Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

invasion de fenetre de pub CID et autres

 

12 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

invasion de fenetre de pub CID et autres

Prévenir les modérateurs en cas d'abus 
océana9
oceana9
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/10/2008 à 11:15:33  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour, mes enfants ont sur leur pc une invasion intenpestive de fenêtres de pub CID et autres...
 pourriez-vous m'aider s'il vous plait?
 j'ai bien vu que je n'étais pas la seule mais ne voulant pas suivre bétement les instructions au risque de faire une bétise je préfère ouvrir un autre sujet.
 merci pour vos réponses à l'avance.

  1. homepage
naheulbeuk7
Membre impliqué (de 20 000 à 29 999 messages postés)
  1. Posté le 21/10/2008 à 12:25:02  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour,

 Si tu es sous vista : désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer , fais le )

 Télécharge Lop S&D de Angeldark et Eric71 sur ton bureau.

 
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
  • Séléctionne la langue souhaitée, puis choisis l'Option 1 ( Recherche )
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré ( C:\lopR.txt )

 ( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide).

 ;)


---------------
Visitez mon site sur la sécurité informatique : http://www.site-naheulbeuk.com
(Publicité)
oceana9
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/10/2008 à 13:13:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 


--------------------\\  Lop S&D 4.2.4-6   XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )

BIOS : 686P2 v2.04

USER : léa da cunha ( Administrator )

BOOT : Normal boot

Antivirus : McAfee VirusScan  (Activated)

Firewall  : McAfee Personal Firewall  (Activated)

C:\ (Local Disk) - NTFS - Total : 13 Go Free : 4 Go

D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 20-10-2008|20:35 )

Option : [1] ( 21/10/2008|15:03 )

--------------------\\  Listing des dossiers dans APPLIC~1

[21/03/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Adobe

[07/03/2008|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​FLEXnet

[19/10/2008|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Google

[01/03/2008|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Hewlett-Packard

[04/06/2008|13:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​HiYo

[21/03/2008|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​HP

[24/02/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​IM

[24/02/2008|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​IncrediMail

[20/10/2008|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Lavasoft

[07/10/2008|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​manager exit list active

[20/10/2008|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​McAfee

[21/03/2008|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Microsoft

[21/03/2008|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Microsoft Help

[08/03/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​pdf995

[07/10/2008|16:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​SiteAdvisor

[04/03/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Spybot - Search & Destroy

[07/10/2008|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​TuneUp Software

[01/03/2008|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​WEBREG

[24/02/2008|09:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Windows Genuine Advantage

[21/03/2008|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​WLInstaller

[24/02/2008|00:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\​Microsoft

[08/03/2008|17:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\​McAfee

[20/10/2008|17:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\​Microsoft

[10/10/2008|12:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\​SACore

[01/07/2008|22:15] C:\DOCUME~1\LADACU~1\APPLIC~1\​Adobe

[21/03/2008|20:26] C:\DOCUME~1\LADACU~1\APPLIC~1\​DivX

[25/07/2008|16:43] C:\DOCUME~1\LADACU~1\APPLIC~1\​EoRezo

[21/03/2008|19:09] C:\DOCUME~1\LADACU~1\APPLIC~1\​Google

[16/03/2008|20:04] C:\DOCUME~1\LADACU~1\APPLIC~1\​Identities

[23/07/2008|13:39] C:\DOCUME~1\LADACU~1\APPLIC~1\​ItsLabel

[04/06/2008|11:59] C:\DOCUME~1\LADACU~1\APPLIC~1\​Leadertech

[16/10/2008|16:27] C:\DOCUME~1\LADACU~1\APPLIC~1\​LimeWire

[08/10/2008|10:40] C:\DOCUME~1\LADACU~1\APPLIC~1\​Macromedia

[24/06/2008|09:39] C:\DOCUME~1\LADACU~1\APPLIC~1\​McAfee

[21/03/2008|20:26] C:\DOCUME~1\LADACU~1\APPLIC~1\​Media Player Classic

[20/10/2008|17:43] C:\DOCUME~1\LADACU~1\APPLIC~1\​Microsoft

[07/10/2008|22:36] C:\DOCUME~1\LADACU~1\APPLIC~1\​Mozilla

[20/10/2008|12:37] C:\DOCUME~1\LADACU~1\APPLIC~1\​SiteAdvisor

[16/07/2008|16:39] C:\DOCUME~1\LADACU~1\APPLIC~1\​Sun

[07/10/2008|23:27] C:\DOCUME~1\LADACU~1\APPLIC~1\​TuneUp Software

[08/10/2008|10:38] C:\DOCUME~1\LADACU~1\APPLIC~1\​vlc

[20/10/2008|17:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\​Microsoft

[21/03/2008|14:01] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Adobe

[13/03/2008|16:12] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Download Manager

[08/03/2008|14:44] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Google

[08/03/2008|17:48] C:\DOCUME~1\SANDRI~1\APPLIC~1\​HP

[24/02/2008|00:20] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Identities

[24/02/2008|00:22] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Macromedia

[26/02/2008|12:15] C:\DOCUME~1\SANDRI~1\APPLIC~1\​McAfee

[25/02/2008|14:55] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Media Player Classic

[20/10/2008|17:43] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Microsoft

[24/02/2008|10:02] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Mozilla

[08/03/2008|17:51] C:\DOCUME~1\SANDRI~1\APPLIC~1\​pdf995

[21/03/2008|12:35] C:\DOCUME~1\SANDRI~1\APPLIC~1\​StarOffice8

[04/03/2008|15:44] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Sun

[04/03/2008|15:45] C:\DOCUME~1\SANDRI~1\APPLIC~1\​SystemRequirementsLab

[24/02/2008|10:02] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Talkback

[24/02/2008|10:01] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Thunderbird

[24/02/2008|02:09] C:\DOCUME~1\SANDRI~1\APPLIC~1\​TuneUp Software

[19/03/2008|11:40] C:\DOCUME~1\SANDRI~1\APPLIC~1\​VideoEgg

[04/06/2008|12:04] C:\DOCUME~1\SANDRI~1\APPLIC~1\​vlc

--------------------\\  Tâches planifiées dans C:\WINDOWS\tasks

[20/10/2008 23:14][--a------] C:\WINDOWS\tasks\McDefragTask.​job

[20/10/2008 23:14][--a------] C:\WINDOWS\tasks\McQcTask.job

[17/10/2008 17:37][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job

[21/10/2008 14:45][--ah-----] C:\WINDOWS\tasks\SA.DAT

[02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\  Listing des dossiers dans C:\Program Files

[04/06/2008|13:43] C:\Program Files\A.S.C

[01/07/2008|22:29] C:\Program Files\Adobe

[06/03/2008|11:46] C:\Program Files\AIDA32 - Personal System Information

[24/02/2008|00:03] C:\Program Files\ComPlus Applications

[20/10/2008|23:12] C:\Program Files\Fichiers communs

[24/02/2008|00:22] C:\Program Files\Free

[20/10/2008|10:13] C:\Program Files\Google

[08/10/2008|13:02] C:\Program Files\InstallShield Installation Information

[20/10/2008|11:48] C:\Program Files\Internet Explorer

[25/02/2008|11:54] C:\Program Files\K-Lite Codec Pack

[08/10/2008|13:05] C:\Program Files\Logitech

[21/10/2008|10:26] C:\Program Files\McAfee

[20/10/2008|23:13] C:\Program Files\McAfee.com

[25/03/2008|23:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[24/02/2008|00:10] C:\Program Files\microsoft frontpage

[13/10/2008|23:16] C:\Program Files\Microsoft Office

[24/02/2008|10:44] C:\Program Files\Microsoft SQL Server Compact Edition

[08/10/2008|13:53] C:\Program Files\Movie Maker

[21/10/2008|15:01] C:\Program Files\Mozilla Firefox

[25/02/2008|13:12] C:\Program Files\MSECache

[24/02/2008|00:03] C:\Program Files\MSN Gaming Zone

[02/03/2008|23:52] C:\Program Files\MSXML 4.0

[08/10/2008|13:43] C:\Program Files\NetMeeting

[08/10/2008|13:43] C:\Program Files\Outlook Express

[24/02/2008|00:06] C:\Program Files\Services en ligne

[16/10/2008|16:11] C:\Program Files\Sun

[04/03/2008|15:45] C:\Program Files\SystemRequirementsLab

[07/10/2008|23:27] C:\Program Files\TuneUp Utilities 2007

[24/02/2008|00:20] C:\Program Files\Uninstall Information

[20/10/2008|11:22] C:\Program Files\Windows Live

[25/02/2008|16:28] C:\Program Files\Windows Media Connect 2

[08/10/2008|13:43] C:\Program Files\Windows Media Player

[20/10/2008|11:05] C:\Program Files\Windows NT

[24/02/2008|00:06] C:\Program Files\WindowsUpdate

[24/02/2008|00:10] C:\Program Files\xerox

[25/02/2008|12:25] C:\Program Files\Xvid

--------------------\\  Listing des dossiers dans C:\Program Files\Fichiers communs

[21/03/2008|14:05] C:\Program Files\Fichiers communs\Adobe

[24/03/2008|16:26] C:\Program Files\Fichiers communs\InstallShield

[24/03/2008|16:31] C:\Program Files\Fichiers communs\Logitech

[20/10/2008|23:15] C:\Program Files\Fichiers communs\McAfee

[20/10/2008|11:22] C:\Program Files\Fichiers communs\Microsoft Shared

[24/02/2008|00:05] C:\Program Files\Fichiers communs\MSSoap

[24/02/2008|00:33] C:\Program Files\Fichiers communs\ODBC

[24/02/2008|00:05] C:\Program Files\Fichiers communs\Services

[24/02/2008|00:32] C:\Program Files\Fichiers communs\SpeechEngines

[08/10/2008|13:43] C:\Program Files\Fichiers communs\System

[24/02/2008|10:39] C:\Program Files\Fichiers communs\WindowsLiveInstaller

[20/10/2008|22:35] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\  Process

( 37 Processes )

IEXPLORE.EXE ~ [PID:2876]

--------------------\\  Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\  Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\  Verification du Registre

..... OK !

--------------------\\  Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\  Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-10-21 15:07:57

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 547
 voici le rapport LOP&SD demandé
 merci

--------------------\\  Recherche d'autres infections

Aucune autre infection trouvée  !

[F:8][D:1]-> C:\DOCUME~1\LADACU~1\LOCALS~1\​Temp

[F:13][D:0]-> C:\DOCUME~1\LADACU~1\Cookies

[F:695][D:5]-> C:\DOCUME~1\LADACU~1\LOCALS~1\​TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 21/10/2008|15:10 - Option : [1]

--------------------\\  Fin du rapport a 15:10:28

oceana9
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/10/2008 à 13:16:23  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
oups!!! j'ai écris en plein milieu

 alors voici le rapport LOP&SD demandé :

--------------------\\  Lop S&D 4.2.4-6   XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )

BIOS : 686P2 v2.04

USER : léa da cunha ( Administrator )

BOOT : Normal boot

Antivirus : McAfee VirusScan  (Activated)

Firewall  : McAfee Personal Firewall  (Activated)

C:\ (Local Disk) - NTFS - Total : 13 Go Free : 4 Go

D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 20-10-2008|20:35 )

Option : [1] ( 21/10/2008|15:03 )

--------------------\\  Listing des dossiers dans APPLIC~1

[21/03/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Adobe

[07/03/2008|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​FLEXnet

[19/10/2008|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Google

[01/03/2008|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Hewlett-Packard

[04/06/2008|13:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​HiYo

[21/03/2008|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​HP

[24/02/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​IM

[24/02/2008|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​IncrediMail

[20/10/2008|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Lavasoft

[07/10/2008|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​manager exit list active

[20/10/2008|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​McAfee

[21/03/2008|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Microsoft

[21/03/2008|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Microsoft Help

[08/03/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​pdf995

[07/10/2008|16:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​SiteAdvisor

[04/03/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Spybot - Search & Destroy

[07/10/2008|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​TuneUp Software

[01/03/2008|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​WEBREG

[24/02/2008|09:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​Windows Genuine Advantage

[21/03/2008|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\​WLInstaller

[24/02/2008|00:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\​Microsoft

[08/03/2008|17:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\​McAfee

[20/10/2008|17:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\​Microsoft

[10/10/2008|12:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\​SACore

[01/07/2008|22:15] C:\DOCUME~1\LADACU~1\APPLIC~1\​Adobe

[21/03/2008|20:26] C:\DOCUME~1\LADACU~1\APPLIC~1\​DivX

[25/07/2008|16:43] C:\DOCUME~1\LADACU~1\APPLIC~1\​EoRezo

[21/03/2008|19:09] C:\DOCUME~1\LADACU~1\APPLIC~1\​Google

[16/03/2008|20:04] C:\DOCUME~1\LADACU~1\APPLIC~1\​Identities

[23/07/2008|13:39] C:\DOCUME~1\LADACU~1\APPLIC~1\​ItsLabel

[04/06/2008|11:59] C:\DOCUME~1\LADACU~1\APPLIC~1\​Leadertech

[16/10/2008|16:27] C:\DOCUME~1\LADACU~1\APPLIC~1\​LimeWire

[08/10/2008|10:40] C:\DOCUME~1\LADACU~1\APPLIC~1\​Macromedia

[24/06/2008|09:39] C:\DOCUME~1\LADACU~1\APPLIC~1\​McAfee

[21/03/2008|20:26] C:\DOCUME~1\LADACU~1\APPLIC~1\​Media Player Classic

[20/10/2008|17:43] C:\DOCUME~1\LADACU~1\APPLIC~1\​Microsoft

[07/10/2008|22:36] C:\DOCUME~1\LADACU~1\APPLIC~1\​Mozilla

[20/10/2008|12:37] C:\DOCUME~1\LADACU~1\APPLIC~1\​SiteAdvisor

[16/07/2008|16:39] C:\DOCUME~1\LADACU~1\APPLIC~1\​Sun

[07/10/2008|23:27] C:\DOCUME~1\LADACU~1\APPLIC~1\​TuneUp Software

[08/10/2008|10:38] C:\DOCUME~1\LADACU~1\APPLIC~1\​vlc

[20/10/2008|17:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\​Microsoft

[21/03/2008|14:01] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Adobe

[13/03/2008|16:12] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Download Manager

[08/03/2008|14:44] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Google

[08/03/2008|17:48] C:\DOCUME~1\SANDRI~1\APPLIC~1\​HP

[24/02/2008|00:20] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Identities

[24/02/2008|00:22] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Macromedia

[26/02/2008|12:15] C:\DOCUME~1\SANDRI~1\APPLIC~1\​McAfee

[25/02/2008|14:55] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Media Player Classic

[20/10/2008|17:43] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Microsoft

[24/02/2008|10:02] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Mozilla

[08/03/2008|17:51] C:\DOCUME~1\SANDRI~1\APPLIC~1\​pdf995

[21/03/2008|12:35] C:\DOCUME~1\SANDRI~1\APPLIC~1\​StarOffice8

[04/03/2008|15:44] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Sun

[04/03/2008|15:45] C:\DOCUME~1\SANDRI~1\APPLIC~1\​SystemRequirementsLab

[24/02/2008|10:02] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Talkback

[24/02/2008|10:01] C:\DOCUME~1\SANDRI~1\APPLIC~1\​Thunderbird

[24/02/2008|02:09] C:\DOCUME~1\SANDRI~1\APPLIC~1\​TuneUp Software

[19/03/2008|11:40] C:\DOCUME~1\SANDRI~1\APPLIC~1\​VideoEgg

[04/06/2008|12:04] C:\DOCUME~1\SANDRI~1\APPLIC~1\​vlc

--------------------\\  Tâches planifiées dans C:\WINDOWS\tasks

[20/10/2008 23:14][--a------] C:\WINDOWS\tasks\McDefragTask.​job

[20/10/2008 23:14][--a------] C:\WINDOWS\tasks\McQcTask.job

[17/10/2008 17:37][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job

[21/10/2008 14:45][--ah-----] C:\WINDOWS\tasks\SA.DAT

[02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\  Listing des dossiers dans C:\Program Files

[04/06/2008|13:43] C:\Program Files\A.S.C

[01/07/2008|22:29] C:\Program Files\Adobe

[06/03/2008|11:46] C:\Program Files\AIDA32 - Personal System Information

[24/02/2008|00:03] C:\Program Files\ComPlus Applications

[20/10/2008|23:12] C:\Program Files\Fichiers communs

[24/02/2008|00:22] C:\Program Files\Free

[20/10/2008|10:13] C:\Program Files\Google

[08/10/2008|13:02] C:\Program Files\InstallShield Installation Information

[20/10/2008|11:48] C:\Program Files\Internet Explorer

[25/02/2008|11:54] C:\Program Files\K-Lite Codec Pack

[08/10/2008|13:05] C:\Program Files\Logitech

[21/10/2008|10:26] C:\Program Files\McAfee

[20/10/2008|23:13] C:\Program Files\McAfee.com

[25/03/2008|23:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[24/02/2008|00:10] C:\Program Files\microsoft frontpage

[13/10/2008|23:16] C:\Program Files\Microsoft Office

[24/02/2008|10:44] C:\Program Files\Microsoft SQL Server Compact Edition

[08/10/2008|13:53] C:\Program Files\Movie Maker

[21/10/2008|15:01] C:\Program Files\Mozilla Firefox

[25/02/2008|13:12] C:\Program Files\MSECache

[24/02/2008|00:03] C:\Program Files\MSN Gaming Zone

[02/03/2008|23:52] C:\Program Files\MSXML 4.0

[08/10/2008|13:43] C:\Program Files\NetMeeting

[08/10/2008|13:43] C:\Program Files\Outlook Express

[24/02/2008|00:06] C:\Program Files\Services en ligne

[16/10/2008|16:11] C:\Program Files\Sun

[04/03/2008|15:45] C:\Program Files\SystemRequirementsLab

[07/10/2008|23:27] C:\Program Files\TuneUp Utilities 2007

[24/02/2008|00:20] C:\Program Files\Uninstall Information

[20/10/2008|11:22] C:\Program Files\Windows Live

[25/02/2008|16:28] C:\Program Files\Windows Media Connect 2

[08/10/2008|13:43] C:\Program Files\Windows Media Player

[20/10/2008|11:05] C:\Program Files\Windows NT

[24/02/2008|00:06] C:\Program Files\WindowsUpdate

[24/02/2008|00:10] C:\Program Files\xerox

[25/02/2008|12:25] C:\Program Files\Xvid

--------------------\\  Listing des dossiers dans C:\Program Files\Fichiers communs

[21/03/2008|14:05] C:\Program Files\Fichiers communs\Adobe

[24/03/2008|16:26] C:\Program Files\Fichiers communs\InstallShield

[24/03/2008|16:31] C:\Program Files\Fichiers communs\Logitech

[20/10/2008|23:15] C:\Program Files\Fichiers communs\McAfee

[20/10/2008|11:22] C:\Program Files\Fichiers communs\Microsoft Shared

[24/02/2008|00:05] C:\Program Files\Fichiers communs\MSSoap

[24/02/2008|00:33] C:\Program Files\Fichiers communs\ODBC

[24/02/2008|00:05] C:\Program Files\Fichiers communs\Services

[24/02/2008|00:32] C:\Program Files\Fichiers communs\SpeechEngines

[08/10/2008|13:43] C:\Program Files\Fichiers communs\System

[24/02/2008|10:39] C:\Program Files\Fichiers communs\WindowsLiveInstaller

[20/10/2008|22:35] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\  Process

( 37 Processes )

IEXPLORE.EXE ~ [PID:2876]

--------------------\\  Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\  Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\  Verification du Registre

..... OK !

--------------------\\  Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\  Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-10-21 15:07:57

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 547

--------------------\\  Recherche d'autres infections

Aucune autre infection trouvée  !

[F:8][D:1]-> C:\DOCUME~1\LADACU~1\LOCALS~1\​Temp

[F:13][D:0]-> C:\DOCUME~1\LADACU~1\Cookies

[F:695][D:5]-> C:\DOCUME~1\LADACU~1\LOCALS~1\​TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 21/10/2008|15:10 - Option : [1]

--------------------\\  Fin du rapport a 15:10:28

  1. homepage
naheulbeuk7
Membre impliqué (de 20 000 à 29 999 messages postés)
  1. Posté le 21/10/2008 à 13:17:30  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
re,

 Télécharge HijackThis

 Guide d'utilisation : http://www.site-naheulbeuk.com/hijackthis.php

 Clique alors sur "Do a system scan and save a logfile"
 Le scan se fait très rapidement, puis un bloc-note apparaît
 (le "logfile" )
 Dans ce bloc-note, va dans "Edition", puis "Selectionner Tout",
 le texte est alors séléctionné, retourne dans "Edition" toujours
 en laissant le texte séléctionné, et clique sur copier.
 Colle le contenu ici dans ta prochaine réponse !

 ;)


---------------
Visitez mon site sur la sécurité informatique : http://www.site-naheulbeuk.com
(Publicité)
oceana9
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/10/2008 à 13:24:44  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voici le rapport du scan hijackthis :

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 15:23:16, on 21/10/2008
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v7.00 (7.00.6000.16735)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\McAfee\SiteAdvisor\McSAC​ore.exe
 C:\PROGRA~1\McAfee\MSC\mcmscsv​c.exe
 c:\PROGRA~1\FICHIE~1\mcafee\mn​a\mcnasvc.exe
 c:\PROGRA~1\FICHIE~1\mcafee\mc​proxy\mcproxy.exe
 C:\PROGRA~1\McAfee\VIRUSS~1\mc​shield.exe
 C:\Program Files\McAfee\MPF\MPFSrv.exe
 C:\Program Files\McAfee\MSK\MskSrver.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\Explorer.EXE
 c:\PROGRA~1\mcafee.com\agent\m​cagent.exe
 C:\WINDOWS\vVX1000.exe
 C:\WINDOWS\system32\LVCOMSX.EX​E
 C:\Program Files\Logitech\Video\LogiTray.​exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Internet Explorer\IEXPLORE.EXE
 C:\Program Files\Logitech\Video\FxSvr2.ex​e
 C:\PROGRA~1\McAfee\VIRUSS~1\mc​sysmon.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\hijackthis\HijackThis.ex​e

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.yahoo.com/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = localhost
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD​3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho​.dll
 O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E​497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
 O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723​696E350} - (no file)
 O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F​01C5231} - C:\Program Files\McAfee\VirusScan\scripts​n.dll
 O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E​90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mc​ieplg.dll
 O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516AB​ECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mc​ieplg.dll
 O4 - HKLM\..\Run: [VX1000] "C:\WINDOWS\vVX1000.exe"
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [LVCOMSX] "C:\WINDOWS\system32\LVCOMSX.E​XE"
 O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.e​xe"
 O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.​exe"
 O4 - HKLM\..\Run: [List active junk film] C:\Documents and Settings\All Users\Application Data\manager exit list active\REMOTE FREE.exe
 O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent​.exe" /runkey
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestE​ngine.exe" boot
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD8​4642501} (Checkers Class) - http://messenger.zone.msn.com/ [...] b56986.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E​6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Ins [...] lisher.exe
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O17 - HKLM\System\CCS\Services\Tcpip​\..\{F1397410-A1E6-4BBA-924B-2​78E7DA752E1}: NameServer = 212.27.53.252,212.27.54.252
 O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-06739​4E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mc​ieplg.dll
 O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSAC​ore.exe
 O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsv​c.exe
 O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mn​a\mcnasvc.exe
 O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mc​ods.exe
 O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mc​proxy\mcproxy.exe
 O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mc​shield.exe
 O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mc​sysmon.exe
 O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
 O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

 --
 End of file - 6578 bytes

  1. homepage
naheulbeuk7
Membre impliqué (de 20 000 à 29 999 messages postés)
  1. Posté le 21/10/2008 à 13:34:03  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
re, :)

 fais ceci dans l'ordre et en entier :

 Note: Cette procédure a été créée spécifiquement pour cet utilisateur ! Si vous n'êtes pas cet utilisateur en question, ne suivez pas ces instructions au risque d'endommager votre PC !!!

 1/ relance hijackthis et coche les cases devant ces lignes (si présentes) :

 



O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723​696E350} - (no file)
 O4 - HKLM\..\Run: [List active junk film] C:\Documents and Settings\All Users\Application Data\manager exit list active\REMOTE FREE.exe
 O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E​6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Ins [...] lisher.exe




 Puis ferme toutes les autres fenêtres autres que hijackthis et clic sur "fix checked"

 2/ ferme hijackthis

 3/ désinstalle eoRezo via ajout/suppr de programmes si présent

 4/ Télécharge ComboFix (créé par sUBs) sur ton Bureau

 Copie ce qui est en citation ci-dessous (intérieur du cadre) par sélection puis Ctrl-C :

 



Folder::
 C:\Program Files\eoRezo
 C:\Documents and Settings\All Users\Application Data\manager exit list active





 -Ouvre le Bloc-Notes puis colle le texte copié.
 (Démarrer\Tous les programmes\Accessoires\Bloc notes)
 -Enregistre ce fichier dans: Bureau
 -Nom du fichier : CFScript.txt
 -Type du fichier : tous les fichiers
 -clique sur Enregistrer
 -quitte le Bloc Notes


 

  • Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture

 http://img.photobucket.com/alb​ums/v666/sUBs/CFScript.gif

* Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

 @++ :hello:


---------------
Visitez mon site sur la sécurité informatique : http://www.site-naheulbeuk.com
oceana9
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/10/2008 à 13:38:50  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
re,
 quand tu dis "relance hijackthis", c'est à dire que je refais la même manip?
 je rescan?

(Publicité)
  1. homepage
naheulbeuk7
Membre impliqué (de 20 000 à 29 999 messages postés)
  1. Posté le 21/10/2008 à 13:45:52  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
tu ouvre hijackthis et tu clic sur "do a system scan only" dans le menu de hijackthis ;)


---------------
Visitez mon site sur la sécurité informatique : http://www.site-naheulbeuk.com
oceana9
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/10/2008 à 14:24:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
désolé, ou je n'ai pas compris ou fais une mauvaise manip car un carré bleu s'affiche C&A et j'ai bien copié collé ce qui était dans le rectancle ci dessus :
 Folder::
 C:\Program Files\eoRezo
 C:\Documents and Settings\All Users\Application Data\manager exit list active
 puis une fenêtre s'est ouverte puis refermé aussi sec, donc j'ai pas pu voir ce que c'était et pas de rapport???
 ensuite dans le carré bleu ça dit : la syntaxe de la commande est incorrecte.
 puis dans une autre fenêtre j'ai eu :

 "combofix has detected that this machine does not have the "WINDOWS RECOVERY CONSOLE"
 it would be in your best interest to have it installed.
 would you like to do so now?
 *note*- this requires an active internet connection? yes no"

  1. homepage
naheulbeuk7
Membre impliqué (de 20 000 à 29 999 messages postés)
  1. Posté le 21/10/2008 à 17:26:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
alors... il faut copier puis coller ceci :

 



Folder::
 C:\Program Files\eoRezo
 C:\Documents and Settings\All Users\Application Data\manager exit list active




 dans un fichier bloc notes, que tu enregeistre sous le nom "CFScript.txt" puis tu suis la manip' décrite au-dessus, tu n'as qu'à suivre pas à pas mes instructions, tout est expliqué... ;)


---------------
Visitez mon site sur la sécurité informatique : http://www.site-naheulbeuk.com
(Publicité)
oceana9
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/10/2008 à 17:36:55  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
oui, alors effectivement je me suis enmélé les pinceaux  :whistle:
 alors j'ai bien procédé comme ci-dessus expliquer mais c'est la même réponse, la syntaxe de la commande est incorrecte.

  1. homepage
naheulbeuk7
Membre impliqué (de 20 000 à 29 999 messages postés)
  1. Posté le 21/10/2008 à 17:56:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
fais ce a la place alors ;)

 Télécharge OTMoveIt2 (de Old_Timer) sur ton Bureau.

 
  • Double-clique sur OTMoveIt.exe pour le lancer.
  • Assure toi que la case "Unregister Dll's and Ocx's" soit bien cochée !!!
  • Copie le texte qui se trouve dans l'encadré ci-dessous, et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved.

 



C:\Program Files\eoRezo\
 C:\Documents and Settings\All Users\Application Data\manager exit list active\




 

  • Clique sur MoveIt! pour lancer la suppression.
  • Si OTMoveIt propose de redémarrer ton PC, accepte.
  • Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.

 
  • Dans ta future réponse, envoie le rapport de OTMoveIt situé dans ce dossier : C:\_OTMoveIt\MovedFiles.txt\

 :p


---------------
Visitez mon site sur la sécurité informatique : http://www.site-naheulbeuk.com
oceana9
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/10/2008 à 18:08:08  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
alors si j'ai bien fais comme expliquer ci-dessus voilà ce que j'obtiens :

 Folder C:\Program Files\eoRezo\ not found.
 C:\Documents and Settings\All Users\Application Data\manager exit list active moved successfully.
 
 OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 10212008_200124

 est-ce bien celà?

(Publicité)
  1. homepage
naheulbeuk7
Membre impliqué (de 20 000 à 29 999 messages postés)
  1. Posté le 21/10/2008 à 18:24:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bien :super:

 Passe un coup de MalwareBytes (scan complet) et nettoie tout ce qu'il trouve
 Aide : http://www.site-naheulbeuk.com/malwarebytes.php
 Post moi le rapport généré à la fin dans ta prochaine réponse :)

 ;)


---------------
Visitez mon site sur la sécurité informatique : http://www.site-naheulbeuk.com
oceana9
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 22/10/2008 à 07:42:21  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour, hier soir le scan de malwarebytes s'est terminé tard, je crois bien que c'est fini, plus de fenetre de pub :youpi:

 voici le rapport de malwarebytes :

 Malwarebytes' Anti-Malware 1.29
 Version de la base de données: 1304
 Windows 5.1.2600 Service Pack 3

 2008-10-22 09:33:40
 mbam-log-2008-10-22 (09-33-39).txt

 Type de recherche: Examen complet (C:\|)
 Eléments examinés: 82740
 Temps écoulé: 1 hour(s), 42 minute(s), 37 second(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 23
 Valeur(s) du Registre infectée(s): 0
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 13
 Fichier(s) infecté(s): 154

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 HKEY_CLASSES_ROOT\videoegg.act​ivexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\videoegg.act​ivexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{e282c​728-189d-419e-8ee2-1601f4b39ba​5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{e1a63​484-a022-4d42-830a-fbd41151444​0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{dc3a0​4ee-cdd7-4407-915c-a5502f97eec​d} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{db8cc​e99-59c6-4552-8bfc-058feb38d6c​e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{d1772​6cc-d4dd-4c4a-9671-471d56e413b​5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{c5041​fd9-4819-4dc4-b20e-c950b5b03d2​a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{bb187​c0d-6f53-4f3e-9590-98fd3a7364a​2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{ad591​5ea-b61a-4dba-b5c8-ef4b2df0a3c​7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{ad0a3​058-fd49-4f98-a514-fd055201835​e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{a58c4​97b-3ee2-45e7-9594-daca6be2a0d​0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{a3d06​987-c35e-49e4-8fe2-ac67b9fbfb4​c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{9856e​2d8-ffb2-4fe5-8cad-d5ad6a35a80​4} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{8f6a8​2a2-d7b1-443e-bb9f-f7dc887dd61​8} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{88d6c​f0e-cf70-4c24-bf6e-e4e414bc649​c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{83dfb​6ee-ab18-41b5-86d4-b544a141d67​e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{5c29c​7e4-5321-4cad-be2e-877666bed5d​f} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{3f91e​b90-ef62-44ee-a685-fac29af111c​d} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{1a864​2f1-dc80-4edc-a39d-0fb62a58b45​5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{168dc​258-1455-4e61-8590-9dac2f27b67​5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Vi​deoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@videoegg.com/pub​lisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.

 Valeur(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

 Fichier(s) infecté(s):
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Updater\updater.​exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Updater\VideoEgg​Broker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Updater\VideoEgg​Broker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Program Files\hijackthis\backups\backu​p-20081021-155650-527.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\System Volume Information\_restore{3E982497-​38F7-4BCE-95EB-32A516E248A2}\R​P235\A0106557.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Loader\loader.ve​r (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\publis​her.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\a​vcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\c​rashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\F​LVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\l​ame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\L​evelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\l​ibcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\l​ibpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\n​pvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\V​ideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\z​lib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\aol_w​atermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\audio​_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\audio​_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\big_g​ray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\big_l​ogo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\blank​_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\butto​n_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\butto​n_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\butto​n_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\camco​rders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\camco​rder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\camco​rder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\corne​rs_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\corne​rs_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\corne​rs_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\corne​rs_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\done.​png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\done_​capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\done_​capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\done_​capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\done_​down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\done_​over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\drops​hadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\drops​hadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\drops​hadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\dropz​one.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\dv_fa​st_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\dv_pa​use.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\dv_pl​ay.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\dv_re​wind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\dv_st​op.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\email​_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\email​_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\email​_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\email​_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\erase​r.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\erase​r_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\file_​btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\file_​slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\help.​png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\icon_​webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\loadi​ng.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\loadi​ng_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\locat​ing.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\logo.​png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\logo_​bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\logo_​middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\logo_​top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\mobil​e_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\mobil​e_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\mobil​e_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\movie​_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\ok.pn​g (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\ok_do​wn.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\ok_ov​er.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\playe​r_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\playe​r_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\playe​r_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\playe​r_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\playe​r_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\playe​r_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\playe​r_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\playe​r_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\playh​ead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\power​ed_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\progr​ess.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\refre​sh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\refre​sh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\refre​sh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\resta​rt.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\resta​rt_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\start​_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\start​_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\start​_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\start​_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\start​_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\start​_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\start​_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\stop_​capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\stop_​capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\stop_​capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\stop_​capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\stop_​slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\tab_s​lide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\tape_​control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\text_​camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\text_​camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\text_​file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\text_​file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\text_​phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\text_​phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\text_​webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\text_​webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\title​.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\uploa​d.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\uploa​ding.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\uploa​ding_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\uploa​ding_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\uploa​ding_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\uploa​ding_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\uploa​ding_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\uploa​d_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\uploa​d_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\uploa​d_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\volum​e_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\volum​e_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\volum​e_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\volum​e_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\volum​e_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\volum​e_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\volum​e_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\waiti​ng_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\webca​ms_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\webca​m_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\images\webca​m_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Publisher\4520\r​esources\VideoEgg\messages\mes​sages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Updater\updater.​ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Updater\4665\lib​curlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
 C:\Documents and Settings\sandrine martins\Application Data\VideoEgg\Updater\4665\upd​ater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

  1. homepage
naheulbeuk7
Membre impliqué (de 20 000 à 29 999 messages postés)
  1. Posté le 22/10/2008 à 10:25:37  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
re, un dernier scan et après je te lache :p

 Fais un scan BitDefender en ligne (avec Internet Explorer pas avec Firefox !)
 (clique à gauche sur scan online).
 et post moi le rapport de ce scan ici une fois terminé !

 Guide d'utilisation de Bitdefender en ligne (merci Bruce Lee) : http://cybersecurite.xooit.com [...] fender.htm

 :D


---------------
Visitez mon site sur la sécurité informatique : http://www.site-naheulbeuk.com
oceana9
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 28/10/2008 à 13:50:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour, désolé je n'ai pas eu beaucoup de temps pour répondre et faire le scan par Bitdefender avant aujourd'hui  :whistle:

 voici le rapport Bitdefender demandé :

 BitDefender Online Scanner

 Scan report generated at: Tue, Oct 28, 2008 - 12:08:56

 Scan path: C:\;D:\;
   
 Statistics

 Time
   

 01:25:24

 Files
   

 105204

 Folders
   

 4642

 Boot Sectors
   

 0

 Archives
   

 2580

 Packed Files
   

 9505
   

 Results

 Identified Viruses
   

 0

 Infected Files
   

 0

 Suspect Files
   

 0

 Warnings
   

 0

 Disinfected
   

 0

 Deleted Files
   

 0
   
 Engines Info

 Virus Definitions
   

 1969638

 Engine build
   

 AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

 Scan plugins
   

 16

 Archive plugins
   

 43

 Unpack plugins
   

 7

 E-mail plugins
   

 6

 System plugins
   

 4
   
 Scan Settings

 First Action
   

 Disinfect

 Second Action
   

 Delete

 Heuristics
   

 Yes

 Enable Warnings
   

 Yes

 Scanned Extensions
   

 *;

 Exclude Extensions
   
 Scan Emails
   

 Yes

 Scan Archives
   

 Yes

 Scan Packed
   

 Yes

 Scan Files
   

 Yes

 Scan Boot
   

 Yes
   
 Scanned File
   

 Status

 No virus found.
   

 
   

djamel137
  1. Posté le 29/10/2008 à 02:06:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
moi aussi j'ai ce probleme aidez-moi svp !! voila le resulta

 DiagHelp version v1.4 - http://www.malekal.com
 excute le 29/10/2008 à  1:48:20,00
 
 
 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
 C:\WINDOWS\prefetch\CHCP.COM-1​7EDBDC9.pf -->29/10/2008 01:48:14
 C:\WINDOWS\prefetch\CMD.EXE-03​4B0549.pf -->29/10/2008 01:48:07
 C:\WINDOWS\prefetch\WINRAR.EXE​-0AA31BB9.pf -->29/10/2008 01:47:03
 C:\WINDOWS\prefetch\NOTEPAD.EX​E-2F2D61E1.pf -->29/10/2008 01:44:05
 C:\WINDOWS\prefetch\WMIPRVSE.E​XE-0D449B4F.pf -->29/10/2008 01:44:04
 C:\WINDOWS\prefetch\SCANNER.EX​E.EXE-066BBA77.pf -->29/10/2008 01:44:01
 C:\WINDOWS\prefetch\HIJACKTHIS[1].EXE-1A520DFB.pf -->29/10/2008 01:42:17
 C:\WINDOWS\prefetch\ELEPHANTCL​IENT.EXE-27C0149E.pf -->29/10/2008 01:39:36
 C:\WINDOWS\prefetch\NETSH.EXE-​23AED181.pf -->29/10/2008 01:39:34
 C:\WINDOWS\prefetch\IEXPLORE.E​XE-2D97EBE6.pf -->29/10/2008 01:39:24

 C:\WINDOWS\System32\drivers\fi​dbox2.idx -->29/10/2008 01:48:03
 C:\WINDOWS\System32\drivers\fi​dbox2.dat -->29/10/2008 01:48:03
 C:\WINDOWS\System32\drivers\fi​dbox.dat -->28/10/2008 22:27:04
 C:\WINDOWS\System32\drivers\fi​dbox.idx -->28/10/2008 22:26:56
 C:\WINDOWS\System32\drivers\kl​in.dat -->23/10/2008 22:02:56
 C:\WINDOWS\System32\drivers\kl​ick.dat -->23/10/2008 21:54:11
 C:\WINDOWS\System32\drivers\kl​if.sys -->23/10/2008 21:53:34

 C:\WINDOWS\System32\nvapps.xml -->28/10/2008 21:56:11
 C:\WINDOWS\System32\PerfString​Backup.INI -->28/10/2008 04:24:11
 C:\WINDOWS\System32\perfh00C.d​at -->28/10/2008 04:24:11
 C:\WINDOWS\System32\perfh009.d​at -->28/10/2008 04:24:11
 C:\WINDOWS\System32\perfc00C.d​at -->28/10/2008 04:24:11
 C:\WINDOWS\System32\perfc009.d​at -->28/10/2008 04:24:11
 C:\WINDOWS\System32\bdod.bin -->23/10/2008 19:12:50
 C:\WINDOWS\System32\javaws.exe -->23/10/2008 19:09:20
 C:\WINDOWS\System32\javaw.exe -->23/10/2008 19:09:20
 C:\WINDOWS\System32\javacpl.cp​l -->23/10/2008 19:09:20
 C:\WINDOWS\System32\java.exe -->23/10/2008 19:09:20
 C:\WINDOWS\System32\deploytk.d​ll -->23/10/2008 19:09:20
 C:\WINDOWS\System32\bdss.log -->23/10/2008 19:05:22
 C:\WINDOWS\System32\FNTCACHE.D​AT -->21/10/2008 17:11:34
 C:\WINDOWS\System32\wpa.dbl -->21/10/2008 14:20:07
 C:\WINDOWS\System32\spupdsvc.i​nf -->18/10/2008 17:45:55
 C:\WINDOWS\System32\netapi32.d​ll -->15/10/2008 17:35:43
 C:\WINDOWS\System32\REX Shared Library.dll -->15/10/2008 12:13:23
 C:\WINDOWS\System32\ReWire.dll -->15/10/2008 12:13:23
 C:\WINDOWS\System32\uxtheme.dl​l -->15/10/2008 11:53:45
 C:\WINDOWS\System32\nscompat.t​lb -->15/10/2008 11:43:25
 C:\WINDOWS\System32\amcompat.t​lb -->15/10/2008 11:43:25
 C:\WINDOWS\System32\TZLog.log -->15/10/2008 01:44:08
 C:\WINDOWS\System32\spupdwxp.l​og -->15/10/2008 01:09:01
 C:\WINDOWS\System32\h323log.tx​t -->14/10/2008 17:32:42

 C:\WINDOWS\WindowsUpdate.log -->29/10/2008 01:35:30
 C:\WINDOWS\0.log -->28/10/2008 21:56:27
 C:\WINDOWS\wiadebug.log -->28/10/2008 21:56:25
 C:\WINDOWS\wiaservc.log -->28/10/2008 21:56:19
 C:\WINDOWS\bootstat.dat -->28/10/2008 21:56:05
 C:\WINDOWS\SchedLgU.Txt -->28/10/2008 21:09:29
 C:\WINDOWS\wmsetup.log -->28/10/2008 20:15:41
 C:\WINDOWS\setupapi.log -->27/10/2008 17:59:36
 C:\WINDOWS\ntdtcsetup.log -->24/10/2008 17:20:28
 C:\WINDOWS\iis6.log -->24/10/2008 17:20:28
 C:\WINDOWS\comsetup.log -->24/10/2008 17:20:28
 C:\WINDOWS\tsoc.log -->24/10/2008 17:20:27
 C:\WINDOWS\ocmsn.log -->24/10/2008 17:20:27
 C:\WINDOWS\ocgen.log -->24/10/2008 17:20:27
 C:\WINDOWS\msgsocm.log -->24/10/2008 17:20:27

 winlogon.exe  
  Verified: Signed
 svchost.exe  
  Verified: Signed
 ws2_32.dll  
  Verified: Signed
 user32.dll  
  Verified: Signed
 tcpip.sys  
  Verified: Signed
 ndis.sys  
  Verified: Signed
 null.sys  
  Verified: Signed
 

 ListDLLs v2.25 - DLL lister for Win9x/NT
 Copyright (C) 1997-2004 Mark Russinovich
 Sysinternals - www.sysinternals.com

 ------------------------------​------------------------------​------------------
 explorer.exe pid: 1908
 Command line: C:\WINDOWS\Explorer.EXE

  Base        Size      Version         Path
  0x77be0000  0x58000   7.00.2600.5512  C:\WINDOWS\system32\msvcrt.dll
  0x779e0000  0x97000   5.131.2600.5512  C:\WINDOWS\system32\CRYPT32.dl​l
  0x76610000  0x84000   5.131.2600.5512  C:\WINDOWS\system32\CRYPTUI.dl​l
  0x76be0000  0x2e000   5.131.2600.5512  C:\WINDOWS\system32\WINTRUST.d​ll
  0x6d710000  0x13000   8.00.0000.0454  C:\PROGRA~1\KASPER~1\KASPER~1\​mzvkbd.dll
  0x6d730000  0x13000   8.00.0000.0454  C:\PROGRA~1\KASPER~1\KASPER~1\​mzvkbd3.dll
  0x6d020000  0x15000   8.00.0000.0454  C:\PROGRA~1\KASPER~1\KASPER~1\​adialhk.dll
  0x6d4c0000  0x6000    8.00.0000.0454  C:\PROGRA~1\KASPER~1\KASPER~1\​kloehk.dll
  0x58b50000  0x9a000   5.82.2900.5512  C:\WINDOWS\system32\comctl32.d​ll
  0x76f80000  0x7f000   2001.12.4414.0700  C:\WINDOWS\system32\CLBCATQ.DL​L
  0x77000000  0xd4000   2001.12.4414.0700  C:\WINDOWS\system32\COMRes.dll
  0x76ac0000  0x11000   3.05.2284.0001  C:\WINDOWS\system32\ATL.DLL
  0x01aa0000  0x2bc000  3.01.4001.5512  C:\WINDOWS\system32\msi.dll
  0x76010000  0x65000   6.02.3104.0000  C:\WINDOWS\system32\MSVCP60.dl​l
  0x10000000  0x12000                   C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
  0x164a0000  0x23000   5.02.5721.5145  C:\WINDOWS\system32\WPDShServi​ceObj.dll
  0x109c0000  0x2c000   5.02.5721.5145  C:\WINDOWS\system32\PortableDe​viceTypes.dll
  0x10930000  0x49000   5.02.5721.5145  C:\WINDOWS\system32\PortableDe​viceApi.dll
  0x4eb80000  0x1a6000  5.01.3102.5581  C:\WINDOWS\WinSxS\x86_Microsof​t.Windows.GdiPlus_6595b64144cc​f1df_1.0.2600.5581_x-ww_dfbc4f​c4\gdiplus.dll
  0x74730000  0x3d000   3.525.1132.0000  C:\WINDOWS\system32\ODBC32.dll
  0x1f840000  0x18000   3.525.1117.0000  C:\WINDOWS\system32\odbcint.dl​l
  0x040c0000  0x2b000                   C:\Program Files\WinRAR\rarext.dll
  0x6d910000  0xc000    8.00.0000.0454  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ShellEx.dll
  0x78130000  0x9b000   8.00.50727.1433  C:\WINDOWS\WinSxS\x86_Microsof​t.VC80.CRT_1fc8b3b9a1e18e3b_8.​0.50727.1433_x-ww_5cf844d2\MSV​CR80.dll
  0x7c420000  0x87000   8.00.50727.1433  C:\WINDOWS\WinSxS\x86_Microsof​t.VC80.CRT_1fc8b3b9a1e18e3b_8.​0.50727.1433_x-ww_5cf844d2\MSV​CP80.dll
  0x73600000  0x7000    6.05.2600.5512  C:\WINDOWS\system32\msdmo.dll
  0x58640000  0x8a000   1.09.0000.0305  C:\WINDOWS\system32\l3codeca.a​cm
  0x75ed0000  0x13000   5.131.2600.5512  C:\WINDOWS\system32\cryptnet.d​ll

 ListDLLs v2.25 - DLL lister for Win9x/NT
 Copyright (C) 1997-2004 Mark Russinovich
 Sysinternals - www.sysinternals.com

 ------------------------------​------------------------------​------------------
 winlogon.exe pid: 920
 Command line: winlogon.exe

  Base        Size      Version         Path
  0x01000000  0x82000                   \??\C:\WINDOWS\system32\winlog​on.exe
  0x77be0000  0x58000   7.00.2600.5512  C:\WINDOWS\system32\msvcrt.dll
  0x779e0000  0x97000   5.131.2600.5512  C:\WINDOWS\system32\CRYPT32.dl​l
  0x76be0000  0x2e000   5.131.2600.5512  C:\WINDOWS\system32\WINTRUST.d​ll
  0x6d710000  0x13000   8.00.0000.0454  C:\PROGRA~1\KASPER~1\KASPER~1\​mzvkbd.dll
  0x6d730000  0x13000   8.00.0000.0454  C:\PROGRA~1\KASPER~1\KASPER~1\​mzvkbd3.dll
  0x6d020000  0x15000   8.00.0000.0454  C:\PROGRA~1\KASPER~1\KASPER~1\​adialhk.dll
  0x6d4c0000  0x6000    8.00.0000.0454  C:\PROGRA~1\KASPER~1\KASPER~1\​kloehk.dll
  0x58b50000  0x9a000   5.82.2900.5512  C:\WINDOWS\system32\COMCTL32.d​ll
  0x74730000  0x3d000   3.525.1132.0000  C:\WINDOWS\system32\ODBC32.dll
  0x1f840000  0x18000   3.525.1117.0000  C:\WINDOWS\system32\odbcint.dl​l
  0x6d4d0000  0x36000   8.00.0000.0454  C:\WINDOWS\system32\klogon.dll
  0x76ac0000  0x11000   3.05.2284.0001  C:\WINDOWS\system32\ATL.DLL
  0x77000000  0xd4000   2001.12.4414.0700  C:\WINDOWS\system32\COMRes.dll
  0x76f80000  0x7f000   2001.12.4414.0700  C:\WINDOWS\system32\CLBCATQ.DL​L
 
 
 Le volume dans le lecteur C n'a pas de nom.
 Le numéro de série du volume est 94C6-9C07

 Répertoire de C:\WINDOWS\system32

 13/04/2008  18:34             6 144 csrss.exe

1 fichier(s)            6 144 octets

0 Rép(s)  92 511 363 072 octets libres
 
 Contenu de Downloaded Program Files
 Le volume dans le lecteur C n'a pas de nom.
 Le numéro de série du volume est 94C6-9C07

 Répertoire de C:\WINDOWS\Downloaded Program Files

 15/10/2008  01:29    <REP>          .
 15/10/2008  01:29    <REP>          ..
 14/10/2008  15:36                65 desktop.ini
 28/07/2008  23:50             1 292 erma.inf

2 fichier(s)            1 357 octets

Total des fichiers listés :

2 fichier(s)            1 357 octets

2 Rép(s)  92 511 358 976 octets libres
 
 Recherche de rootkit! (Merci S!Ri)
 
 Recherche d'infections connues

 Export des clefs sensibles..
 
 
 Liste des fichiers en exception sur le pare-feu XP SP2

 "%windir%\\system32\\sessmgr.e​xe"="%windir%\\system32\\sessm​gr.exe:*:enabled:@xpsp2res.dll​,-22019"
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%w​indir%\\Network Diagnostic\\xpnetdiag.exe:*:En​abled:@xpsp3res.dll,-20000"
 "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=​"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*​:Enabled:Windows Live Messenger"
 "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"​="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:​*:Enabled:Windows Live Messenger (Phone)"
 "C:\\Program Files\\SFR\\Media Center\\httpd\\httpd.exe"="C:\​\Program Files\\SFR\\Media Center\\httpd\\httpd.exe:172.1​6.255.0/255.255.255.0,192.168.​1.0/255.255.255.0:Enabled:Serv​eur de partage Media Center (Player SFR)"
 "C:\\Program Files\\Lphant\\eLePhantClient.​exe"="C:\\Program Files\\Lphant\\eLePhantClient.​exe:*:Enabled:Lphant"

 "%windir%\\system32\\sessmgr.e​xe"="%windir%\\system32\\sessm​gr.exe:*:enabled:@xpsp2res.dll​,-22019"
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%w​indir%\\Network Diagnostic\\xpnetdiag.exe:*:En​abled:@xpsp3res.dll,-20000"
 "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=​"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*​:Enabled:Windows Live Messenger"
 "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"​="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:​*:Enabled:Windows Live Messenger (Phone)"
 
 Export de la clef SharedTaskScheduler

 [SharedTaskScheduler]
 "{438755C2-A8BA-11D1-B96B-00A0​C90312E1}"="Pré-chargeur Browseui"
 "{8C7461EF-2B13-11d2-BE35-3078​302C2030}"="Démon de cache des catégories de composant"

 
 
 exports des policies
 REGEDIT4

 [system]
 "dontdisplaylastusername"=dwor​d:00000000
 "legalnoticecaption"=""
 "legalnoticetext"=""
 "shutdownwithoutlogon"=dword:0​0000001
 "undockwithoutlogon"=dword:000​00001



 Export des clefs sensibles..
 Rechercher adresses sensibles dans le fichier HOSTS...
 catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2008-10-29 01:49:14
 Windows 5.1.2600 Service Pack 3 NTFS

 scanning hidden services & system hive ...

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\sptd\Cf​g]
 "s1"=dword:2df9c43f
 "s2"=dword:110480d0
 "h0"=dword:00000001

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\sptd\Cf​g\19659239224E364682FA4BAF72C5​3EA4]
 "p0"="C:\Program Files\DAEMON Tools Lite\"
 "h0"=dword:00000000
 "khjeh"=hex:5d,68,6c,f7,d9,6b,​00,4e,57,20,12,1f,3f,8a,27,f0,​8b,1c,40,bd,67,..

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\sptd\Cf​g\19659239224E364682FA4BAF72C5​3EA4\00000001]
 "a0"=hex:20,01,00,00,44,b3,12,​77,a4,df,88,21,6c,88,a4,26,f8,​fe,82,64,ca,..
 "khjeh"=hex:9b,1c,37,6f,7d,ae,​70,83,af,b2,96,a2,d4,d3,39,4d,​f3,b9,5a,26,de,..

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\sptd\Cf​g\19659239224E364682FA4BAF72C5​3EA4\00000001\0Jf40]
 "khjeh"=hex:b1,e3,9f,e8,fb,79,​f9,2e,e4,cf,75,3d,6d,3c,d6,69,​6d,11,da,25,e6,..
 [HKEY_LOCAL_MACHINE\SYSTEM\Cont​rolSet003\Services\sptd\Cfg\19​659239224E364682FA4BAF72C53EA4​]
 "p0"="C:\Program Files\DAEMON Tools Lite\"
 "h0"=dword:00000000
 "khjeh"=hex:5d,68,6c,f7,d9,6b,​00,4e,57,20,12,1f,3f,8a,27,f0,​8b,1c,40,bd,67,..

 [HKEY_LOCAL_MACHINE\SYSTEM\Cont​rolSet003\Services\sptd\Cfg\19​659239224E364682FA4BAF72C53EA4​\00000001]
 "a0"=hex:20,01,00,00,44,b3,12,​77,a4,df,88,21,6c,88,a4,26,f8,​fe,82,64,ca,..
 "khjeh"=hex:9b,1c,37,6f,7d,ae,​70,83,af,b2,96,a2,d4,d3,39,4d,​f3,b9,5a,26,de,..

 [HKEY_LOCAL_MACHINE\SYSTEM\Cont​rolSet003\Services\sptd\Cfg\19​659239224E364682FA4BAF72C53EA4​\00000001\0Jf40]
 "khjeh"=hex:b1,e3,9f,e8,fb,79,​f9,2e,e4,cf,75,3d,6d,3c,d6,69,​6d,11,da,25,e6,..

 scanning hidden registry entries ...

 scanning hidden files ...

 scan completed successfully
 hidden services: 0
 hidden files: 0

 
 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 Process list by traversal of KiWaitListHead

 4     -           System  
 144   -      RTHDCPL.exe  
 192   -          avp.exe  
 196   -     vsnpstd2.exe  
 236   -       ctfmon.exe  
 256   -       daemon.exe  
 264   -       msmsgs.exe  
 328   -   RocketDock.exe  
 336   -     iexplore.exe  
 356   -     iexplore.exe  
 800   -          avp.exe  
 872   -          jqs.exe  
 896   -        csrss.exe  
 920   -     winlogon.exe  
 964   -     services.exe  
 976   -        lsass.exe  
 1144  -      svchost.exe  
 1172  -      nvsvc32.exe  
 1216  -      svchost.exe  
 1312  -      svchost.exe  
 1444  -      svchost.exe  
 1908  -     explorer.exe  
 2628  -          alg.exe  
 3476  -  scanner.exe.exe  
 3596  -       usnsvc.exe  
 3664  -      svchost.exe  
 3868  -      msnmsgr.exe  
 3996  -     iexplore.exe  

 Total number of processes = 28
 NOTE: Under WinXP, this will not show all processes.
 
 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 Driver/Module list by traversal of PsLoadedModuleList

 804D7000 - \WINDOWS\system32\ntkrnlpa.exe
 806E4000 - \WINDOWS\system32\hal.dll
 F79F1000 - \WINDOWS\system32\KDCOM.DLL
 F7901000 - \WINDOWS\system32\BOOTVID.dll
 F72F0000 - spej.sys
 F79F3000 - \WINDOWS\System32\Drivers\WMIL​IB.SYS
 F72D8000 - \WINDOWS\System32\Drivers\SCSI​PORT.SYS
 F72A9000 - ACPI.sys
 F7298000 - pci.sys
 F74F1000 - ohci1394.sys
 F7501000 - \WINDOWS\system32\DRIVERS\1394​BUS.SYS
 F7511000 - isapnp.sys
 F7AB9000 - pciide.sys
 F7771000 - \WINDOWS\system32\DRIVERS\PCII​DEX.SYS
 F79F5000 - viaide.sys
 F7521000 - MountMgr.sys
 F7279000 - ftdisk.sys
 F7779000 - PartMgr.sys
 F7531000 - VolSnap.sys
 F7261000 - atapi.sys
 F7541000 - disk.sys
 F7551000 - \WINDOWS\system32\DRIVERS\CLAS​SPNP.SYS
 F7241000 - fltmgr.sys
 F722F000 - sr.sys
 F7561000 - klbg.sys
 F7218000 - KSecDD.sys
 F718B000 - Ntfs.sys
 F715E000 - NDIS.sys
 F7571000 - uagp35.sys
 F7144000 - Mup.sys
 F6C25000 - kl1.sys
 F7781000 - \WINDOWS\system32\drivers\TDI.​SYS
 F7701000 - \SystemRoot\system32\DRIVERS\i​ntelppm.sys
 F6603000 - \SystemRoot\system32\DRIVERS\n​v4_mini.sys
 F65EF000 - \SystemRoot\system32\DRIVERS\V​IDEOPRT.SYS
 F7711000 - \SystemRoot\system32\DRIVERS\i​mapi.sys
 F7721000 - \SystemRoot\system32\DRIVERS\c​drom.sys
 F7731000 - \SystemRoot\system32\DRIVERS\r​edbook.sys
 F65CC000 - \SystemRoot\system32\DRIVERS\k​s.sys
 F78E1000 - \SystemRoot\system32\DRIVERS\u​sbuhci.sys
 F65A8000 - \SystemRoot\system32\DRIVERS\U​SBPORT.SYS
 F7741000 - \SystemRoot\system32\DRIVERS\k​lfltdev.sys
 F78E9000 - \SystemRoot\system32\DRIVERS\u​sbehci.sys
 F78F1000 - \SystemRoot\system32\DRIVERS\R​TL8139.SYS
 F7751000 - \SystemRoot\system32\DRIVERS\n​ic1394.sys
 F6543000 - \SystemRoot\System32\Drivers\a​j58n1nl.SYS
 F651B000 - \SystemRoot\system32\DRIVERS\H​DAudBus.sys
 F7811000 - \SystemRoot\system32\DRIVERS\k​lim5.sys
 F7C0E000 - \SystemRoot\system32\DRIVERS\a​udstub.sys
 F7761000 - \SystemRoot\system32\DRIVERS\r​asl2tp.sys
 F6BED000 - \SystemRoot\system32\DRIVERS\n​distapi.sys
 F6504000 - \SystemRoot\system32\DRIVERS\n​diswan.sys
 F75A1000 - \SystemRoot\system32\DRIVERS\r​aspppoe.sys
 F75B1000 - \SystemRoot\system32\DRIVERS\r​aspptp.sys
 F64F3000 - \SystemRoot\system32\DRIVERS\p​sched.sys
 F75C1000 - \SystemRoot\system32\DRIVERS\m​sgpc.sys
 F7819000 - \SystemRoot\system32\DRIVERS\p​tilink.sys
 F7821000 - \SystemRoot\system32\DRIVERS\r​aspti.sys
 F75D1000 - \SystemRoot\system32\DRIVERS\t​ermdd.sys
 F7829000 - \SystemRoot\system32\DRIVERS\k​bdclass.sys
 F7831000 - \SystemRoot\system32\DRIVERS\m​ouclass.sys
 F7A33000 - \SystemRoot\system32\DRIVERS\s​wenum.sys
 F63CD000 - \SystemRoot\system32\DRIVERS\u​pdate.sys
 F6BE1000 - \SystemRoot\system32\DRIVERS\m​ssmbios.sys
 F5F43000 - \SystemRoot\system32\drivers\R​tkHDAud.sys
 F5F1F000 - \SystemRoot\system32\drivers\p​ortcls.sys
 F75F1000 - \SystemRoot\system32\drivers\d​rmk.sys
 F7601000 - \SystemRoot\System32\Drivers\N​DProxy.SYS
 F7621000 - \SystemRoot\system32\DRIVERS\u​sbhub.sys
 F7A37000 - \SystemRoot\system32\DRIVERS\U​SBD.SYS
 F3821000 - \SystemRoot\system32\DRIVERS\k​lif.sys
 F37F3000 - \SystemRoot\system32\DRIVERS\m​afw.sys
 F7A3D000 - \SystemRoot\System32\Drivers\F​s_Rec.SYS
 F7B65000 - \SystemRoot\System32\Drivers\N​ull.SYS
 F7A3F000 - \SystemRoot\System32\Drivers\B​eep.SYS
 F7861000 - \SystemRoot\system32\DRIVERS\H​IDPARSE.SYS
 F7869000 - \SystemRoot\System32\drivers\v​ga.sys
 F7A43000 - \SystemRoot\System32\Drivers\m​nmdd.SYS
 F7A45000 - \SystemRoot\System32\DRIVERS\R​DPCDD.sys
 F7871000 - \SystemRoot\System32\Drivers\M​sfs.SYS
 F7879000 - \SystemRoot\System32\Drivers\N​pfs.SYS
 F6BFD000 - \SystemRoot\system32\DRIVERS\r​asacd.sys
 F37C0000 - \SystemRoot\system32\DRIVERS\i​psec.sys
 F3767000 - \SystemRoot\system32\DRIVERS\t​cpip.sys
 F643F000 - \SystemRoot\system32\DRIVERS\h​idusb.sys
 F7651000 - \SystemRoot\system32\DRIVERS\H​IDCLASS.SYS
 F3717000 - \SystemRoot\system32\DRIVERS\n​etbt.sys
 F36F1000 - \SystemRoot\system32\DRIVERS\i​pnat.sys
 F36CF000 - \SystemRoot\System32\drivers\a​fd.sys
 F7661000 - \SystemRoot\system32\DRIVERS\w​anarp.sys
 F7671000 - \SystemRoot\system32\DRIVERS\n​etbios.sys
 F36A4000 - \SystemRoot\system32\DRIVERS\r​dbss.sys
 F3634000 - \SystemRoot\system32\DRIVERS\m​rxsmb.sys
 F7681000 - \SystemRoot\system32\DRIVERS\a​rp1394.sys
 F76B1000 - \SystemRoot\System32\Drivers\F​ips.SYS
 F7881000 - \SystemRoot\system32\DRIVERS\u​sbccgp.sys
 F7889000 - \SystemRoot\system32\DRIVERS\U​SBSTOR.SYS
 F3E13000 - \SystemRoot\system32\DRIVERS\m​ouhid.sys
 F28BF000 - \SystemRoot\system32\DRIVERS\s​npstd2.sys
 F76A1000 - \SystemRoot\system32\DRIVERS\S​TREAM.SYS
 F76C1000 - \SystemRoot\system32\drivers\u​sbaudio.sys
 F3E03000 - \SystemRoot\system32\DRIVERS\k​bdhid.sys
 F2873000 - \SystemRoot\System32\Drivers\F​astfat.SYS
 F285B000 - \SystemRoot\System32\Drivers\d​ump_atapi.sys
 F7A77000 - \SystemRoot\System32\Drivers\d​ump_WMILIB.SYS
 BF800000 - \SystemRoot\System32\win32k.sy​s
 F374B000 - \SystemRoot\System32\drivers\D​xapi.sys
 F78D9000 - \SystemRoot\System32\watchdog.​sys
 BF9C3000 - \SystemRoot\System32\drivers\d​xg.sys
 F7BB7000 - \SystemRoot\System32\drivers\d​xgthk.sys
 BF9D5000 - \SystemRoot\System32\nv4_disp.​dll
 BAEF8000 - \SystemRoot\system32\DRIVERS\n​disuio.sys
 BACA3000 - \SystemRoot\system32\drivers\w​dmaud.sys
 BADE8000 - \SystemRoot\system32\drivers\s​ysaudio.sys
 F64C3000 - \SystemRoot\System32\Drivers\C​dfs.SYS
 BA6DC000 - \SystemRoot\system32\DRIVERS\m​rxdav.sys
 BA572000 - \SystemRoot\system32\DRIVERS\s​rv.sys
 B905D000 - \SystemRoot\System32\Drivers\H​TTP.sys
 B8B01000 - \SystemRoot\system32\drivers\k​mixer.sys
 F7B3B000 - \SystemRoot\System32\DRIVERS\K​ProcCheck.sys

 Total number of drivers = 120

 Liste des programmes installes

 Adobe Flash Player 10 ActiveX
 Archiveur WinRAR
 CCleaner (remove only)
 Correctif pour Lecteur Windows Media 11 (KB939683)
 Correctif pour Windows XP (KB952287)
 FireWire Family
 Google Toolbar for Internet Explorer
 Google Toolbar for Internet Explorer
 High Definition Audio Driver Package - KB888111
 HijackThis 2.0.2
 Hotfix for Windows Media Format 11 SDK (KB929399)
 Java(TM) 6 Update 10
 Kaspersky Internet Security 2009
 Kaspersky Internet Security 2009
 Kit d'installation
 Lecteur Windows Media 11
 Lphant v3.51
 Microsoft .NET Compact Framework 1.0 SP3
 Microsoft .NET Framework 1.1
 Microsoft .NET Framework 1.1
 Microsoft .NET Framework 1.1 Hotfix (KB928366)
 Microsoft .NET Framework 2.0 Service Pack 1
 Microsoft Compression Client Pack 1.0 for Windows XP
 Microsoft Office Professional Edition 2003
 Microsoft SQL Server 2005 Compact Edition [ENU]
 Microsoft User-Mode Driver Framework Feature Pack 1.0
 Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
 Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
 Mise à jour de sécurité pour Windows XP (KB938464)
 Mise à jour de sécurité pour Windows XP (KB941569)
 Mise à jour de sécurité pour Windows XP (KB946648)
 Mise à jour de sécurité pour Windows XP (KB950762)
 Mise à jour de sécurité pour Windows XP (KB950974)
 Mise à jour de sécurité pour Windows XP (KB951066)
 Mise à jour de sécurité pour Windows XP (KB951376-v2)
 Mise à jour de sécurité pour Windows XP (KB951698)
 Mise à jour de sécurité pour Windows XP (KB951748)
 Mise à jour de sécurité pour Windows XP (KB952954)
 Mise à jour de sécurité pour Windows XP (KB954211)
 Mise à jour de sécurité pour Windows XP (KB956390)
 Mise à jour de sécurité pour Windows XP (KB956391)
 Mise à jour de sécurité pour Windows XP (KB956803)
 Mise à jour de sécurité pour Windows XP (KB956841)
 Mise à jour de sécurité pour Windows XP (KB957095)
 Mise à jour de sécurité pour Windows XP (KB958644)
 Mise à jour pour Windows XP (KB951072-v2)
 Mise à jour pour Windows XP (KB951978)
 Module de compatibilité pour Microsoft Office System 2007
 NVIDIA Drivers
 NVIDIA PhysX v8.09.04
 OpenOffice.org Installer 1.0
 Pack Vista Inspirat 2 1.0
 Realtek High Definition Audio Driver
 Reason 4.0
 SFR - Media Center
 Sonic Foundry ACID 4.0
 Sony Sound Forge 7.0
 Steinberg Cubase SX v2.01
 Trust WB-3400T Webcam
 VLC media player 0.9.4
 WebFldrs XP
 Windows Genuine Advantage Validation Tool (KB892130)
 Windows Genuine Advantage Validation Tool (KB892130)
 Windows Live installer
 Windows Live Mail
 Windows Live Messenger
 Windows Media Format 11 runtime
 Windows Media Format 11 runtime
 Windows Media Player 11
 Windows XP Service Pack 3


 
 Le volume dans le lecteur C n'a pas de nom.
 Le numéro de série du volume est 94C6-9C07

 Répertoire de C:\Program Files

 28/10/2008  22:23    <REP>          .
 28/10/2008  22:23    <REP>          ..
 14/10/2008  15:45    <REP>          AGEIA Technologies
 16/10/2008  19:14    <REP>          CCleaner
 14/10/2008  15:35    <REP>          ComPlus Applications
 15/10/2008  17:21    <REP>          DAEMON Tools Lite
 15/10/2008  17:24    <REP>          DAEMON Tools Toolbar
 20/10/2008  02:19    <REP>          EoRezo
 23/10/2008  18:03    <REP>          Fichiers communs
 24/10/2008  00:57    <REP>          Google
 21/10/2008  14:28    <REP>          Internet Explorer
 23/10/2008  19:09    <REP>          Java
 23/10/2008  18:16    <REP>          JCA2000
 23/10/2008  21:53    <REP>          Kaspersky Lab
 18/10/2008  15:46    <REP>          Kit ADSL
 24/10/2008  00:30    <REP>          Lphant
 15/10/2008  11:33    <REP>          M-Audio
 15/10/2008  01:44    <REP>          Messenger
 24/10/2008  13:32    <REP>          Messenger Plus! Live
 23/10/2008  19:32    <REP>          Microsoft .NET Compact Framework 1.0 SP3
 14/10/2008  15:38    <REP>          microsoft frontpage
 21/10/2008  14:38    <REP>          Microsoft Office
 15/10/2008  11:17    <REP>          Microsoft SQL Server Compact Edition
 21/10/2008  14:03    <REP>          Microsoft.NET
 15/10/2008  11:55    <REP>          Movie Maker
 21/10/2008  14:38    <REP>          MSECache
 14/10/2008  15:33    <REP>          MSN
 14/10/2008  15:34    <REP>          MSN Gaming Zone
 15/10/2008  01:03    <REP>          NetMeeting
 14/10/2008  15:34    <REP>          Online Services
 15/10/2008  11:55    <REP>          Outlook Express
 15/10/2008  12:11    <REP>          Propellerhead
 14/10/2008  15:49    <REP>          Realtek
 20/10/2008  02:58    <REP>          roam size user
 14/10/2008  15:36    <REP>          Services en ligne
 28/10/2008  22:23    <REP>          SFR
 20/10/2008  13:35    <REP>          Sonic Foundry
 20/10/2008  13:19    <REP>          Sonic Foundry Setup
 20/10/2008  13:51    <REP>          Sony
 20/10/2008  13:51    <REP>          Sony Setup
 15/10/2008  12:05    <REP>          Steinberg
 23/10/2008  19:09    <REP>          Sun
 21/10/2008  17:26    <REP>          Trust
 23/10/2008  19:36    <REP>          Universal
 23/10/2008  19:36    <REP>          VersalSoft
 16/10/2008  19:12    <REP>          VideoLAN
 24/10/2008  16:13    <REP>          Windows Live
 14/10/2008  16:02    <REP>          Windows Live Toolbar
 15/10/2008  11:41    <REP>          Windows Media Connect 2
 15/10/2008  11:41    <REP>          Windows Media Player
 15/10/2008  01:03    <REP>          Windows NT
 15/10/2008  11:51    <REP>          WinRAR
 14/10/2008  15:38    <REP>          xerox

0 fichier(s)                0 octets

53 Rép(s)  92 488 278 016 octets libres
 Le volume dans le lecteur C n'a pas de nom.
 Le numéro de série du volume est 94C6-9C07

 Répertoire de C:\Program Files\fichiers communs

 23/10/2008  18:03    <REP>          .
 23/10/2008  18:03    <REP>          ..
 21/10/2008  14:03    <REP>          DESIGNER
 14/10/2008  15:49    <REP>          InstallShield
 24/10/2008  13:34    <REP>          Microsoft Shared
 14/10/2008  15:35    <REP>          MSSoap
 14/10/2008  17:27    <REP>          ODBC
 14/10/2008  15:35    <REP>          Services
 23/10/2008  18:03    <REP>          Softwin
 14/10/2008  17:27    <REP>          SpeechEngines
 21/10/2008  14:03    <REP>          System
 14/10/2008  15:45    <REP>          Wise Installation Wizard

0 fichier(s)                0 octets

12 Rép(s)  92 488 278 016 octets libres
 Le volume dans le lecteur C n'a pas de nom.
 Le numéro de série du volume est 94C6-9C07

 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 21/10/2008  14:26    <REP>          .
 21/10/2008  14:26    <REP>          ..
 21/10/2008  14:03    <REP>          1033
 21/10/2008  14:26    <REP>          1036
 20/09/2005  11:33         1 293 008 MSONSEXT.DLL
 22/03/2007  18:29            39 256 MSOSV.DLL
 03/06/1999  11:09           122 937 MSOWS409.DLL
 07/03/2001  06:00           127 033 MSOWS40c.DLL
 11/07/2003  01:25            80 448 PKMWS.DLL

5 fichier(s)        1 662 682 octets

4 Rép(s)  92 488 278 016 octets libres
 Le volume dans le lecteur C n'a pas de nom.
 Le numéro de série du volume est 94C6-9C07

 Répertoire de C:\

 18/02/2002  23:17        22 688 328 dotnetfx.exe

1 fichier(s)       22 688 328 octets

0 Rép(s)  92 488 278 016 octets libres
 
 
 Attention : C:\autorun.inf existe
 
 
 c:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\French\setup.exe
 c:\Documents and Settings\All Users\Application Data\Tool Eggs Less City\bleh cake.exe
 c:\Documents and Settings\djackou\Application Data\Microsoft\Installer\{7A0B​AED2-066E-4B4F-8FA5-472A4655F4​C2}\_5af141bb.exe
 c:\Documents and Settings\djackou\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
 c:\Documents and Settings\djackou\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
 c:\Documents and Settings\djackou\Application Data\roam size user\Amok Bows.exe
 c:\Documents and Settings\djackou\Application Data\roam size user\dalephonebattest.exe
 c:\Documents and Settings\djackou\Application Data\roam size user\Oncerdrenc.exe
 c:\Documents and Settings\djackou\Application Data\roam size user\yrafllej.exe
 c:\Documents and Settings\djackou\Bureau\scanne​r.exe.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\catchme.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\diff.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\dumphive.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\FilesInfoCmd.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\find2.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\Fport.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\grep.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\gzip.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\KProcCheck.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\LFiles.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\LISTDLLS.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\md5sums.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\pslist.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\sigcheck.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\streams.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\swreg.exe
 c:\Documents and Settings\djackou\Bureau\DiagHe​lp\tar.exe
 c:\Documents and Settings\djackou\Local Settings\Temp\bis4B.exe
 c:\Documents and Settings\djackou\Local Settings\Temp\MsgPlusUninstall​.exe
 c:\Documents and Settings\djackou\Local Settings\Temp\{0DEDBD72-D64A-4​D61-B74C-858BF92B4831}\{D9CF5E​60-42B1-489B-A0E2-9A6EE3DEB969​}\FWDeviceEnabler.exe
 c:\Documents and Settings\djackou\Local Settings\Temp\{0DEDBD72-D64A-4​D61-B74C-858BF92B4831}\{D9CF5E​60-42B1-489B-A0E2-9A6EE3DEB969​}\MAFWCpl.exe
 c:\Documents and Settings\djackou\Local Settings\Temp\{0DEDBD72-D64A-4​D61-B74C-858BF92B4831}\{D9CF5E​60-42B1-489B-A0E2-9A6EE3DEB969​}\MAFWInst.exe
 c:\Documents and Settings\djackou\Local Settings\Temp\{0DEDBD72-D64A-4​D61-B74C-858BF92B4831}\{D9CF5E​60-42B1-489B-A0E2-9A6EE3DEB969​}\MAFWTray.exe
 c:\Documents and Settings\djackou\Local Settings\Temp\{0DEDBD72-D64A-4​D61-B74C-858BF92B4831}\{D9CF5E​60-42B1-489B-A0E2-9A6EE3DEB969​}\MAFWUninst.exe
 c:\Documents and Settings\djackou\Local Settings\Temp\{0DEDBD72-D64A-4​D61-B74C-858BF92B4831}\{D9CF5E​60-42B1-489B-A0E2-9A6EE3DEB969​}\MAFWUninstaller.exe
 c:\Documents and Settings\djackou\Local Settings\Temp\{0DEDBD72-D64A-4​D61-B74C-858BF92B4831}\{D9CF5E​60-42B1-489B-A0E2-9A6EE3DEB969​}\Reg_set.exe
 c:\Documents and Settings\djackou\Local Settings\Temp\{0DEDBD72-D64A-4​D61-B74C-858BF92B4831}\{D9CF5E​60-42B1-489B-A0E2-9A6EE3DEB969​}\ShutDownWindowsForHardwareIn​stallation.exe
 c:\Documents and Settings\djackou\Local Settings\Temporary Internet Files\Content.IE5\49IN85MB\med​iacenter[1].exe
 c:\Documents and Settings\djackou\Local Settings\Temporary Internet Files\Content.IE5\4HUVCL6V\HiJ​ackThis[1].exe
 c:\Documents and Settings\djackou\Mes documents\logiciel\Flash_Disin​fector.exe
 c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\pro​duction\ppcrlconfig.dll
 c:\Documents and Settings\djackou\Application Data\Microsoft\IdentityCRL\pro​duction\ppcrlconfig.dll
 c:\Documents and Settings\djackou\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
 c:\Documents and Settings\djackou\Application Data\Sun\Java\jre1.6.0_10\lzma​.dll
 c:\Documents and Settings\LocalService\Applicat​ion Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
 
 ****** Fin du rapport DiagHelp
 Veuillez svp envoyer le fichier C:\upload_moi_DJAMEL.tar.gz a l'adresse http://upload.malekal.com

 Page :
1

Aller à :
 

Sujets relatifs
Invasion virus, plus de connection internet! (RESOLU) Fenêtre de site qui apparaisse
Invasion du cheval de troie TR/spy.GEN invasion poppups please aidé moi
pub cid impossible a enlever comment faire svp Lenteur de mon ordi depuis invasion barbare
Plus de sujets relatifs à : invasion de fenetre de pub CID et autres

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
processus crss.exe et avguard.exe 0
Demande d'information pour un anti-virus 1
HotzicBurner rencone un probème pour s'ouvir,. Virus??? 0
Spyware infection ! 15
Pas de réponse.... 1