] C:\ProgramData\ntuser.pol
[06/10/2008|19:01] C:\ProgramData\NVIDIA
[03/01/2009|10:33] C:\ProgramData\Roamlistlist.69hdy
[02/02/2009|09:37] C:\ProgramData\Roamlistlist.ey2vme5
[02/02/2009|09:37] C:\ProgramData\Roamlistlist.jxcgpn
[28/12/2008|21:14] C:\ProgramData\Roamlistlist.pnr57y
[04/04/2009|18:25] C:\ProgramData\Spybot - Search & Destroy
[06/12/2008|12:36] C:\ProgramData\TuneUp Software
[05/10/2008|12:26] C:\ProgramData\UDL
[18/11/2008|20:42] C:\ProgramData\vlc-0.9.6-win32.exe
[03/10/2008|17:56] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[24/03/2009|17:16] C:\Program Files\Adobe
[26/04/2009|18:12] C:\Program Files\Apple Software Update
[05/10/2008|12:25] C:\Program Files\ArcSoft
[15/03/2009|10:01] C:\Program Files\Avanquest update
[03/10/2008|18:15] C:\Program Files\AVG
[26/12/2008|21:54] C:\Program Files\CCleaner
[19/04/2009|17:11] C:\Program Files\Common Files
[11/12/2008|21:19] C:\Program Files\CyberLink
[05/10/2008|12:28] C:\Program Files\epson
[03/10/2008|17:12] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[20/11/2008|21:33] C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[23/01/2009|19:34] C:\Program Files\Glary Utilities
[15/02/2009|10:56] C:\Program Files\Google
[04/01/2009|21:26] C:\Program Files\Grisoft
[15/03/2009|10:12] C:\Program Files\InstallShield Installation Information
[26/04/2009|18:13] C:\Program Files\Internet Explorer
[15/02/2009|10:41] C:\Program Files\Java
[25/03/2009|19:52] C:\Program Files\johnsadventures.com
[26/01/2009|20:16] C:\Program Files\JRE
[19/04/2009|20:43] C:\Program Files\Malwarebytes' Anti-Malware
[25/12/2008|10:53] C:\Program Files\Micro Application
[18/12/2008|21:21] C:\Program Files\Microsoft
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[21/03/2009|16:11] C:\Program Files\Microsoft IntelliType Pro
[25/02/2009|19:30] C:\Program Files\Microsoft LifeCam
[22/11/2008|18:00] C:\Program Files\Microsoft Office
[26/02/2009|18:49] C:\Program Files\Microsoft Silverlight
[23/02/2009|19:40] C:\Program Files\Microsoft SQL Server Compact Edition
[20/11/2008|21:33] C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[19/04/2009|17:11] C:\Program Files\Motorola
[19/04/2009|17:12] C:\Program Files\Motorola Phone Tools
[21/01/2008|04:47] C:\Program Files\Movie Maker
[08/04/2009|18:20] C:\Program Files\Mozilla Firefox
[02/11/2006|14:35] C:\Program Files\MSBuild
[03/10/2008|17:41] C:\Program Files\MSXML 4.0
[03/10/2008|11:47] C:\Program Files\Nero
[08/10/2008|17:56] C:\Program Files\Neuf
[11/12/2008|08:36] C:\Program Files\NOS
[20/01/2009|19:18] C:\Program Files\Notepad++
[26/01/2009|20:16] C:\Program Files\OpenOffice.org 3
[21/04/2009|09:31] C:\Program Files\Opera
[29/10/2008|01:36] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[19/10/2008|17:56] C:\Program Files\Sierra
[05/10/2008|12:24] C:\Program Files\Smart Panel
[02/05/2008|17:35] C:\Program Files\SoftThinks
[25/12/2008|04:09] C:\Program Files\Sony
[04/02/2009|20:57] C:\Program Files\TuneUp Utilities 2008
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[05/10/2008|18:54] C:\Program Files\VideoLAN
[17/04/2009|12:05] C:\Program Files\Virtual Earth 3D
[24/02/2009|21:17] C:\Program Files\WarRock
[29/10/2008|19:27] C:\Program Files\Winamp
[21/01/2008|04:47] C:\Program Files\Windows Calendar
[21/01/2008|04:47] C:\Program Files\Windows Collaboration
[21/01/2008|04:47] C:\Program Files\Windows Defender
[23/02/2009|19:41] C:\Program Files\Windows Live
[18/12/2008|21:21] C:\Program Files\Windows Live SkyDrive
[15/04/2009|17:52] C:\Program Files\Windows Mail
[26/02/2009|18:48] C:\Program Files\Windows Media Player
[03/10/2008|17:12] C:\Program Files\Windows NT
[21/01/2008|04:47] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:47] C:\Program Files\Windows Sidebar
[25/12/2008|03:42] C:\Program Files\WinRAR
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[24/03/2009|17:16] C:\Program Files\Common Files\Adobe
[20/10/2008|20:04] C:\Program Files\Common Files\Adobe AIR
[03/10/2008|11:48] C:\Program Files\Common Files\Ahead
[05/10/2008|12:04] C:\Program Files\Common Files\InstallShield
[23/02/2009|19:38] C:\Program Files\Common Files\microsoft shared
[17/10/2008|18:09] C:\Program Files\Common Files\Motorola Shared
[19/04/2009|17:11] C:\Program Files\Common Files\MSSoap
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/01/2008|04:47] C:\Program Files\Common Files\System
[18/12/2008|21:03] C:\Program Files\Common Files\Windows Live
[03/10/2008|17:59] C:\Program Files\Common Files\WindowsLiveInstaller
[06/12/2008|12:35] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 75 Processes )
iexplore.exe ~ [PID:5052]
iexplore.exe ~ [PID:2364]
iexplore.exe ~ [PID:6428]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\hope stupid link.jo49e
C:\ProgramData\Roamlistlist.69hdy
C:\ProgramData\Roamlistlist.jxcgpn
C:\ProgramData\Roamlistlist.pnr57y
C:\ProgramData\new love win.wice8k4
C:\ProgramData\Roamlistlist.ey2vme5
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Lies shim upload curb
C:\ProgramData\Lies shim upload curb\browse book.dat
C:\ProgramData\Lies shim upload curb\browse book.exe
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-28 17:56:00
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:32][D:8]-> C:\Users\LAURENT\AppData\Local\Temp
[F:85][D:1]-> C:\Users\LAURENT\AppData\Roaming\MICROS~1\Windows\Cookies
[F:121][D:6]-> C:\Users\LAURENT\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:7][D:6]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 28/04/2009|17:57 - Option : [1]
--------------------\\ Fin du rapport a 17:57:10
[ UAC => 1 ]
celui ci vient de la cession de ma femme :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : nadia ( Not Administrator ! )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:89 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:181 Go (Free:162 Go)
E:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:134 Go (Free:109 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 28/04/2009|18:08 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[24/03/2009|17:07] C:\Users\nadia\AppData\Local\Adobe
[17/10/2008|10:58] C:\Users\nadia\AppData\Local\Ahead
[22/12/2008|22:39] C:\Users\nadia\AppData\Local\Apps
[06/01/2009|21:26] C:\Users\nadia\AppData\Local\d3d9caps.dat
[27/04/2009|09:33] C:\Users\nadia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[22/03/2009|10:15] C:\Users\nadia\AppData\Local\GDIPFONTCACHEV1.DAT
[20/12/2008|09:04] C:\Users\nadia\AppData\Local\Google
[28/04/2009|17:13] C:\Users\nadia\AppData\Local\IconCache.db
[17/04/2009|12:06] C:\Users\nadia\AppData\Local\IsolatedStorage
[02/04/2009|12:19] C:\Users\nadia\AppData\Local\Microsoft
[05/10/2008|18:17] C:\Users\nadia\AppData\Local\Microsoft Games
[17/02/2009|09:42] C:\Users\nadia\AppData\Local\MigWiz
[15/10/2008|15:35] C:\Users\nadia\AppData\Local\Mozilla
[14/01/2009|09:56] C:\Users\nadia\AppData\Local\Neuf
[28/04/2009|18:07] C:\Users\nadia\AppData\Local\Temp
[05/10/2008|15:20] C:\Users\nadia\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/04/2009 17:38][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-319377553-3057289751-2592643440-1000.job
[28/04/2009 11:29][--a------] C:\Windows\tasks\Google Software Updater.job
[28/04/2009 18:04][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[28/04/2009 18:04][--a------] C:\Windows\tasks\GlaryInitialize.job
[28/04/2009 18:04][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
[28/04/2009 09:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A8F4455C-1AEE-4560-B1B7-2547A030DEE5}.job
[27/04/2009 17:55][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{8CD1B723-FA39-4DF3-A049-8CD950CD9293}.job
[28/04/2009 08:09][--ah-----] C:\Windows\tasks\SA.DAT
[28/04/2009 00:22][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[24/03/2009|17:17] C:\ProgramData\Adobe
[03/10/2008|11:48] C:\ProgramData\Ahead
[26/04/2009|18:12] C:\ProgramData\Apple
[26/04/2009|18:13] C:\ProgramData\Apple Computer
[03/10/2008|17:12] C:\ProgramData\Application Data
[29/01/2009|08:19] C:\ProgramData\avg8
[23/10/2008|00:18] C:\ProgramData\Azureus
[03/10/2008|17:12] C:\ProgramData\Bureau
[17/10/2008|18:10] C:\ProgramData\BVRP Software
[03/10/2008|17:12] C:\ProgramData\Documents
[02/04/2009|01:45] C:\ProgramData\Dvd tray
[06/10/2008|18:30] C:\ProgramData\eMule
[03/10/2008|17:12] C:\ProgramData\Favoris
[20/12/2008|18:24] C:\ProgramData\Google
[27/04/2009|23:24] C:\ProgramData\Google Updater
[04/01/2009|21:26] C:\ProgramData\Grisoft
[02/02/2009|09:38] C:\ProgramData\hope stupid link.jo49e
[02/02/2009|09:38] C:\ProgramData\Lies shim upload curb
[03/10/2008|18:35] C:\ProgramData\LightScribe
[06/01/2009|21:13] C:\ProgramData\Malwarebytes
[03/10/2008|17:12] C:\ProgramData\Menu D‚marrer
[23/02/2009|19:14] C:\ProgramData\Microsoft
[03/10/2008|17:12] C:\ProgramData\ModŠles
[03/10/2008|11:47] C:\ProgramData\Nero
[28/12/2008|21:16] C:\ProgramData\new love win.wice8k4
[11/12/2008|08:36] C:\ProgramData\NOS
[10/04/2009|08:09] C:\ProgramData\ntuser.pol
[06/10/2008|19:01] C:\ProgramData\NVIDIA
[03/01/2009|10:33] C:\ProgramData\Roamlistlist.69hdy
[02/02/2009|09:37] C:\ProgramData\Roamlistlist.ey2vme5
[02/02/2009|09:37] C:\ProgramData\Roamlistlist.jxcgpn
[28/12/2008|21:14] C:\ProgramData\Roamlistlist.pnr57y
[04/04/2009|18:25] C:\ProgramData\Spybot - Search & Destroy
[06/12/2008|12:36] C:\ProgramData\TuneUp Software
[05/10/2008|12:26] C:\ProgramData\UDL
[18/11/2008|20:42] C:\ProgramData\vlc-0.9.6-win32.exe
[03/10/2008|17:56] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[24/03/2009|17:16] C:\Program Files\Adobe
[26/04/2009|18:12] C:\Program Files\Apple Software Update
[05/10/2008|12:25] C:\Program Files\ArcSoft
[15/03/2009|10:01] C:\Program Files\Avanquest update
[03/10/2008|18:15] C:\Program Files\AVG
[26/12/2008|21:54] C:\Program Files\CCleaner
[19/04/2009|17:11] C:\Program Files\Common Files
[11/12/2008|21:19] C:\Program Files\CyberLink
[05/10/2008|12:28] C:\Program Files\epson
[03/10/2008|17:12] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[20/11/2008|21:33] C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[23/01/2009|19:34] C:\Program Files\Glary Utilities
[15/02/2009|10:56] C:\Program Files\Google
[04/01/2009|21:26] C:\Program Files\Grisoft
[15/03/2009|10:12] C:\Program Files\InstallShield Installation Information
[26/04/2009|18:13] C:\Program Files\Internet Explorer
[15/02/2009|10:41] C:\Program Files\Java
[25/03/2009|19:52] C:\Program Files\johnsadventures.com
[26/01/2009|20:16] C:\Program Files\JRE
[19/04/2009|20:43] C:\Program Files\Malwarebytes' Anti-Malware
[25/12/2008|10:53] C:\Program Files\Micro Application
[18/12/2008|21:21] C:\Program Files\Microsoft
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[21/03/2009|16:11] C:\Program Files\Microsoft IntelliType Pro
[25/02/2009|19:30] C:\Program Files\Microsoft LifeCam
[22/11/2008|18:00] C:\Program Files\Microsoft Office
[26/02/2009|18:49] C:\Program Files\Microsoft Silverlight
[23/02/2009|19:40] C:\Program Files\Microsoft SQL Server Compact Edition
[20/11/2008|21:33] C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[19/04/2009|17:11] C:\Program Files\Motorola
[19/04/2009|17:12] C:\Program Files\Motorola Phone Tools
[21/01/2008|04:47] C:\Program Files\Movie Maker
[08/04/2009|18:20] C:\Program Files\Mozilla Firefox
[02/11/2006|14:35] C:\Program Files\MSBuild
[03/10/2008|17:41] C:\Program Files\MSXML 4.0
[03/10/2008|11:47] C:\Program Files\Nero
[08/10/2008|17:56] C:\Program Files\Neuf
[11/12/2008|08:36] C:\Program Files\NOS
[20/01/2009|19:18] C:\Program Files\Notepad++
[26/01/2009|20:16] C:\Program Files\OpenOffice.org 3
[21/04/2009|09:31] C:\Program Files\Opera
[29/10/2008|01:36] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[19/10/2008|17:56] C:\Program Files\Sierra
[05/10/2008|12:24] C:\Program Files\Smart Panel
[02/05/2008|17:35] C:\Program Files\SoftThinks
[25/12/2008|04:09] C:\Program Files\Sony
[04/02/2009|20:57] C:\Program Files\TuneUp Utilities 2008
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[05/10/2008|18:54] C:\Program Files\VideoLAN
[17/04/2009|12:05] C:\Program Files\Virtual Earth 3D
[24/02/2009|21:17] C:\Program Files\WarRock
[29/10/2008|19:27] C:\Program Files\Winamp
[21/01/2008|04:47] C:\Program Files\Windows Calendar
[21/01/2008|04:47] C:\Program Files\Windows Collaboration
[21/01/2008|04:47] C:\Program Files\Windows Defender
[23/02/2009|19:41] C:\Program Files\Windows Live
[18/12/2008|21:21] C:\Program Files\Windows Live SkyDrive
[15/04/2009|17:52] C:\Program Files\Windows Mail
[26/02/2009|18:48] C:\Program Files\Windows Media Player
[03/10/2008|17:12] C:\Program Files\Windows NT
[21/01/2008|04:47] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:47] C:\Program Files\Windows Sidebar
[25/12/2008|03:42] C:\Program Files\WinRAR
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[24/03/2009|17:16] C:\Program Files\Common Files\Adobe
[20/10/2008|20:04] C:\Program Files\Common Files\Adobe AIR
[03/10/2008|11:48] C:\Program Files\Common Files\Ahead
[05/10/2008|12:04] C:\Program Files\Common Files\InstallShield
[23/02/2009|19:38] C:\Program Files\Common Files\microsoft shared
[17/10/2008|18:09] C:\Program Files\Common Files\Motorola Shared
[19/04/2009|17:11] C:\Program Files\Common Files\MSSoap
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/01/2008|04:47] C:\Program Files\Common Files\System
[18/12/2008|21:03] C:\Program Files\Common Files\Windows Live
[03/10/2008|17:59] C:\Program Files\Common Files\WindowsLiveInstaller
[06/12/2008|12:35] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 108 Processes )
iexplore.exe ~ [PID:5052]
iexplore.exe ~ [PID:2364]
iexplore.exe ~ [PID:10580]
iexplore.exe ~ [PID:10704]
iexplore.exe ~ [PID:2608]
iexplore.exe ~ [PID:5812]
iexplore.exe ~ [PID:7116]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\hope stupid link.jo49e
C:\ProgramData\Roamlistlist.69hdy
C:\ProgramData\Roamlistlist.jxcgpn
C:\ProgramData\Roamlistlist.pnr57y
C:\ProgramData\new love win.wice8k4
C:\ProgramData\Roamlistlist.ey2vme5
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Lies shim upload curb
C:\ProgramData\Lies shim upload curb\browse book.dat
C:\ProgramData\Lies shim upload curb\browse book.exe
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"upload curb default new"="\"C:\\ProgramData\\hope stupid link.jo49e\""
"Scratom"="\"C:\\ProgramData\\Roamlistlist.ey2vme5\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-28 18:08:35
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:40][D:6]-> C:\Users\nadia\AppData\Local\Temp
[F:207][D:1]-> C:\Users\nadia\AppData\Roaming\MICROS~1\Windows\Cookies
[F:172][D:5]-> C:\Users\nadia\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:7][D:6]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 28/04/2009|17:57 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 28/04/2009|18:09 - Option : [1]
--------------------\\ Fin du rapport a 18:09:13
[ UAC => 1 ]
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : nadia ( Not Administrator ! )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:89 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:181 Go (Free:162 Go)
E:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:134 Go (Free:109 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 28/04/2009|18:08 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[24/03/2009|17:07] C:\Users\nadia\AppData\Local\Adobe
[17/10/2008|10:58] C:\Users\nadia\AppData\Local\Ahead
[22/12/2008|22:39] C:\Users\nadia\AppData\Local\Apps
[06/01/2009|21:26] C:\Users\nadia\AppData\Local\d3d9caps.dat
[27/04/2009|09:33] C:\Users\nadia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[22/03/2009|10:15] C:\Users\nadia\AppData\Local\GDIPFONTCACHEV1.DAT
[20/12/2008|09:04] C:\Users\nadia\AppData\Local\Google
[28/04/2009|17:13] C:\Users\nadia\AppData\Local\IconCache.db
[17/04/2009|12:06] C:\Users\nadia\AppData\Local\IsolatedStorage
[02/04/2009|12:19] C:\Users\nadia\AppData\Local\Microsoft
[05/10/2008|18:17] C:\Users\nadia\AppData\Local\Microsoft Games
[17/02/2009|09:42] C:\Users\nadia\AppData\Local\MigWiz
[15/10/2008|15:35] C:\Users\nadia\AppData\Local\Mozilla
[14/01/2009|09:56] C:\Users\nadia\AppData\Local\Neuf
[28/04/2009|18:07] C:\Users\nadia\AppData\Local\Temp
[05/10/2008|15:20] C:\Users\nadia\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/04/2009 17:38][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-319377553-3057289751-2592643440-1000.job
[28/04/2009 11:29][--a------] C:\Windows\tasks\Google Software Updater.job
[28/04/2009 18:04][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[28/04/2009 18:04][--a------] C:\Windows\tasks\GlaryInitialize.job
[28/04/2009 18:04][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
[28/04/2009 09:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A8F4455C-1AEE-4560-B1B7-2547A030DEE5}.job
[27/04/2009 17:55][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{8CD1B723-FA39-4DF3-A049-8CD950CD9293}.job
[28/04/2009 08:09][--ah-----] C:\Windows\tasks\SA.DAT
[28/04/2009 00:22][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[24/03/2009|17:17] C:\ProgramData\Adobe
[03/10/2008|11:48] C:\ProgramData\Ahead
[26/04/2009|18:12] C:\ProgramData\Apple
[26/04/2009|18:13] C:\ProgramData\Apple Computer
[03/10/2008|17:12] C:\ProgramData\Application Data
[29/01/2009|08:19] C:\ProgramData\avg8
[23/10/2008|00:18] C:\ProgramData\Azureus
[03/10/2008|17:12] C:\ProgramData\Bureau
[17/10/2008|18:10] C:\ProgramData\BVRP Software
[03/10/2008|17:12] C:\ProgramData\Documents
[02/04/2009|01:45] C:\ProgramData\Dvd tray
[06/10/2008|18:30] C:\ProgramData\eMule
[03/10/2008|17:12] C:\ProgramData\Favoris
[20/12/2008|18:24] C:\ProgramData\Google
[27/04/2009|23:24] C:\ProgramData\Google Updater
[04/01/2009|21:26] C:\ProgramData\Grisoft
[02/02/2009|09:38] C:\ProgramData\hope stupid link.jo49e
[02/02/2009|09:38] C:\ProgramData\Lies shim upload curb
[03/10/2008|18:35] C:\ProgramData\LightScribe
[06/01/2009|21:13] C:\ProgramData\Malwarebytes
[03/10/2008|17:12] C:\ProgramData\Menu D‚marrer
[23/02/2009|19:14] C:\ProgramData\Microsoft
[03/10/2008|17:12] C:\ProgramData\ModŠles
[03/10/2008|11:47] C:\ProgramData\Nero
[28/12/2008|21:16] C:\ProgramData\new love win.wice8k4
[11/12/2008|08:36] C:\ProgramData\NOS
[10/04/2009|08:09] C:\ProgramData\ntuser.pol
[06/10/2008|19:01] C:\ProgramData\NVIDIA
[03/01/2009|10:33] C:\ProgramData\Roamlistlist.69hdy
[02/02/2009|09:37] C:\ProgramData\Roamlistlist.ey2vme5
[02/02/2009|09:37] C:\ProgramData\Roamlistlist.jxcgpn
[28/12/2008|21:14] C:\ProgramData\Roamlistlist.pnr57y
[04/04/2009|18:25] C:\ProgramData\Spybot - Search & Destroy
[06/12/2008|12:36] C:\ProgramData\TuneUp Software
[05/10/2008|12:26] C:\ProgramData\UDL
[18/11/2008|20:42] C:\ProgramData\vlc-0.9.6-win32.exe
[03/10/2008|17:56] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[24/03/2009|17:16] C:\Program Files\Adobe
[26/04/2009|18:12] C:\Program Files\Apple Software Update
[05/10/2008|12:25] C:\Program Files\ArcSoft
[15/03/2009|10:01] C:\Program Files\Avanquest update
[03/10/2008|18:15] C:\Program Files\AVG
[26/12/2008|21:54] C:\Program Files\CCleaner
[19/04/2009|17:11] C:\Program Files\Common Files
[11/12/2008|21:19] C:\Program Files\CyberLink
[05/10/2008|12:28] C:\Program Files\epson
[03/10/2008|17:12] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[20/11/2008|21:33] C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[23/01/2009|19:34] C:\Program Files\Glary Utilities
[15/02/2009|10:56] C:\Program Files\Google
[04/01/2009|21:26] C:\Program Files\Grisoft
[15/03/2009|10:12] C:\Program Files\InstallShield Installation Information
[26/04/2009|18:13] C:\Program Files\Internet Explorer
[15/02/2009|10:41] C:\Program Files\Java
[25/03/2009|19:52] C:\Program Files\johnsadventures.com
[26/01/2009|20:16] C:\Program Files\JRE
[19/04/2009|20:43] C:\Program Files\Malwarebytes' Anti-Malware
[25/12/2008|10:53] C:\Program Files\Micro Application
[18/12/2008|21:21] C:\Program Files\Microsoft
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[21/03/2009|16:11] C:\Program Files\Microsoft IntelliType Pro
[25/02/2009|19:30] C:\Program Files\Microsoft LifeCam
[22/11/2008|18:00] C:\Program Files\Microsoft Office
[26/02/2009|18:49] C:\Program Files\Microsoft Silverlight
[23/02/2009|19:40] C:\Program Files\Microsoft SQL Server Compact Edition
[20/11/2008|21:33] C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[19/04/2009|17:11] C:\Program Files\Motorola
[19/04/2009|17:12] C:\Program Files\Motorola Phone Tools
[21/01/2008|04:47] C:\Program Files\Movie Maker
[08/04/2009|18:20] C:\Program Files\Mozilla Firefox
[02/11/2006|14:35] C:\Program Files\MSBuild
[03/10/2008|17:41] C:\Program Files\MSXML 4.0
[03/10/2008|11:47] C:\Program Files\Nero
[08/10/2008|17:56] C:\Program Files\Neuf
[11/12/2008|08:36] C:\Program Files\NOS
[20/01/2009|19:18] C:\Program Files\Notepad++
[26/01/2009|20:16] C:\Program Files\OpenOffice.org 3
[21/04/2009|09:31] C:\Program Files\Opera
[29/10/2008|01:36] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[19/10/2008|17:56] C:\Program Files\Sierra
[05/10/2008|12:24] C:\Program Files\Smart Panel
[02/05/2008|17:35] C:\Program Files\SoftThinks
[25/12/2008|04:09] C:\Program Files\Sony
[04/02/2009|20:57] C:\Program Files\TuneUp Utilities 2008
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[05/10/2008|18:54] C:\Program Files\VideoLAN
[17/04/2009|12:05] C:\Program Files\Virtual Earth 3D
[24/02/2009|21:17] C:\Program Files\WarRock
[29/10/2008|19:27] C:\Program Files\Winamp
[21/01/2008|04:47] C:\Program Files\Windows Calendar
[21/01/2008|04:47] C:\Program Files\Windows Collaboration
[21/01/2008|04:47] C:\Program Files\Windows Defender
[23/02/2009|19:41] C:\Program Files\Windows Live
[18/12/2008|21:21] C:\Program Files\Windows Live SkyDrive
[15/04/2009|17:52] C:\Program Files\Windows Mail
[26/02/2009|18:48] C:\Program Files\Windows Media Player
[03/10/2008|17:12] C:\Program Files\Windows NT
[21/01/2008|04:47] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:47] C:\Program Files\Windows Sidebar
[25/12/2008|03:42] C:\Program Files\WinRAR
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[24/03/2009|17:16] C:\Program Files\Common Files\Adobe
[20/10/2008|20:04] C:\Program Files\Common Files\Adobe AIR
[03/10/2008|11:48] C:\Program Files\Common Files\Ahead
[05/10/2008|12:04] C:\Program Files\Common Files\InstallShield
[23/02/2009|19:38] C:\Program Files\Common Files\microsoft shared
[17/10/2008|18:09] C:\Program Files\Common Files\Motorola Shared
[19/04/2009|17:11] C:\Program Files\Common Files\MSSoap
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/01/2008|04:47] C:\Program Files\Common Files\System
[18/12/2008|21:03] C:\Program Files\Common Files\Windows Live
[03/10/2008|17:59] C:\Program Files\Common Files\WindowsLiveInstaller
[06/12/2008|12:35] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 108 Processes )
iexplore.exe ~ [PID:5052]
iexplore.exe ~ [PID:2364]
iexplore.exe ~ [PID:10580]
iexplore.exe ~ [PID:10704]
iexplore.exe ~ [PID:2608]
iexplore.exe ~ [PID:5812]
iexplore.exe ~ [PID:7116]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\hope stupid link.jo49e
C:\ProgramData\Roamlistlist.69hdy
C:\ProgramData\Roamlistlist.jxcgpn
C:\ProgramData\Roamlistlist.pnr57y
C:\ProgramData\new love win.wice8k4
C:\ProgramData\Roamlistlist.ey2vme5
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Lies shim upload curb
C:\ProgramData\Lies shim upload curb\browse book.dat
C:\ProgramData\Lies shim upload curb\browse book.exe
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"upload curb default new"="\"C:\\ProgramData\\hope stupid link.jo49e\""
"Scratom"="\"C:\\ProgramData\\Roamlistlist.ey2vme5\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-28 18:08:35
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:40][D:6]-> C:\Users\nadia\AppData\Local\Temp
[F:207][D:1]-> C:\Users\nadia\AppData\Roaming\MICROS~1\Windows\Cookies
[F:172][D:5]-> C:\Users\nadia\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:7][D:6]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 28/04/2009|17:57 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 28/04/2009|18:09 - Option : [1]
--------------------\\ Fin du rapport a 18:09:13
[ UAC => 1 ]
Re,
On va travailler uniquement sous la session de ta femme a présent.![;)]( ";)")
Ton infection est un Adware installé comme sponsors de certain logiciel tel MSN Plus! 3/Live, les logiciels de P2P Bitdowloader/Bitgrabber, etc ...
Faites attention lorsque vous installez des logiciels, lisez les CLUF (Conditions d'utilisation)
Plus d'informations ici
On continu :
/!\ Désactive tes protections résidentes : AVG, Le Tea-Timer de spybot, UAC de Vista ... /!\
Pour désactiver le Tea-timer de Spybot :
Ouvre Spybot , clique sur l'onglet "Mode" et choisis "Mode Avancé"
Ne tiens pas compte de l'avertissement
En bas à gauche , clique sur "Outils"
Toujours dans la colonne de gauche , clique sur "Résident" ( pas dans la fenêtre centrale )
Et décoche l'option Resident "TeaTimer" (Tu pourras la recocher lorsque nous aurons terminé)
Relance Lop S&D en double-cliquant sur le raccourci.
Choisis l'Option 2 (Suppression)
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré (C:\lopR.txt)
/!\ N'oublie pas de réactiver tes protections résidentes /!\
PS : Si le Bureau ne réapparait pas :
Presse Ctrl + Alt + Suppr
Clique sur l'onglet Processus
Puis menu Fichier, Nouvelle tâche
Tape explorer et valide
Ensuite
Télécharge DDS de sUBs sur ton bureau.
L'outil ne nécessite pas d'installation.
Lance-le en cliquant sur l'icône dds.scr
![]()
Cette fenêtre DOS va apparaitre
![]()
Le scan ne doit pas dépasser trois minutes.
Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau.
Il te sera demandé si tu veux faire le scan optionnel.
Accepte par Oui
Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau.
Tu ne le fourniras que si nécessaire.
Poste le rapport DDS.txt
On va travailler uniquement sous la session de ta femme a présent.
Ton infection est un Adware installé comme sponsors de certain logiciel tel MSN Plus! 3/Live, les logiciels de P2P Bitdowloader/Bitgrabber, etc ...
Faites attention lorsque vous installez des logiciels, lisez les CLUF (Conditions d'utilisation)
Plus d'informations ici
On continu :
/!\ Désactive tes protections résidentes : AVG, Le Tea-Timer de spybot, UAC de Vista ... /!\
Pour désactiver le Tea-timer de Spybot :
Relance Lop S&D en double-cliquant sur le raccourci.
/!\ N'oublie pas de réactiver tes protections résidentes /!\
PS : Si le Bureau ne réapparait pas :
Ensuite
Télécharge DDS de sUBs sur ton bureau.
L'outil ne nécessite pas d'installation.
Lance-le en cliquant sur l'icône dds.scr
Cette fenêtre DOS va apparaitre
re ,ça c'est le rapport :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : nadia ( Not Administrator ! )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:89 Go (Free:21 Go)
D:\ (Local Disk) - NTFS - Total:181 Go (Free:162 Go)
E:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:134 Go (Free:109 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 28/04/2009|22:21 )
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\ProgramData\Lies shim upload curb\browse book.dat
Supprime! - C:\ProgramData\Lies shim upload curb\browse book.exe
Supprime! - C:\ProgramData\hope stupid link.jo49e
Supprime! - C:\ProgramData\Roamlistlist.69hdy
Supprime! - C:\ProgramData\Roamlistlist.jxcgpn
Supprime! - C:\ProgramData\Roamlistlist.pnr57y
Supprime! - C:\ProgramData\new love win.wice8k4
Supprime! - C:\ProgramData\Roamlistlist.ey2vme5
Supprime! - C:\ProgramData\Lies shim upload curb
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[24/03/2009|17:07] C:\Users\nadia\AppData\Local\Adobe
[17/10/2008|10:58] C:\Users\nadia\AppData\Local\Ahead
[22/12/2008|22:39] C:\Users\nadia\AppData\Local\Apps
[06/01/2009|21:26] C:\Users\nadia\AppData\Local\d3d9caps.dat
[27/04/2009|09:33] C:\Users\nadia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[22/03/2009|10:15] C:\Users\nadia\AppData\Local\GDIPFONTCACHEV1.DAT
[20/12/2008|09:04] C:\Users\nadia\AppData\Local\Google
[28/04/2009|19:45] C:\Users\nadia\AppData\Local\IconCache.db
[17/04/2009|12:06] C:\Users\nadia\AppData\Local\IsolatedStorage
[02/04/2009|12:19] C:\Users\nadia\AppData\Local\Microsoft
[05/10/2008|18:17] C:\Users\nadia\AppData\Local\Microsoft Games
[17/02/2009|09:42] C:\Users\nadia\AppData\Local\MigWiz
[15/10/2008|15:35] C:\Users\nadia\AppData\Local\Mozilla
[14/01/2009|09:56] C:\Users\nadia\AppData\Local\Neuf
[28/04/2009|22:21] C:\Users\nadia\AppData\Local\Temp
[05/10/2008|15:20] C:\Users\nadia\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/04/2009 21:48][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-319377553-3057289751-2592643440-1000.job
[28/04/2009 22:19][--a------] C:\Windows\tasks\Google Software Updater.job
[28/04/2009 22:16][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[28/04/2009 22:16][--a------] C:\Windows\tasks\GlaryInitialize.job
[28/04/2009 22:16][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
[28/04/2009 09:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A8F4455C-1AEE-4560-B1B7-2547A030DEE5}.job
[28/04/2009 18:45][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{8CD1B723-FA39-4DF3-A049-8CD950CD9293}.job
[28/04/2009 22:16][--ah-----] C:\Windows\tasks\SA.DAT
[28/04/2009 22:15][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[24/03/2009|17:17] C:\ProgramData\Adobe
[03/10/2008|11:48] C:\ProgramData\Ahead
[26/04/2009|18:12] C:\ProgramData\Apple
[26/04/2009|18:13] C:\ProgramData\Apple Computer
[03/10/2008|17:12] C:\ProgramData\Application Data
[29/01/2009|08:19] C:\ProgramData\avg8
[23/10/2008|00:18] C:\ProgramData\Azureus
[03/10/2008|17:12] C:\ProgramData\Bureau
[17/10/2008|18:10] C:\ProgramData\BVRP Software
[03/10/2008|17:12] C:\ProgramData\Documents
[02/04/2009|01:45] C:\ProgramData\Dvd tray
[06/10/2008|18:30] C:\ProgramData\eMule
[03/10/2008|17:12] C:\ProgramData\Favoris
[20/12/2008|18:24] C:\ProgramData\Google
[27/04/2009|23:24] C:\ProgramData\Google Updater
[04/01/2009|21:26] C:\ProgramData\Grisoft
[03/10/2008|18:35] C:\ProgramData\LightScribe
[06/01/2009|21:13] C:\ProgramData\Malwarebytes
[03/10/2008|17:12] C:\ProgramData\Menu D‚marrer
[23/02/2009|19:14] C:\ProgramData\Microsoft
[03/10/2008|17:12] C:\ProgramData\ModŠles
[03/10/2008|11:47] C:\ProgramData\Nero
[11/12/2008|08:36] C:\ProgramData\NOS
[10/04/2009|08:09] C:\ProgramData\ntuser.pol
[06/10/2008|19:01] C:\ProgramData\NVIDIA
[04/04/2009|18:25] C:\ProgramData\Spybot - Search & Destroy
[06/12/2008|12:36] C:\ProgramData\TuneUp Software
[05/10/2008|12:26] C:\ProgramData\UDL
[18/11/2008|20:42] C:\ProgramData\vlc-0.9.6-win32.exe
[03/10/2008|17:56] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[24/03/2009|17:16] C:\Program Files\Adobe
[26/04/2009|18:12] C:\Program Files\Apple Software Update
[05/10/2008|12:25] C:\Program Files\ArcSoft
[15/03/2009|10:01] C:\Program Files\Avanquest update
[03/10/2008|18:15] C:\Program Files\AVG
[26/12/2008|21:54] C:\Program Files\CCleaner
[19/04/2009|17:11] C:\Program Files\Common Files
[11/12/2008|21:19] C:\Program Files\CyberLink
[05/10/2008|12:28] C:\Program Files\epson
[03/10/2008|17:12] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[20/11/2008|21:33] C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[23/01/2009|19:34] C:\Program Files\Glary Utilities
[15/02/2009|10:56] C:\Program Files\Google
[04/01/2009|21:26] C:\Program Files\Grisoft
[15/03/2009|10:12] C:\Program Files\InstallShield Installation Information
[26/04/2009|18:13] C:\Program Files\Internet Explorer
[28/04/2009|19:44] C:\Program Files\Java
[25/03/2009|19:52] C:\Program Files\johnsadventures.com
[26/01/2009|20:16] C:\Program Files\JRE
[19/04/2009|20:43] C:\Program Files\Malwarebytes' Anti-Malware
[25/12/2008|10:53] C:\Program Files\Micro Application
[18/12/2008|21:21] C:\Program Files\Microsoft
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[21/03/2009|16:11] C:\Program Files\Microsoft IntelliType Pro
[25/02/2009|19:30] C:\Program Files\Microsoft LifeCam
[22/11/2008|18:00] C:\Program Files\Microsoft Office
[26/02/2009|18:49] C:\Program Files\Microsoft Silverlight
[23/02/2009|19:40] C:\Program Files\Microsoft SQL Server Compact Edition
[20/11/2008|21:33] C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[19/04/2009|17:11] C:\Program Files\Motorola
[19/04/2009|17:12] C:\Program Files\Motorola Phone Tools
[21/01/2008|04:47] C:\Program Files\Movie Maker
[28/04/2009|19:44] C:\Program Files\Mozilla Firefox
[02/11/2006|14:35] C:\Program Files\MSBuild
[03/10/2008|17:41] C:\Program Files\MSXML 4.0
[03/10/2008|11:47] C:\Program Files\Nero
[08/10/2008|17:56] C:\Program Files\Neuf
[11/12/2008|08:36] C:\Program Files\NOS
[20/01/2009|19:18] C:\Program Files\Notepad++
[26/01/2009|20:16] C:\Program Files\OpenOffice.org 3
[21/04/2009|09:31] C:\Program Files\Opera
[29/10/2008|01:36] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[19/10/2008|17:56] C:\Program Files\Sierra
[05/10/2008|12:24] C:\Program Files\Smart Panel
[02/05/2008|17:35] C:\Program Files\SoftThinks
[25/12/2008|04:09] C:\Program Files\Sony
[04/02/2009|20:57] C:\Program Files\TuneUp Utilities 2008
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[05/10/2008|18:54] C:\Program Files\VideoLAN
[17/04/2009|12:05] C:\Program Files\Virtual Earth 3D
[24/02/2009|21:17] C:\Program Files\WarRock
[29/10/2008|19:27] C:\Program Files\Winamp
[21/01/2008|04:47] C:\Program Files\Windows Calendar
[21/01/2008|04:47] C:\Program Files\Windows Collaboration
[21/01/2008|04:47] C:\Program Files\Windows Defender
[23/02/2009|19:41] C:\Program Files\Windows Live
[18/12/2008|21:21] C:\Program Files\Windows Live SkyDrive
[15/04/2009|17:52] C:\Program Files\Windows Mail
[26/02/2009|18:48] C:\Program Files\Windows Media Player
[03/10/2008|17:12] C:\Program Files\Windows NT
[21/01/2008|04:47] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:47] C:\Program Files\Windows Sidebar
[25/12/2008|03:42] C:\Program Files\WinRAR
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[24/03/2009|17:16] C:\Program Files\Common Files\Adobe
[20/10/2008|20:04] C:\Program Files\Common Files\Adobe AIR
[03/10/2008|11:48] C:\Program Files\Common Files\Ahead
[05/10/2008|12:04] C:\Program Files\Common Files\InstallShield
[23/02/2009|19:38] C:\Program Files\Common Files\microsoft shared
[17/10/2008|18:09] C:\Program Files\Common Files\Motorola Shared
[19/04/2009|17:11] C:\Program Files\Common Files\MSSoap
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/01/2008|04:47] C:\Program Files\Common Files\System
[18/12/2008|21:03] C:\Program Files\Common Files\Windows Live
[03/10/2008|17:59] C:\Program Files\Common Files\WindowsLiveInstaller
[06/12/2008|12:35] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 69 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-28 22:22:00
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:23][D:7]-> C:\Users\nadia\AppData\Local\Temp
[F:225][D:1]-> C:\Users\nadia\AppData\Roaming\MICROS~1\Windows\Cookies
[F:397][D:5]-> C:\Users\nadia\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:7][D:6]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 28/04/2009|17:57 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 28/04/2009|18:09 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 28/04/2009|22:22 - Option : [2]
--------------------\\ Fin du rapport a 22:22:42
[ UAC => 1 ]
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : nadia ( Not Administrator ! )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:89 Go (Free:21 Go)
D:\ (Local Disk) - NTFS - Total:181 Go (Free:162 Go)
E:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:134 Go (Free:109 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 28/04/2009|22:21 )
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\ProgramData\Lies shim upload curb\browse book.dat
Supprime! - C:\ProgramData\Lies shim upload curb\browse book.exe
Supprime! - C:\ProgramData\hope stupid link.jo49e
Supprime! - C:\ProgramData\Roamlistlist.69hdy
Supprime! - C:\ProgramData\Roamlistlist.jxcgpn
Supprime! - C:\ProgramData\Roamlistlist.pnr57y
Supprime! - C:\ProgramData\new love win.wice8k4
Supprime! - C:\ProgramData\Roamlistlist.ey2vme5
Supprime! - C:\ProgramData\Lies shim upload curb
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[24/03/2009|17:07] C:\Users\nadia\AppData\Local\Adobe
[17/10/2008|10:58] C:\Users\nadia\AppData\Local\Ahead
[22/12/2008|22:39] C:\Users\nadia\AppData\Local\Apps
[06/01/2009|21:26] C:\Users\nadia\AppData\Local\d3d9caps.dat
[27/04/2009|09:33] C:\Users\nadia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[22/03/2009|10:15] C:\Users\nadia\AppData\Local\GDIPFONTCACHEV1.DAT
[20/12/2008|09:04] C:\Users\nadia\AppData\Local\Google
[28/04/2009|19:45] C:\Users\nadia\AppData\Local\IconCache.db
[17/04/2009|12:06] C:\Users\nadia\AppData\Local\IsolatedStorage
[02/04/2009|12:19] C:\Users\nadia\AppData\Local\Microsoft
[05/10/2008|18:17] C:\Users\nadia\AppData\Local\Microsoft Games
[17/02/2009|09:42] C:\Users\nadia\AppData\Local\MigWiz
[15/10/2008|15:35] C:\Users\nadia\AppData\Local\Mozilla
[14/01/2009|09:56] C:\Users\nadia\AppData\Local\Neuf
[28/04/2009|22:21] C:\Users\nadia\AppData\Local\Temp
[05/10/2008|15:20] C:\Users\nadia\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/04/2009 21:48][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-319377553-3057289751-2592643440-1000.job
[28/04/2009 22:19][--a------] C:\Windows\tasks\Google Software Updater.job
[28/04/2009 22:16][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[28/04/2009 22:16][--a------] C:\Windows\tasks\GlaryInitialize.job
[28/04/2009 22:16][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
[28/04/2009 09:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A8F4455C-1AEE-4560-B1B7-2547A030DEE5}.job
[28/04/2009 18:45][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{8CD1B723-FA39-4DF3-A049-8CD950CD9293}.job
[28/04/2009 22:16][--ah-----] C:\Windows\tasks\SA.DAT
[28/04/2009 22:15][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[24/03/2009|17:17] C:\ProgramData\Adobe
[03/10/2008|11:48] C:\ProgramData\Ahead
[26/04/2009|18:12] C:\ProgramData\Apple
[26/04/2009|18:13] C:\ProgramData\Apple Computer
[03/10/2008|17:12] C:\ProgramData\Application Data
[29/01/2009|08:19] C:\ProgramData\avg8
[23/10/2008|00:18] C:\ProgramData\Azureus
[03/10/2008|17:12] C:\ProgramData\Bureau
[17/10/2008|18:10] C:\ProgramData\BVRP Software
[03/10/2008|17:12] C:\ProgramData\Documents
[02/04/2009|01:45] C:\ProgramData\Dvd tray
[06/10/2008|18:30] C:\ProgramData\eMule
[03/10/2008|17:12] C:\ProgramData\Favoris
[20/12/2008|18:24] C:\ProgramData\Google
[27/04/2009|23:24] C:\ProgramData\Google Updater
[04/01/2009|21:26] C:\ProgramData\Grisoft
[03/10/2008|18:35] C:\ProgramData\LightScribe
[06/01/2009|21:13] C:\ProgramData\Malwarebytes
[03/10/2008|17:12] C:\ProgramData\Menu D‚marrer
[23/02/2009|19:14] C:\ProgramData\Microsoft
[03/10/2008|17:12] C:\ProgramData\ModŠles
[03/10/2008|11:47] C:\ProgramData\Nero
[11/12/2008|08:36] C:\ProgramData\NOS
[10/04/2009|08:09] C:\ProgramData\ntuser.pol
[06/10/2008|19:01] C:\ProgramData\NVIDIA
[04/04/2009|18:25] C:\ProgramData\Spybot - Search & Destroy
[06/12/2008|12:36] C:\ProgramData\TuneUp Software
[05/10/2008|12:26] C:\ProgramData\UDL
[18/11/2008|20:42] C:\ProgramData\vlc-0.9.6-win32.exe
[03/10/2008|17:56] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[24/03/2009|17:16] C:\Program Files\Adobe
[26/04/2009|18:12] C:\Program Files\Apple Software Update
[05/10/2008|12:25] C:\Program Files\ArcSoft
[15/03/2009|10:01] C:\Program Files\Avanquest update
[03/10/2008|18:15] C:\Program Files\AVG
[26/12/2008|21:54] C:\Program Files\CCleaner
[19/04/2009|17:11] C:\Program Files\Common Files
[11/12/2008|21:19] C:\Program Files\CyberLink
[05/10/2008|12:28] C:\Program Files\epson
[03/10/2008|17:12] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[20/11/2008|21:33] C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[23/01/2009|19:34] C:\Program Files\Glary Utilities
[15/02/2009|10:56] C:\Program Files\Google
[04/01/2009|21:26] C:\Program Files\Grisoft
[15/03/2009|10:12] C:\Program Files\InstallShield Installation Information
[26/04/2009|18:13] C:\Program Files\Internet Explorer
[28/04/2009|19:44] C:\Program Files\Java
[25/03/2009|19:52] C:\Program Files\johnsadventures.com
[26/01/2009|20:16] C:\Program Files\JRE
[19/04/2009|20:43] C:\Program Files\Malwarebytes' Anti-Malware
[25/12/2008|10:53] C:\Program Files\Micro Application
[18/12/2008|21:21] C:\Program Files\Microsoft
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[21/03/2009|16:11] C:\Program Files\Microsoft IntelliType Pro
[25/02/2009|19:30] C:\Program Files\Microsoft LifeCam
[22/11/2008|18:00] C:\Program Files\Microsoft Office
[26/02/2009|18:49] C:\Program Files\Microsoft Silverlight
[23/02/2009|19:40] C:\Program Files\Microsoft SQL Server Compact Edition
[20/11/2008|21:33] C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[19/04/2009|17:11] C:\Program Files\Motorola
[19/04/2009|17:12] C:\Program Files\Motorola Phone Tools
[21/01/2008|04:47] C:\Program Files\Movie Maker
[28/04/2009|19:44] C:\Program Files\Mozilla Firefox
[02/11/2006|14:35] C:\Program Files\MSBuild
[03/10/2008|17:41] C:\Program Files\MSXML 4.0
[03/10/2008|11:47] C:\Program Files\Nero
[08/10/2008|17:56] C:\Program Files\Neuf
[11/12/2008|08:36] C:\Program Files\NOS
[20/01/2009|19:18] C:\Program Files\Notepad++
[26/01/2009|20:16] C:\Program Files\OpenOffice.org 3
[21/04/2009|09:31] C:\Program Files\Opera
[29/10/2008|01:36] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[19/10/2008|17:56] C:\Program Files\Sierra
[05/10/2008|12:24] C:\Program Files\Smart Panel
[02/05/2008|17:35] C:\Program Files\SoftThinks
[25/12/2008|04:09] C:\Program Files\Sony
[04/02/2009|20:57] C:\Program Files\TuneUp Utilities 2008
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[05/10/2008|18:54] C:\Program Files\VideoLAN
[17/04/2009|12:05] C:\Program Files\Virtual Earth 3D
[24/02/2009|21:17] C:\Program Files\WarRock
[29/10/2008|19:27] C:\Program Files\Winamp
[21/01/2008|04:47] C:\Program Files\Windows Calendar
[21/01/2008|04:47] C:\Program Files\Windows Collaboration
[21/01/2008|04:47] C:\Program Files\Windows Defender
[23/02/2009|19:41] C:\Program Files\Windows Live
[18/12/2008|21:21] C:\Program Files\Windows Live SkyDrive
[15/04/2009|17:52] C:\Program Files\Windows Mail
[26/02/2009|18:48] C:\Program Files\Windows Media Player
[03/10/2008|17:12] C:\Program Files\Windows NT
[21/01/2008|04:47] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:47] C:\Program Files\Windows Sidebar
[25/12/2008|03:42] C:\Program Files\WinRAR
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[24/03/2009|17:16] C:\Program Files\Common Files\Adobe
[20/10/2008|20:04] C:\Program Files\Common Files\Adobe AIR
[03/10/2008|11:48] C:\Program Files\Common Files\Ahead
[05/10/2008|12:04] C:\Program Files\Common Files\InstallShield
[23/02/2009|19:38] C:\Program Files\Common Files\microsoft shared
[17/10/2008|18:09] C:\Program Files\Common Files\Motorola Shared
[19/04/2009|17:11] C:\Program Files\Common Files\MSSoap
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/01/2008|04:47] C:\Program Files\Common Files\System
[18/12/2008|21:03] C:\Program Files\Common Files\Windows Live
[03/10/2008|17:59] C:\Program Files\Common Files\WindowsLiveInstaller
[06/12/2008|12:35] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 69 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-28 22:22:00
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:23][D:7]-> C:\Users\nadia\AppData\Local\Temp
[F:225][D:1]-> C:\Users\nadia\AppData\Roaming\MICROS~1\Windows\Cookies
[F:397][D:5]-> C:\Users\nadia\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:7][D:6]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 28/04/2009|17:57 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 28/04/2009|18:09 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 28/04/2009|22:22 - Option : [2]
--------------------\\ Fin du rapport a 22:22:42
[ UAC => 1 ]
voilà le dernier rapport , en esperant avoir fait ce qu'il fallait , merci de votre aide en esperant que cela fonctionne , cordialement.
DDS (Ver_09-03-16.01) - NTFSx86
Run by nadia at 22:30:38,90 on 28/04/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.33.1036.18.2046.1123 [GMT 2:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\vVX3000.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Neuf\Media Center\MediaCenter.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Neuf\Media Center\httpd\httpd.exe
C:\Program Files\Neuf\Media Center\httpd\httpd.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Users\nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TDLIAFYX\dds[1].scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://google.fr/
uURLSearchHooks: Yahoo! Toolbar avec bloqueur de fenêtres pop-up: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - d:\program files\bitcomet\tools\BitCometBHO_1.2.8.7.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Neuf Media Center] "c:\program files\neuf\media center\MediaCenter.exe"
uRun: [BitComet] "d:\program files\bitcomet\BitComet.exe" /tray
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [SecurDisc] c:\program files\nero\nero 7\incd\NBHGui.exe
mRun: [InCD] c:\program files\nero\nero 7\incd\InCD.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "d:\program files\mpcstar\codecs\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mPolicies-system: FilterAdministratorToken = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &D&ownload &with BitComet - d:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - d:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - d:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://d:\program files\bitcomet\tools\BitCometBHO_1.2.8.7.dll/206
LSP: c:\windows\system32\wpclsp.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} - hxxp://download.microsoft.com/download/1/3/7/137B2AD3-D0EE-4A5F-AFA3-FFE8A389FF95/VirtualEarth3D.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_include/5.1.1.0/ImageUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: avgrsstx.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\nadia\appdata\roaming\mozilla\firefox\profiles\moo7byt9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: d:\program files\mpcstar\codecs\quicktime\plugins\npqtplugin.dll
FF - plugin: d:\program files\mpcstar\codecs\quicktime\plugins\npqtplugin2.dll
FF - plugin: d:\program files\mpcstar\codecs\quicktime\plugins\npqtplugin3.dll
FF - plugin: d:\program files\mpcstar\codecs\quicktime\plugins\npqtplugin4.dll
FF - plugin: d:\program files\mpcstar\codecs\quicktime\plugins\npqtplugin5.dll
FF - plugin: d:\program files\mpcstar\codecs\real\browser\plugins\nppl3260.dll
FF - plugin: d:\program files\mpcstar\codecs\real\browser\plugins\nprpjplug.dll
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-3 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-1-29 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-10-3 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-10-3 298264]
S2 gupdate1c98ea82b073985;Google Update Service (gupdate1c98ea82b073985);c:\program files\google\update\GoogleUpdate.exe [2009-2-14 133104]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-2-23 55280]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
=============== Created Last 30 ================
2009-04-28 17:55 <DIR> --d----- C:\Lop SD
2009-04-26 18:12 <DIR> --d----- c:\programdata\Apple
2009-04-19 17:11 <DIR> --d----- c:\program files\common files\MSSoap
2009-04-19 17:11 <DIR> --d----- c:\program files\Motorola
2009-04-09 19:47 <DIR> --d-h--- c:\windows\msdownld.tmp
==================== Find3M ====================
2009-04-28 22:21 669,328 a------- c:\windows\system32\perfh00C.dat
2009-04-28 22:21 123,350 a------- c:\windows\system32\perfc00C.dat
2009-04-06 15:32 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 15:32 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-21 16:12 143,360 a------- c:\windows\inf\infstrng.dat
2009-03-21 16:12 51,200 a------- c:\windows\inf\infpub.dat
2009-03-21 16:12 86,016 a------- c:\windows\inf\infstor.dat
2009-03-17 05:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-17 05:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-17 05:38 24,064 a------- c:\windows\system32\amxread.dll
2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-08 13:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 13:34 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 13:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 13:33 109,056 a------- c:\windows\system32\iesysprep.dll
2009-03-08 13:33 109,568 a------- c:\windows\system32\PDMSetup.exe
2009-03-08 13:33 132,608 a------- c:\windows\system32\ieUnatt.exe
2009-03-08 13:33 107,520 a------- c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 13:33 107,008 a------- c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 13:33 103,936 a------- c:\windows\system32\SetDepNx.exe
2009-03-08 13:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 13:32 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 13:32 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 13:32 66,560 a------- c:\windows\system32\wextract.exe
2009-03-08 13:32 169,472 a------- c:\windows\system32\iexpress.exe
2009-03-08 13:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 13:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 13:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 13:22 156,160 a------- c:\windows\system32\msls31.dll
2009-03-03 06:46 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-03-03 06:46 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-03-03 06:39 183,296 a------- c:\windows\system32\sdohlp.dll
2009-03-03 06:39 551,424 a------- c:\windows\system32\rpcss.dll
2009-03-03 06:39 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 06:37 98,304 a------- c:\windows\system32\iasrecst.dll
2009-03-03 06:37 54,784 a------- c:\windows\system32\iasads.dll
2009-03-03 06:37 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-03-03 05:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 04:38 17,408 a------- c:\windows\system32\iashost.exe
2009-02-13 10:49 72,704 a------- c:\windows\system32\secur32.dll
2009-02-13 10:49 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-02-09 05:10 2,033,152 a------- c:\windows\system32\win32k.sys
2009-02-06 20:39 308,600 a------- c:\windows\WLXPGSS.SCR
2009-02-06 19:52 49,504 a------- c:\windows\system32\sirenacm.dll
2009-01-29 08:19 10,520 a------- c:\windows\system32\avgrsstx.dll
2008-11-18 20:42 14,618,605 a------- c:\programdata\vlc-0.9.6-win32.exe
2008-11-18 20:42 14,618,605 a------- c:\progra~2\vlc-0.9.6-win32.exe
2008-10-03 17:50 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-21 09:22 340,236 a------- c:\windows\inf\perflib\040c\perfi.dat
2008-01-21 09:22 340,236 a------- c:\windows\inf\perflib\040c\perfh.dat
2008-01-21 09:22 37,390 a------- c:\windows\inf\perflib\040c\perfd.dat
2008-01-21 09:22 37,390 a------- c:\windows\inf\perflib\040c\perfc.dat
2008-01-21 04:57 174 a--sh--- c:\program files\desktop.ini
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 22:31:51,13 ===============
DDS (Ver_09-03-16.01) - NTFSx86
Run by nadia at 22:30:38,90 on 28/04/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.33.1036.18.2046.1123 [GMT 2:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\vVX3000.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Neuf\Media Center\MediaCenter.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Neuf\Media Center\httpd\httpd.exe
C:\Program Files\Neuf\Media Center\httpd\httpd.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Users\nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TDLIAFYX\dds[1].scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://google.fr/
uURLSearchHooks: Yahoo! Toolbar avec bloqueur de fenêtres pop-up: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - d:\program files\bitcomet\tools\BitCometBHO_1.2.8.7.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Neuf Media Center] "c:\program files\neuf\media center\MediaCenter.exe"
uRun: [BitComet] "d:\program files\bitcomet\BitComet.exe" /tray
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [SecurDisc] c:\program files\nero\nero 7\incd\NBHGui.exe
mRun: [InCD] c:\program files\nero\nero 7\incd\InCD.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "d:\program files\mpcstar\codecs\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mPolicies-system: FilterAdministratorToken = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &D&ownload &with BitComet - d:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - d:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - d:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://d:\program files\bitcomet\tools\BitCometBHO_1.2.8.7.dll/206
LSP: c:\windows\system32\wpclsp.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} - hxxp://download.microsoft.com/download/1/3/7/137B2AD3-D0EE-4A5F-AFA3-FFE8A389FF95/VirtualEarth3D.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_include/5.1.1.0/ImageUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: avgrsstx.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\nadia\appdata\roaming\mozilla\firefox\profiles\moo7byt9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: d:\program files\mpcstar\codecs\quicktime\plugins\npqtplugin.dll
FF - plugin: d:\program files\mpcstar\codecs\quicktime\plugins\npqtplugin2.dll
FF - plugin: d:\program files\mpcstar\codecs\quicktime\plugins\npqtplugin3.dll
FF - plugin: d:\program files\mpcstar\codecs\quicktime\plugins\npqtplugin4.dll
FF - plugin: d:\program files\mpcstar\codecs\quicktime\plugins\npqtplugin5.dll
FF - plugin: d:\program files\mpcstar\codecs\real\browser\plugins\nppl3260.dll
FF - plugin: d:\program files\mpcstar\codecs\real\browser\plugins\nprpjplug.dll
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-3 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-1-29 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-10-3 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-10-3 298264]
S2 gupdate1c98ea82b073985;Google Update Service (gupdate1c98ea82b073985);c:\program files\google\update\GoogleUpdate.exe [2009-2-14 133104]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-2-23 55280]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
=============== Created Last 30 ================
2009-04-28 17:55 <DIR> --d----- C:\Lop SD
2009-04-26 18:12 <DIR> --d----- c:\programdata\Apple
2009-04-19 17:11 <DIR> --d----- c:\program files\common files\MSSoap
2009-04-19 17:11 <DIR> --d----- c:\program files\Motorola
2009-04-09 19:47 <DIR> --d-h--- c:\windows\msdownld.tmp
==================== Find3M ====================
2009-04-28 22:21 669,328 a------- c:\windows\system32\perfh00C.dat
2009-04-28 22:21 123,350 a------- c:\windows\system32\perfc00C.dat
2009-04-06 15:32 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 15:32 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-21 16:12 143,360 a------- c:\windows\inf\infstrng.dat
2009-03-21 16:12 51,200 a------- c:\windows\inf\infpub.dat
2009-03-21 16:12 86,016 a------- c:\windows\inf\infstor.dat
2009-03-17 05:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-17 05:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-17 05:38 24,064 a------- c:\windows\system32\amxread.dll
2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-08 13:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 13:34 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 13:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 13:33 109,056 a------- c:\windows\system32\iesysprep.dll
2009-03-08 13:33 109,568 a------- c:\windows\system32\PDMSetup.exe
2009-03-08 13:33 132,608 a------- c:\windows\system32\ieUnatt.exe
2009-03-08 13:33 107,520 a------- c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 13:33 107,008 a------- c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 13:33 103,936 a------- c:\windows\system32\SetDepNx.exe
2009-03-08 13:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 13:32 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 13:32 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 13:32 66,560 a------- c:\windows\system32\wextract.exe
2009-03-08 13:32 169,472 a------- c:\windows\system32\iexpress.exe
2009-03-08 13:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 13:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 13:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 13:22 156,160 a------- c:\windows\system32\msls31.dll
2009-03-03 06:46 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-03-03 06:46 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-03-03 06:39 183,296 a------- c:\windows\system32\sdohlp.dll
2009-03-03 06:39 551,424 a------- c:\windows\system32\rpcss.dll
2009-03-03 06:39 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 06:37 98,304 a------- c:\windows\system32\iasrecst.dll
2009-03-03 06:37 54,784 a------- c:\windows\system32\iasads.dll
2009-03-03 06:37 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-03-03 05:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 04:38 17,408 a------- c:\windows\system32\iashost.exe
2009-02-13 10:49 72,704 a------- c:\windows\system32\secur32.dll
2009-02-13 10:49 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-02-09 05:10 2,033,152 a------- c:\windows\system32\win32k.sys
2009-02-06 20:39 308,600 a------- c:\windows\WLXPGSS.SCR
2009-02-06 19:52 49,504 a------- c:\windows\system32\sirenacm.dll
2009-01-29 08:19 10,520 a------- c:\windows\system32\avgrsstx.dll
2008-11-18 20:42 14,618,605 a------- c:\programdata\vlc-0.9.6-win32.exe
2008-11-18 20:42 14,618,605 a------- c:\progra~2\vlc-0.9.6-win32.exe
2008-10-03 17:50 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-21 09:22 340,236 a------- c:\windows\inf\perflib\040c\perfi.dat
2008-01-21 09:22 340,236 a------- c:\windows\inf\perflib\040c\perfh.dat
2008-01-21 09:22 37,390 a------- c:\windows\inf\perflib\040c\perfd.dat
2008-01-21 09:22 37,390 a------- c:\windows\inf\perflib\040c\perfc.dat
2008-01-21 04:57 174 a--sh--- c:\program files\desktop.ini
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 22:31:51,13 ===============
Re, ![;)]( ";)")
Normalement les pub CiD devraient avoir disparu. Est-ce le cas ?
-> Tu possèdes de nombreuses barres d'outils (Toolbars) : Googletoolbar, Yahoo toolbar, ceci peut ralentir ta navigation.
Supprime celle dont tu ne te sert pas via le gestionnaire des programmes.
Pour terminer :
/!\ Désactive tes protections résidentes /!\
Télécharge et installe Hijackthis
Lance Hijackthis situé ici :
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
Clic sur :
![]()
Coche ces lignes ( si présentes) :
O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
O3 - Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
O3 - Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Et clic sur :
![]()
Valide et ferme.
/!\ N'oublie pas de réactiver tes protections résidentes : Tea timer de spybot, UAC ... /!\
Puis :
Télécharge CCleaner Slim (sans toolbar) de Piriform :
Lance l'installation en double cliquant sur le fichier Ccleaner***_slim.exe. (aide ici)
Ceci terminé, lance le programme.
Choisis Options -> Avancé -> et décoche "Effacer uniquement les fichiers du dossier temp plus vieux que 48h"
Choisis "Nettoyeur" puis clique sur "Analyse"
Laissez faire puis clique sur "Lancer le nettoyage" et accepte l'avertissement avec "Oui"
Choisisse ensuite "Registre" puis clique sur "Chercher les erreurs"
Laissez faire le scan puis clique sur "Réparer les erreurs sélectionnées"
Enregistre la sauvegarde en cliquant sur "Oui"
puis clique sur "Corriger toutes les erreurs sélectionnées"
Valide l'avertissement en cliquant sur "Oui"
Ferme le programme
Supprime enfin les outils utiliser :
Lop S&D (et son dossier : C:\Lop SD)
DDS[/li]
Hijackthis (via le gestionnaire des programmes)
Pour aller plus loin dans ta protection et éviter de te faire réinfecter voici quelques conseils supplémentaires :
Utiliser un navigateur alternatif pour surfer de manière plus sécurisée :
Firefox offre une meilleure sécurité par rapport à Internet Explorer, surtout si on le complète de quelques plugins très intéressant : Noscript et AdblockPlus.
Surfer sans les droits d'administration : En session limitée ou avec DropMyRight
Cela diminue considérablement les risques d'infections, car certaines infection ne peuvent alors plus s'installer.
Maintenir ses logiciels et son système à jour :
De nombreuses infections sont dû à des failles de windows, mais aussi de logiciel tiers, comme Sun Java, Adobe Acrobat Reader, etc
Tu peux faire un scan de vulnérabilité pour connaitre tes logiciels présentant des failles non corrigées ou à mettre à jour.
Enfin, le plus important reste ton comportement sur ton PC, tu restes la plus importante protection : Évites les comportement à risque : P2P, cracks, téléchargements et installations douteux via des pubs, les messageries instantannées, ou des sites inconnu, sites pornographiques. A lire !
Normalement les pub CiD devraient avoir disparu. Est-ce le cas ?
-> Tu possèdes de nombreuses barres d'outils (Toolbars) : Googletoolbar, Yahoo toolbar, ceci peut ralentir ta navigation.
Supprime celle dont tu ne te sert pas via le gestionnaire des programmes.
Pour terminer :
/!\ Désactive tes protections résidentes /!\
Télécharge et installe Hijackthis
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
Clic sur :
Coche ces lignes ( si présentes) :
Citation :
O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
O3 - Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
O3 - Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Et clic sur :
Valide et ferme.
/!\ N'oublie pas de réactiver tes protections résidentes : Tea timer de spybot, UAC ... /!\
Puis :
Télécharge CCleaner Slim (sans toolbar) de Piriform :
Supprime enfin les outils utiliser :
Pour aller plus loin dans ta protection et éviter de te faire réinfecter voici quelques conseils supplémentaires :
Firefox offre une meilleure sécurité par rapport à Internet Explorer, surtout si on le complète de quelques plugins très intéressant : Noscript et AdblockPlus.
Cela diminue considérablement les risques d'infections, car certaines infection ne peuvent alors plus s'installer.
De nombreuses infections sont dû à des failles de windows, mais aussi de logiciel tiers, comme Sun Java, Adobe Acrobat Reader, etc
Tu peux faire un scan de vulnérabilité pour connaitre tes logiciels présentant des failles non corrigées ou à mettre à jour.
Enfin, le plus important reste ton comportement sur ton PC, tu restes la plus importante protection : Évites les comportement à risque : P2P, cracks, téléchargements et installations douteux via des pubs, les messageries instantannées, ou des sites inconnu, sites pornographiques. A lire !
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumPage de pub intempestive firefox
- Forum ouverture intempestive d'une page internet
- ForumRésolu : Ouverture page internet explorer intempestive
- ForumPb : Ouverture page internet explorer intempestive
- ForumOuverture page de pub intempestive
- ForumOuverture intempestive de page sur le web
- ForumOuverture de page mozilla intempestive [Résolu]
- Forum[RESOLU] Ouverture de page de pub intempestive avec IE et Firefox
- ForumProblèmes Publicités intempestives(non CiD) virus AntiMalware [Résolu]
- Voir plus
