aide pour rapport navilog svp merci Fermé

Question

Bonjour,j ai fais un scan avec navilog pour supprimer des rookik . je poste le rapport ci-dessous. y a t il quelqu'un qui pourrais me l analyser et me dire si je dois passer a l etape 2 merci

gen-hackman · Answer

salut tu ne supprimeras pas les rootkits avec Navilog...

pose toujours ton rappport

zezette36 · Answer

Fix Navipromo version 4.0.1 commencé le 24/08/2009 14:05:24,20

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files
avilog1

Mise à jour le 18.07.2009 à 11h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : catherine ( Administrator )
BOOT : Normal boot

Antivirus : AVG Anti-Virus Free 8.5 (Activated)


C:\ (Local Disk) - NTFS - Total:55 Go (Free:34 Go)
D:\ (Local Disk) - NTFS - Total:31 Go (Free:29 Go)
E:\ (Local Disk) - NTFS - Total:4 Go (Free:3 Go)
F:\ (CD or DVD)
G:\ (Local Disk) - FAT32 - Total:465 Go (Free:442 Go)


Recherche executée en mode normal 


[b]Aucune Infection Navipromo/Egdaccess trouvé/b



C:\WINDOWS\Tasks\AE9E214F9339D413.job trouvé ! Infection Lop possible non traitée par cet outil !
*** Scan terminé 24/08/2009 14:22:29,54 ***

Xplode · Answer

Bonjour,

Ce sont des  rootkit  et non pas des rookik, mais on attend quand même ton rapport !

zezette36 · Answer

excuse je me suis trompé de touche

gen-hackman · Answer

qui t'as dit que tu avait un rootkit ?

zezette36 · Answer

quand j ai fais une analyse avec mon anti virus

zezette36 · Answer

quand mon analyse a ete fini cela m a dit detection de : TRACKING COOKIE.YEILDMANAGER ET TRACKING COOKIE
Atdmt. c' est quoi cela ? CAR MON PC RAME  DUR et j ai plein de page IDE qui s'ouvre merci

zezette36 · Answer

voici aussi le rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:24, on 24/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Documents and Settings\catherine\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1 
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [PD0620 STISvc] RunDLL32.exe P0620Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCLEUSBTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Flag Owns Live Grim] C:\Documents and Settings\All Users\Application Data\Software rule flag owns	ons rect.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{30DC9DA9-622A-4D4E-BB88-82976E032E2A}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{30DC9DA9-622A-4D4E-BB88-82976E032E2A}: NameServer = 192.168.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: SeekappSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp143.exe (file missing)

gen-hackman · Answer

&#9654 Télécharge Ad-remover ( de C_XX ) sur ton bureau : 


&#9654 Déconnecte toi et ferme toutes applications en cours ! 

&#9654 Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut . 

&#9654 Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
 
&#9654 Au menu principal choisis l'option "L" et tape sur [entrée] .

&#9654 Laisse travailler l'outil et ne touche à rien ... 

&#9654 Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log ) 
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller ) 

&#9654 Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. 
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. 
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.     


ensuite :


&#9654 télécharge LOP S&D sur ton Bureau.

&#9654 Double-clique dessus pour lancer l'installation
&#9654 Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
&#9654 Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
&#9654 Patiente jusqu'à la fin du scan

&#9654 Poste le rapport généré (C:\lopR.txt)

zezette36 · Answer

OK JE VAIS LE FAIRE ET TE TIENS AU COURANT MERCI

zezette36 · Answer

VOILA LE RAPPORT Ad repport clean.
======= RAPPORT D'AD-REMOVER 1.1.4.5_P | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/08/2009 à 1:30 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 15:06:04, 24/08/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™   v5.1.2600
Nom du PC: CATHERIN-8E6B98 | Utilisateur actuel: catherine
.
Administrateur: Administrateur 
N'est pas administrateur: ASPNET 
Administrateur: catherine 
N'est pas administrateur: HelpAssistant *Desactive* 
N'est pas administrateur: Invité *Desactive* 
N'est pas administrateur: SUPPORT_388945a0 *Desactive* 
. 
============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== 
.
Service: "SeekappSrch Service"
.
HKCU\Software\EoRezo
HKLM\Software\Dealio
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKU\S-1-5-21-2000478354-1715567821-725345543-1004\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Eoengine
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
HKCR\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}
.
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\cache 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\cmhost.cyp 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\ConfMedia.cyp 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\ConfMedia.cyp.old 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\db 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\eoDesktop 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\eoStats 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\host.cyp 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\user.cyp 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\eoDesktop\config.xml 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\eoDesktop\eoDesktop.html 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\eoDesktop\userConfig.xml 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Download 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\help_config.cyp 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\unins000.dat 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\unins000.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\user_config.cyp 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\user_profil.cyp 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.4 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.5 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.6 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.7 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.8 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.9 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.0 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.1 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.2 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.3 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.4 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.5\itstv.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.6\itstv.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.7\itstv.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.8\itstv.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.9\itstv.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.0\itstv.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.1\itstv.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.2\itstv.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.3\itstv.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.4\itstv.exe 
C:\DOCUME~1\CATHER~1\APPLIC~1\EoRezo 
C:\Program Files\SeekappSrch\seekappsrch.exe 
C:\Program Files\SeekappSrch 
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-140B52A3.pf 
C:\Documents and Settings\maeva\Cookies\maeva@eorezo[1].txt 

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.13 *
.
 Nom du profil: 6y3sxxgh.default (catherine)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Yahoo! Search"); 
(Prefs.js) user_pref("browser.search.selectedEngine", "Yahoo! Search"); 
(Prefs.js) user_pref("browser.startup.homepage", "hxx(p|ps)://www.google.fr/firefox?client=firefox-a&rls=org.mozilla:fr:official"); 
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.13"); 
.
.
.
* Internet Explorer Version 7.0.5730.13 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
   Tabs	:          	res://ieframe.dll/tabswelcome.htm
.
===================================
.
6044 Octet(s) - C:\Ad-Report-CLEAN.log 
.
1 Fichier(s) - C:\DOCUME~1\CATHER~1\LOCALS~1\Temp 
1 Fichier(s) - C:\WINDOWS\Temp 
.
18 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
17 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 15:18:48 | 24/08/2009
.
============== E.O.F ==============
.

gen-hackman · Answer

ok la suite ;)

zezette36 · Answer

--------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
   BIOS : Phoenix - AwardBIOS v6.00PG
   USER : catherine ( Administrator )
   BOOT : Normal boot
   Antivirus : AVG Anti-Virus Free 8.5 (Activated)
   C:\ (Local Disk) - NTFS - Total:55 Go (Free:34 Go)
   D:\ (Local Disk) - NTFS - Total:31 Go (Free:29 Go)
   E:\ (Local Disk) - NTFS - Total:4 Go (Free:3 Go)
   F:\ (CD or DVD)
   G:\ (Local Disk) - FAT32 - Total:465 Go (Free:442 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [1] ( 24/08/2009|15:27 )
 
   --------------------\  Listing des dossiers dans APPLIC~1

   [17/03/2009|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{66E2F539-12B6-4870-A500-7689CDE75C5E}
   [22/08/2009|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
   [19/04/2009|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ableton
   [11/08/2009|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [25/05/2009|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
   [30/07/2009|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar
   [27/07/2009|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
   [10/04/2009|13:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
   [17/05/2009|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
   [30/07/2009|07:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
   [22/08/2009|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
   [22/03/2009|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
   [22/03/2009|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
   [27/07/2009|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
   [22/08/2009|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
   [06/07/2009|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Longbow Digital Arts
   [19/07/2009|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
   [15/03/2009|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
   [22/08/2009|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [07/07/2009|00:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [06/07/2009|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
   [08/12/2008|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1
View_Profiles
   [17/03/2009|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters
   [07/04/2009|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
   [17/03/2009|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [15/08/2009|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
   [23/08/2009|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [23/08/2009|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [05/12/2008|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
   [07/04/2009|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
   [17/06/2009|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [19/08/2009|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

   [19/04/2009|17:54] C:\DOCUME~1\CATHER~1\APPLIC~1\Ableton
   [11/08/2009|17:43] C:\DOCUME~1\CATHER~1\APPLIC~1\Adobe
   [10/04/2009|13:58] C:\DOCUME~1\CATHER~1\APPLIC~1\AVS4YOU
   [17/05/2009|12:50] C:\DOCUME~1\CATHER~1\APPLIC~1\Babylon
   [28/03/2009|19:54] C:\DOCUME~1\CATHER~1\APPLIC~1\Creative
   [17/06/2009|16:00] C:\DOCUME~1\CATHER~1\APPLIC~1\dvdcss
   [23/08/2009|22:13] C:\DOCUME~1\CATHER~1\APPLIC~1\EmailNotifier
   [06/04/2009|20:35] C:\DOCUME~1\CATHER~1\APPLIC~1\EPSON
   [06/07/2009|22:10] C:\DOCUME~1\CATHER~1\APPLIC~1\Gamelab
   [20/06/2009|21:59] C:\DOCUME~1\CATHER~1\APPLIC~1\GARMIN
   [25/03/2009|18:02] C:\DOCUME~1\CATHER~1\APPLIC~1\GetRightToGo
   [26/03/2009|16:46] C:\DOCUME~1\CATHER~1\APPLIC~1\Help
   [05/12/2008|19:39] C:\DOCUME~1\CATHER~1\APPLIC~1\Identities
   [23/08/2009|22:27] C:\DOCUME~1\CATHER~1\APPLIC~1\Idle Bike
   [07/04/2009|17:53] C:\DOCUME~1\CATHER~1\APPLIC~1\InstallShield
   [06/12/2008|00:51] C:\DOCUME~1\CATHER~1\APPLIC~1\Macromedia
   [22/08/2009|21:40] C:\DOCUME~1\CATHER~1\APPLIC~1\Malwarebytes
   [27/07/2009|12:53] C:\DOCUME~1\CATHER~1\APPLIC~1\Microsoft
   [13/04/2009|16:35] C:\DOCUME~1\CATHER~1\APPLIC~1\Mozilla
   [29/04/2009|18:44] C:\DOCUME~1\CATHER~1\APPLIC~1\MSNInstaller
   [08/12/2008|15:39] C:\DOCUME~1\CATHER~1\APPLIC~1\Sun
   [04/06/2009|20:54] C:\DOCUME~1\CATHER~1\APPLIC~1\U3
   [26/03/2009|15:53] C:\DOCUME~1\CATHER~1\APPLIC~1\Ulead Systems
   [17/03/2009|18:57] C:\DOCUME~1\CATHER~1\APPLIC~1\Uniblue
   [10/08/2009|21:02] C:\DOCUME~1\CATHER~1\APPLIC~1\vlc
   [24/08/2009|13:58] C:\DOCUME~1\CATHER~1\APPLIC~1\vmntoolbar
   [05/12/2008|23:11] C:\DOCUME~1\CATHER~1\APPLIC~1\WinRAR

   [05/12/2008|19:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [27/04/2009|16:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
   [16/12/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
   [27/07/2009|12:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [15/08/2009|21:49] C:\DOCUME~1\maeva\APPLIC~1\Adobe
   [15/08/2009|15:28] C:\DOCUME~1\maeva\APPLIC~1\Creative
   [15/08/2009|16:05] C:\DOCUME~1\maeva\APPLIC~1\dvdcss
   [15/08/2009|15:43] C:\DOCUME~1\maeva\APPLIC~1\EmailNotifier
   [15/08/2009|13:04] C:\DOCUME~1\maeva\APPLIC~1\Identities
   [15/08/2009|15:51] C:\DOCUME~1\maeva\APPLIC~1\Idle Bike
   [15/08/2009|13:08] C:\DOCUME~1\maeva\APPLIC~1\Macromedia
   [15/08/2009|13:21] C:\DOCUME~1\maeva\APPLIC~1\Microsoft
   [15/08/2009|13:06] C:\DOCUME~1\maeva\APPLIC~1\Mozilla
   [15/08/2009|13:09] C:\DOCUME~1\maeva\APPLIC~1\Sun
   [15/08/2009|17:54] C:\DOCUME~1\maeva\APPLIC~1\vlc
   [15/08/2009|15:43] C:\DOCUME~1\maeva\APPLIC~1\VMNTOOLBAR

   [29/04/2009|00:21] C:\DOCUME~1\Mendy\APPLIC~1\Adobe
   [29/04/2009|12:31] C:\DOCUME~1\Mendy\APPLIC~1\Creative
   [29/04/2009|00:17] C:\DOCUME~1\Mendy\APPLIC~1\Dealio
   [29/04/2009|00:15] C:\DOCUME~1\Mendy\APPLIC~1\Identities
   [29/04/2009|00:21] C:\DOCUME~1\Mendy\APPLIC~1\Macromedia
   [27/07/2009|12:53] C:\DOCUME~1\Mendy\APPLIC~1\Microsoft
   [29/04/2009|00:16] C:\DOCUME~1\Mendy\APPLIC~1\Mozilla
   [29/04/2009|00:16] C:\DOCUME~1\Mendy\APPLIC~1\Search Settings

   [27/07/2009|12:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [22/08/2009 20:40][--a------] C:\WINDOWS	asks\Ad-Aware Update (Weekly).job
   [24/08/2009 15:00][--ah-----] C:\WINDOWS	asks\AE9E214F9339D413.job
   [21/08/2009 11:04][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [23/08/2009 22:19][--ah-----] C:\WINDOWS	asks\SA.DAT
   [05/08/2004 14:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   ( AE9E214F9339D413.job )=( c:\docume~1\maeva\applic~1\idlebi~1\Meowborestupid.exe )

   --------------------\  Listing des dossiers dans C:\Program Files

   [19/07/2009|14:17] C:\Program Files\Adobe
   [24/08/2009|15:18] C:\Program Files\Ad-remover
   [06/12/2008|12:38] C:\Program Files\Ahead
   [17/03/2009|18:17] C:\Program Files\Apple Software Update
   [27/07/2009|12:54] C:\Program Files\AVG
   [10/04/2009|19:20] C:\Program Files\AviSynth 2.5
   [23/04/2009|19:43] C:\Program Files\AVS4YOU
   [18/06/2009|16:00] C:\Program Files\Bandoo
   [08/06/2009|19:40] C:\Program Files\CA VMN Anti-Spyware
   [05/12/2008|22:49] C:\Program Files\CCleaner
   [17/03/2009|18:20] C:\Program Files\ConvertMovie 5.0
   [05/12/2008|22:07] C:\Program Files\Creative
   [20/06/2009|21:58] C:\Program Files\DIFX
   [05/12/2008|23:35] C:\Program Files\dossier speciaux
   [19/07/2009|19:50] C:\Program Files\DX-Ball
   [15/08/2009|15:58] C:\Program Files\eMule
   [19/05/2009|21:41] C:\Program Files\epson
   [25/05/2009|16:28] C:\Program Files\Fichiers communs
   [21/03/2009|23:47] C:\Program Files\Free Audio Pack
   [11/05/2009|14:26] C:\Program Files\Free Video Converter
   [12/04/2009|20:32] C:\Program Files\Freecorder
   [18/07/2009|01:42] C:\Program Files\Gamenext
   [20/06/2009|21:58] C:\Program Files\Garmin
   [20/06/2009|21:58] C:\Program Files\Garmin GPS Plugin
   [17/03/2009|18:22] C:\Program Files\Get Yahoo! Messenger
   [05/12/2008|19:39] C:\Program Files\HighMAT CD Writing Wizard
   [22/03/2009|16:04] C:\Program Files\IncrediMail
   [19/07/2009|14:52] C:\Program Files\InstallShield Installation Information
   [10/08/2009|23:49] C:\Program Files\Internet Explorer
   [13/04/2009|09:46] C:\Program Files\Java
   [22/08/2009|20:36] C:\Program Files\Lavasoft
   [19/07/2009|20:01] C:\Program Files\ma-config.com
   [22/08/2009|21:40] C:\Program Files\Malwarebytes' Anti-Malware
   [05/12/2008|22:04] C:\Program Files\Manuel d'utilisation de Creative WebCam Instant
   [05/12/2008|20:36] C:\Program Files\Messenger
   [02/05/2009|12:04] C:\Program Files\Micro Application
   [19/08/2009|15:25] C:\Program Files\Microsoft
   [05/12/2008|19:29] C:\Program Files\microsoft frontpage
   [06/12/2008|12:59] C:\Program Files\Microsoft Office
   [17/03/2009|18:23] C:\Program Files\Microsoft Silverlight
   [19/08/2009|15:33] C:\Program Files\Microsoft SQL Server Compact Edition
   [17/03/2009|18:21] C:\Program Files\Microsoft SQL Server Compact Edition(2)
   [05/12/2008|20:34] C:\Program Files\Movie Maker
   [24/08/2009|15:23] C:\Program Files\Mozilla Firefox
   [19/05/2009|19:30] C:\Program Files\MSBuild
   [15/12/2008|17:11] C:\Program Files\MSN
   [05/12/2008|19:25] C:\Program Files\MSN Gaming Zone
   [24/08/2009|14:22] C:\Program Files\Navilog1
   [06/12/2008|12:33] C:\Program Files
ero
   [05/12/2008|20:32] C:\Program Files\NetMeeting
   [05/12/2008|19:25] C:\Program Files\Online Services
   [12/08/2009|03:13] C:\Program Files\Outlook Express
   [05/12/2008|22:03] C:\Program Files\Photo Manager
   [06/12/2008|13:38] C:\Program Files\PhotoFiltre
   [07/04/2009|20:32] C:\Program Files\Pinnacle
   [25/05/2009|16:30] C:\Program Files\PSCS2Updater
   [07/04/2009|17:48] C:\Program Files\QuickTime
   [19/05/2009|19:30] C:\Program Files\Reference Assemblies
   [22/08/2009|21:39] C:\Program Files\RegCleaner
   [06/12/2008|01:17] C:\Program Files\SDLL
   [05/12/2008|19:27] C:\Program Files\Services en ligne
   [05/12/2008|22:05] C:\Program Files\SightSpeed
   [05/12/2008|23:33] C:\Program Files\SLD Codec Pack
   [12/04/2009|20:40] C:\Program Files\SoundRecorder
   [22/08/2009|15:26] C:\Program Files\Spybot - Search & Destroy
   [17/03/2009|20:03] C:\Program Files\Uniblue
   [15/08/2009|13:04] C:\Program Files\Uninstall Information
   [05/12/2008|20:02] C:\Program Files\VIAudioi
   [05/12/2008|22:36] C:\Program Files\VideoLAN
   [08/06/2009|19:40] C:\Program Files\vmntoolbar
   [05/12/2008|19:39] C:\Program Files\Windows Journal Viewer
   [19/08/2009|16:21] C:\Program Files\Windows Live
   [17/03/2009|20:53] C:\Program Files\Windows Media Components
   [17/06/2009|15:45] C:\Program Files\Windows Media Connect
   [17/06/2009|15:52] C:\Program Files\Windows Media Player
   [05/12/2008|20:32] C:\Program Files\Windows NT
   [05/12/2008|22:50] C:\Program Files\WinRAR
   [05/12/2008|19:29] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [19/07/2009|14:19] C:\Program Files\Fichiers communs\Adobe
   [25/05/2009|16:28] C:\Program Files\Fichiers communs\Adobe Systems Shared
   [06/12/2008|12:38] C:\Program Files\Fichiers communs\Ahead
   [23/04/2009|19:42] C:\Program Files\Fichiers communs\AVSMedia
   [06/12/2008|12:59] C:\Program Files\Fichiers communs\Designer
   [05/12/2008|21:56] C:\Program Files\Fichiers communs\InstallShield
   [18/03/2009|04:04] C:\Program Files\Fichiers communs\Microsoft Shared
   [05/12/2008|19:27] C:\Program Files\Fichiers communs\MSSoap
   [06/12/2008|00:43] C:\Program Files\Fichiers communs\Oberon Media
   [05/12/2008|20:14] C:\Program Files\Fichiers communs\ODBC
   [05/12/2008|19:27] C:\Program Files\Fichiers communs\Services
   [14/04/2009|12:18] C:\Program Files\Fichiers communs\Softwin
   [05/12/2008|20:13] C:\Program Files\Fichiers communs\SpeechEngines
   [05/12/2008|20:32] C:\Program Files\Fichiers communs\System
   [07/04/2009|18:01] C:\Program Files\Fichiers communs\Ulead Systems
   [16/02/2009|13:14] C:\Program Files\Fichiers communs\Windows Live
   [05/12/2008|22:41] C:\Program Files\Fichiers communs\WindowsLiveInstaller

   --------------------\  Process

   ( 46 Processes )

   IEXPLORE.EXE ~ [PID:2408]
   IEXPLORE.EXE ~ [PID:3120]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns	ons rect.dat
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns	ons rect.exe
   C:\DOCUME~1\CATHER~1\APPLIC~1\idlebi~1
   C:\DOCUME~1\maeva\APPLIC~1\idlebi~1
   C:\DOCUME~1\maeva\APPLIC~1\idlebi~1\Build Upload Ace Coal.exe
   C:\DOCUME~1\maeva\APPLIC~1\idlebi~1\exit keep.exe
   C:\DOCUME~1\maeva\APPLIC~1\idlebi~1\Meowborestupid.exe
   C:\DOCUME~1\maeva\APPLIC~1\idlebi~1
kkzjgfm.exe
   C:\DOCUME~1\CATHER~1\Cookies\catherine@www.adserver5[2].txt
   C:\WINDOWS\Tasks\AE9E214F9339D413.job
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   "Flag Owns Live Grim"="C:\Documents and Settings\All Users\Application Data\Software rule flag owns\tons rect.exe"

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-08-24 15:29:06
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 146
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:2][D:2]-> C:\DOCUME~1\CATHER~1\LOCALS~1\Temp
   [F:25][D:0]-> C:\DOCUME~1\CATHER~1\Cookies
   [F:395][D:4]-> C:\DOCUME~1\CATHER~1\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 24/08/2009|15:30 - Option : [1]

   --------------------\  Fin du rapport a 15:30:35

zezette36 · Answer

C EST QUOI CELA SVP     ( EoRezo)

gen-hackman · Answer

&#9654 double-clique sur le raccourci Lop S&D présent sur ton Bureau

&#9654 Séléctionne la langue souhaitée , puis choisis l'option "Suppression + Hosts"
&#9654 Patiente jusqu'à la fin du scan
&#9654 Poste le rapport généré (C:\lopR.txt)

zezette36 · Answer

--------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
   BIOS : Phoenix - AwardBIOS v6.00PG
   USER : catherine ( Administrator )
   BOOT : Normal boot
   Antivirus : AVG Anti-Virus Free 8.5 (Activated)
   C:\ (Local Disk) - NTFS - Total:55 Go (Free:34 Go)
   D:\ (Local Disk) - NTFS - Total:31 Go (Free:29 Go)
   E:\ (Local Disk) - NTFS - Total:4 Go (Free:3 Go)
   F:\ (CD or DVD)
   G:\ (Local Disk) - FAT32 - Total:465 Go (Free:442 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [2] ( 24/08/2009|15:46 )


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns	ons rect.dat
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns	ons rect.exe
   Supprime! - C:\DOCUME~1\maeva\APPLIC~1\idlebi~1\Build Upload Ace Coal.exe
   Supprime! - C:\DOCUME~1\maeva\APPLIC~1\idlebi~1\exit keep.exe
   Supprime! - C:\DOCUME~1\maeva\APPLIC~1\idlebi~1\Meowborestupid.exe
   Supprime! - C:\DOCUME~1\maeva\APPLIC~1\idlebi~1
kkzjgfm.exe
   Supprime! - C:\DOCUME~1\CATHER~1\Cookies\catherine@www.adserver5[2].txt
   Supprime! - C:\WINDOWS\Tasks\AE9E214F9339D413.job 
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
   Supprime! - C:\DOCUME~1\CATHER~1\APPLIC~1\idlebi~1
   Supprime! - C:\DOCUME~1\maeva\APPLIC~1\idlebi~1
   -
   [ Fichier Hosts ] .. Restaure!
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans APPLIC~1

   [17/03/2009|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{66E2F539-12B6-4870-A500-7689CDE75C5E}
   [22/08/2009|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
   [19/04/2009|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ableton
   [11/08/2009|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [25/05/2009|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
   [30/07/2009|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar
   [27/07/2009|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
   [10/04/2009|13:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
   [17/05/2009|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
   [30/07/2009|07:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
   [22/08/2009|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
   [22/03/2009|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
   [22/03/2009|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
   [27/07/2009|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
   [22/08/2009|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
   [06/07/2009|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Longbow Digital Arts
   [19/07/2009|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
   [15/03/2009|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
   [22/08/2009|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [07/07/2009|00:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [06/07/2009|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
   [08/12/2008|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1
View_Profiles
   [17/03/2009|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters
   [07/04/2009|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
   [17/03/2009|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [23/08/2009|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [23/08/2009|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [05/12/2008|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
   [07/04/2009|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
   [17/06/2009|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [19/08/2009|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

   [19/04/2009|17:54] C:\DOCUME~1\CATHER~1\APPLIC~1\Ableton
   [11/08/2009|17:43] C:\DOCUME~1\CATHER~1\APPLIC~1\Adobe
   [10/04/2009|13:58] C:\DOCUME~1\CATHER~1\APPLIC~1\AVS4YOU
   [17/05/2009|12:50] C:\DOCUME~1\CATHER~1\APPLIC~1\Babylon
   [28/03/2009|19:54] C:\DOCUME~1\CATHER~1\APPLIC~1\Creative
   [17/06/2009|16:00] C:\DOCUME~1\CATHER~1\APPLIC~1\dvdcss
   [23/08/2009|22:13] C:\DOCUME~1\CATHER~1\APPLIC~1\EmailNotifier
   [06/04/2009|20:35] C:\DOCUME~1\CATHER~1\APPLIC~1\EPSON
   [06/07/2009|22:10] C:\DOCUME~1\CATHER~1\APPLIC~1\Gamelab
   [20/06/2009|21:59] C:\DOCUME~1\CATHER~1\APPLIC~1\GARMIN
   [25/03/2009|18:02] C:\DOCUME~1\CATHER~1\APPLIC~1\GetRightToGo
   [26/03/2009|16:46] C:\DOCUME~1\CATHER~1\APPLIC~1\Help
   [05/12/2008|19:39] C:\DOCUME~1\CATHER~1\APPLIC~1\Identities
   [07/04/2009|17:53] C:\DOCUME~1\CATHER~1\APPLIC~1\InstallShield
   [06/12/2008|00:51] C:\DOCUME~1\CATHER~1\APPLIC~1\Macromedia
   [22/08/2009|21:40] C:\DOCUME~1\CATHER~1\APPLIC~1\Malwarebytes
   [27/07/2009|12:53] C:\DOCUME~1\CATHER~1\APPLIC~1\Microsoft
   [13/04/2009|16:35] C:\DOCUME~1\CATHER~1\APPLIC~1\Mozilla
   [29/04/2009|18:44] C:\DOCUME~1\CATHER~1\APPLIC~1\MSNInstaller
   [08/12/2008|15:39] C:\DOCUME~1\CATHER~1\APPLIC~1\Sun
   [04/06/2009|20:54] C:\DOCUME~1\CATHER~1\APPLIC~1\U3
   [26/03/2009|15:53] C:\DOCUME~1\CATHER~1\APPLIC~1\Ulead Systems
   [17/03/2009|18:57] C:\DOCUME~1\CATHER~1\APPLIC~1\Uniblue
   [10/08/2009|21:02] C:\DOCUME~1\CATHER~1\APPLIC~1\vlc
   [24/08/2009|13:58] C:\DOCUME~1\CATHER~1\APPLIC~1\vmntoolbar
   [05/12/2008|23:11] C:\DOCUME~1\CATHER~1\APPLIC~1\WinRAR

   [05/12/2008|19:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [27/04/2009|16:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
   [16/12/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
   [27/07/2009|12:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [15/08/2009|21:49] C:\DOCUME~1\maeva\APPLIC~1\Adobe
   [15/08/2009|15:28] C:\DOCUME~1\maeva\APPLIC~1\Creative
   [15/08/2009|16:05] C:\DOCUME~1\maeva\APPLIC~1\dvdcss
   [15/08/2009|15:43] C:\DOCUME~1\maeva\APPLIC~1\EmailNotifier
   [15/08/2009|13:04] C:\DOCUME~1\maeva\APPLIC~1\Identities
   [15/08/2009|13:08] C:\DOCUME~1\maeva\APPLIC~1\Macromedia
   [15/08/2009|13:21] C:\DOCUME~1\maeva\APPLIC~1\Microsoft
   [15/08/2009|13:06] C:\DOCUME~1\maeva\APPLIC~1\Mozilla
   [15/08/2009|13:09] C:\DOCUME~1\maeva\APPLIC~1\Sun
   [15/08/2009|17:54] C:\DOCUME~1\maeva\APPLIC~1\vlc
   [15/08/2009|15:43] C:\DOCUME~1\maeva\APPLIC~1\VMNTOOLBAR

   [29/04/2009|00:21] C:\DOCUME~1\Mendy\APPLIC~1\Adobe
   [29/04/2009|12:31] C:\DOCUME~1\Mendy\APPLIC~1\Creative
   [29/04/2009|00:17] C:\DOCUME~1\Mendy\APPLIC~1\Dealio
   [29/04/2009|00:15] C:\DOCUME~1\Mendy\APPLIC~1\Identities
   [29/04/2009|00:21] C:\DOCUME~1\Mendy\APPLIC~1\Macromedia
   [27/07/2009|12:53] C:\DOCUME~1\Mendy\APPLIC~1\Microsoft
   [29/04/2009|00:16] C:\DOCUME~1\Mendy\APPLIC~1\Mozilla
   [29/04/2009|00:16] C:\DOCUME~1\Mendy\APPLIC~1\Search Settings

   [27/07/2009|12:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [22/08/2009 20:40][--a------] C:\WINDOWS	asks\Ad-Aware Update (Weekly).job
   [21/08/2009 11:04][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [23/08/2009 22:19][--ah-----] C:\WINDOWS	asks\SA.DAT
   [05/08/2004 14:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [19/07/2009|14:17] C:\Program Files\Adobe
   [24/08/2009|15:18] C:\Program Files\Ad-remover
   [06/12/2008|12:38] C:\Program Files\Ahead
   [17/03/2009|18:17] C:\Program Files\Apple Software Update
   [27/07/2009|12:54] C:\Program Files\AVG
   [10/04/2009|19:20] C:\Program Files\AviSynth 2.5
   [23/04/2009|19:43] C:\Program Files\AVS4YOU
   [18/06/2009|16:00] C:\Program Files\Bandoo
   [08/06/2009|19:40] C:\Program Files\CA VMN Anti-Spyware
   [05/12/2008|22:49] C:\Program Files\CCleaner
   [17/03/2009|18:20] C:\Program Files\ConvertMovie 5.0
   [05/12/2008|22:07] C:\Program Files\Creative
   [20/06/2009|21:58] C:\Program Files\DIFX
   [05/12/2008|23:35] C:\Program Files\dossier speciaux
   [19/07/2009|19:50] C:\Program Files\DX-Ball
   [15/08/2009|15:58] C:\Program Files\eMule
   [19/05/2009|21:41] C:\Program Files\epson
   [25/05/2009|16:28] C:\Program Files\Fichiers communs
   [21/03/2009|23:47] C:\Program Files\Free Audio Pack
   [11/05/2009|14:26] C:\Program Files\Free Video Converter
   [12/04/2009|20:32] C:\Program Files\Freecorder
   [18/07/2009|01:42] C:\Program Files\Gamenext
   [20/06/2009|21:58] C:\Program Files\Garmin
   [20/06/2009|21:58] C:\Program Files\Garmin GPS Plugin
   [17/03/2009|18:22] C:\Program Files\Get Yahoo! Messenger
   [05/12/2008|19:39] C:\Program Files\HighMAT CD Writing Wizard
   [22/03/2009|16:04] C:\Program Files\IncrediMail
   [19/07/2009|14:52] C:\Program Files\InstallShield Installation Information
   [10/08/2009|23:49] C:\Program Files\Internet Explorer
   [13/04/2009|09:46] C:\Program Files\Java
   [22/08/2009|20:36] C:\Program Files\Lavasoft
   [19/07/2009|20:01] C:\Program Files\ma-config.com
   [22/08/2009|21:40] C:\Program Files\Malwarebytes' Anti-Malware
   [05/12/2008|22:04] C:\Program Files\Manuel d'utilisation de Creative WebCam Instant
   [05/12/2008|20:36] C:\Program Files\Messenger
   [02/05/2009|12:04] C:\Program Files\Micro Application
   [19/08/2009|15:25] C:\Program Files\Microsoft
   [05/12/2008|19:29] C:\Program Files\microsoft frontpage
   [06/12/2008|12:59] C:\Program Files\Microsoft Office
   [17/03/2009|18:23] C:\Program Files\Microsoft Silverlight
   [19/08/2009|15:33] C:\Program Files\Microsoft SQL Server Compact Edition
   [17/03/2009|18:21] C:\Program Files\Microsoft SQL Server Compact Edition(2)
   [05/12/2008|20:34] C:\Program Files\Movie Maker
   [24/08/2009|15:38] C:\Program Files\Mozilla Firefox
   [19/05/2009|19:30] C:\Program Files\MSBuild
   [15/12/2008|17:11] C:\Program Files\MSN
   [05/12/2008|19:25] C:\Program Files\MSN Gaming Zone
   [24/08/2009|14:22] C:\Program Files\Navilog1
   [06/12/2008|12:33] C:\Program Files
ero
   [05/12/2008|20:32] C:\Program Files\NetMeeting
   [05/12/2008|19:25] C:\Program Files\Online Services
   [12/08/2009|03:13] C:\Program Files\Outlook Express
   [05/12/2008|22:03] C:\Program Files\Photo Manager
   [06/12/2008|13:38] C:\Program Files\PhotoFiltre
   [07/04/2009|20:32] C:\Program Files\Pinnacle
   [25/05/2009|16:30] C:\Program Files\PSCS2Updater
   [07/04/2009|17:48] C:\Program Files\QuickTime
   [19/05/2009|19:30] C:\Program Files\Reference Assemblies
   [22/08/2009|21:39] C:\Program Files\RegCleaner
   [06/12/2008|01:17] C:\Program Files\SDLL
   [05/12/2008|19:27] C:\Program Files\Services en ligne
   [05/12/2008|22:05] C:\Program Files\SightSpeed
   [05/12/2008|23:33] C:\Program Files\SLD Codec Pack
   [12/04/2009|20:40] C:\Program Files\SoundRecorder
   [22/08/2009|15:26] C:\Program Files\Spybot - Search & Destroy
   [17/03/2009|20:03] C:\Program Files\Uniblue
   [15/08/2009|13:04] C:\Program Files\Uninstall Information
   [05/12/2008|20:02] C:\Program Files\VIAudioi
   [05/12/2008|22:36] C:\Program Files\VideoLAN
   [08/06/2009|19:40] C:\Program Files\vmntoolbar
   [05/12/2008|19:39] C:\Program Files\Windows Journal Viewer
   [19/08/2009|16:21] C:\Program Files\Windows Live
   [17/03/2009|20:53] C:\Program Files\Windows Media Components
   [17/06/2009|15:45] C:\Program Files\Windows Media Connect
   [17/06/2009|15:52] C:\Program Files\Windows Media Player
   [05/12/2008|20:32] C:\Program Files\Windows NT
   [05/12/2008|22:50] C:\Program Files\WinRAR
   [05/12/2008|19:29] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [19/07/2009|14:19] C:\Program Files\Fichiers communs\Adobe
   [25/05/2009|16:28] C:\Program Files\Fichiers communs\Adobe Systems Shared
   [06/12/2008|12:38] C:\Program Files\Fichiers communs\Ahead
   [23/04/2009|19:42] C:\Program Files\Fichiers communs\AVSMedia
   [06/12/2008|12:59] C:\Program Files\Fichiers communs\Designer
   [05/12/2008|21:56] C:\Program Files\Fichiers communs\InstallShield
   [18/03/2009|04:04] C:\Program Files\Fichiers communs\Microsoft Shared
   [05/12/2008|19:27] C:\Program Files\Fichiers communs\MSSoap
   [06/12/2008|00:43] C:\Program Files\Fichiers communs\Oberon Media
   [05/12/2008|20:14] C:\Program Files\Fichiers communs\ODBC
   [05/12/2008|19:27] C:\Program Files\Fichiers communs\Services
   [14/04/2009|12:18] C:\Program Files\Fichiers communs\Softwin
   [05/12/2008|20:13] C:\Program Files\Fichiers communs\SpeechEngines
   [05/12/2008|20:32] C:\Program Files\Fichiers communs\System
   [07/04/2009|18:01] C:\Program Files\Fichiers communs\Ulead Systems
   [16/02/2009|13:14] C:\Program Files\Fichiers communs\Windows Live
   [05/12/2008|22:41] C:\Program Files\Fichiers communs\WindowsLiveInstaller

   --------------------\  Process

   ( 43 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-08-24 15:47:59
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 146
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:2][D:2]-> C:\DOCUME~1\CATHER~1\LOCALS~1\Temp
   [F:24][D:0]-> C:\DOCUME~1\CATHER~1\Cookies
   [F:395][D:4]-> C:\DOCUME~1\CATHER~1\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 24/08/2009|15:30 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 24/08/2009|15:49 - Option : [2]

   --------------------\  Fin du rapport a 15:49:33

gen-hackman · Answer

bien on avance :

Télécharge OTL de OLDTimer

&#9654 enregistre le sur ton Bureau.

&#9654 Double clic sur OTL.exe pour le lancer.

&#9654 Coche les 2 cases Lop et Purity

&#9654 Coche la case devant scan all users

&#9654 règle-le sur "60 Days"

&#9654 dans la colonne de gauche , mets tout sur all

&#9654Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

&#9654&#9654&#9654 NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

ou celui-ci : https://www.cjoint.com/

&#9654 Clique sur Parcourir et cherche le fichier ci-dessus.

&#9654 Clique sur Ouvrir.

&#9654 Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

&#9654 Copie ce lien dans ta réponse.

Tu feras la meme chose avec le "Extra.txt".

zezette36 · Answer

CA Y EST C EST FAIT et cela donne quoi

zezette36 · Answer

tu l a recu ou pas

gen-hackman · Answer

ben si tu donnes pas les liens , je ne peux pas aller le chercher :)

zezette36 · Answer

ok je recommence

zezette36 · Answer

http://www.cijoint.fr/cjlink.php?file=cj200908/cijVmxdDnn.txt

gen-hackman · Answer

desole depose-le ici :

https://www.cjoint.com/

stp cijoint sont durs à obtenir  en ce moment je ne sais pas ce qu il y a.............

zezette36 · Answer

https://www.cjoint.com/?iyqBGLvF1f

gen-hackman · Answer

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

&#9654 Télécharge List&Kill'em et enregistre-le sur ton bureau

Il ne necessite pas d'installation 

&#9654double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

choisis la langue puis choisis l'option 1 = Mode Recherche

&#9654laisse travailler l'outil

le rapport va s'afficher , une fois le scan fini

&#9654&#9654&#9654&#9654&#9654&#9654&#9654 ATTENTION : Efface ton adresse IP stp !!!!

ici :

                                            [121]: KB973815 - Update
                                            [122]: KB973869 - Update
                                            [123]: XpsEPSC
Carte(s) r‚seau:                            4 carte(s) r‚seau install‚e(s).
                                            [01]: Bluetooth PAN Network Adapter
                                                  Nom de la connexion : Connexion au r‚seau local 2
                                                  tat :          Support d‚connect‚
                                            [02]: Intel(R) PRO/1000 CT Network Connection
                                                  Nom de la connexion : Connexion au r‚seau local
                                                  DHCP activ‚ :    Non
                                                  Adresse(s) IP
                                                  [01] : 192.168.0.11
                                            [03]: VirtualBox Host-Only Ethernet Adapter
                                                  Nom de la connexion : VirtualBox Host-Only Network
                                                  DHCP activ‚ :    Non
                                                  Adresse(s) IP
                                                  [01] : 192.168.56.1
                                            [04]: VirtualBox Host-Only Ethernet Adapter
                                                  Nom de la connexion : VirtualBox Host-Only Network #2
                                                  DHCP activ‚ :    Non
                                                  Adresse(s) IP
                                                  [01] : 192.168.217.1

Nom de l'image              PIDÿ Nom de la sessio Num‚ro d Utilisation 
========================= ====== ================ ======== ============
System Idle Process            0 Console                 0        16 Ko
System                         4 Console                 0       244 Ko
smss.exe                     916 Console                 0       400 Ko
csrss.exe                    972 Console                 0     4ÿ456 Ko
winlogon.exe                 996 Console                 0     3ÿ536 Ko

&#9654 colle le contenu dans ta prochaine réponse

zezette36 · Answer

je ne peu pas effacer mon adresse ip

gen-hackman · Answer

si sur le rapport

zezette36 · Answer

sur le rapport je n ai pas mon adresse ip cela ne donne pas comme toi

gen-hackman · Answer

non mais les chiffres sont forcement differents mais efface-les ^^

zezette36 · Answer

List'em by g3n-h@ckm@n 1.0.2.8 

updated on 23.08.2009 ::::: 13.00 


Microsoft Windows XP [version 5.1.2600]
 

24/08/2009    16:51:20,26 
 
 
Infections : 
========== 
 

¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents : 

"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"  
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"  
"C:\Program Files\VMNToolbar"  
"C:\WINDOWS\iun6002.exe"  
"C:\WINDOWS\system32\prntvpt.dll"  
C:\WINDOWS\System32\SET152.tmp  
C:\WINDOWS\System32\SET154.tmp  
C:\WINDOWS\System32\SET160.tmp  
C:\WINDOWS\System32\SET2B3.tmp  
C:\WINDOWS\System32\SET2BC.tmp  
C:\WINDOWS\System32\SET2BE.tmp  
C:\WINDOWS\System32\SET2CA.tmp  
C:\WINDOWS\System32\SET2DB.tmp  
C:\WINDOWS\System32\SET2DD.tmp  
C:\WINDOWS\System32\SET2EC.tmp  
"C:\Documents and Settings\catherine\Application Data\VMNToolbar"  
 
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes : 

HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536  
 
¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch : 

ACRORD32INFO.EXE-242CE4AA.pf
AD-R.EXE-2EF62014.pf
ADOBE GAMMA LOADER.EXE-0A47CFD1.pf
ATTRIB.EXE-39EAFB02.pf
AU_.EXE-17207C18.pf
AVGCMGR.EXE-1D29CBA8.pf
AVGCSRVX.EXE-2F45B5C7.pf
AVGSCANX.EXE-006AF2EC.pf
AVGUI.EXE-388E181A.pf
AVGUPD.EXE-388A6FCA.pf
AVWSC.EXE-347FCF75.pf
CATCHME.EXE-11AC9F51.pf
CATCHME.EXE-144424A3.pf
CHCP.COM-18156052.pf
CHKNTFS.EXE-31921D64.pf
CMD.EXE-087B4001.pf
CTFMON.EXE-0E17969B.pf
DUMPREP.EXE-1B46F901.pf
DWWIN.EXE-30875ADC.pf
ERUNT.COM-3A876921.pf
EXITKE~1.EXE-2B8D5EFF.pf
EXPLORER.EXE-082F38A9.pf
E_FAMDACE.EXE-31803103.pf
E_FAMTACE.EXE-1C9136DF.pf
E_FARNACE.EXE-1883ED8A.pf
E_FPREACE.EXE-11D86CD9.pf
FAV.EXE-2068B130.pf
FIND.EXE-0EC32F1E.pf
FINDSTR.EXE-0CA6274B.pf
FIREFOX.EXE-28641590.pf
FIXCFG.EXE-293DC071.pf
GETPATHS.EXE-0651DA57.pf
GNC.EXE-052F4B37.pf
GNC.EXE-09D16086.pf
GNC.EXE-298006C5.pf
GNC.EXE-2F6B29F7.pf
GREP.COM-30632777.pf
HELPSVC.EXE-2878DDA2.pf
HIJACKTHIS.EXE-2FCC0F17.pf
IEXPLORE.EXE-27122324.pf
IMAPI.EXE-0BF740A4.pf
IMAPP.EXE-093362B0.pf
INCMAIL.EXE-1D49117E.pf
JAVAW.EXE-2DC32ABC.pf
JAVAWS.EXE-021AC9A9.pf
Layout.ini
LIST_KILLEM.EXE-05285D77.pf
LOGONUI.EXE-0AF22957.pf
LOPSD.EXE-2A21EBF6.pf
LOPSD.EXE-3001CCE2.pf
LSTASKS.EXE-0042D0C8.pf
MODE.COM-31685BAE.pf
MSIEXEC.EXE-2F8A8CAE.pf
MSNMSGR.EXE-030AB647.pf
NAVILOG1.EXE-1507A288.pf
NERO.EXE-3017C357.pf
NEROSTARTSMART.EXE-3289D1AD.pf
NIRCMD.COM-35BF857A.pf
NOTEPAD.EXE-189578DA.pf
NOTEPAD.EXE-336351A9.pf
NTOSBOOT-B00DFAAD.pf
OSA.EXE-2CD63980.pf
OSV.EXE-02D60AAD.pf
OSV.EXE-208BE58E.pf
OTL.EXE-1B545057.pf
PV.COM-006EB813.pf
PV.EXE-3AA505F6.pf
REG.EXE-0D2A95F7.pf
REGEDIT.EXE-1B606482.pf
REGSVR32.EXE-25EEFE2F.pf
RUNDLL32.EXE-13DA0E71.pf
RUNDLL32.EXE-2077B83E.pf
RUNDLL32.EXE-2A94BB85.pf
RUNDLL32.EXE-2DFD12DD.pf
RUNDLL32.EXE-2E5AF1D7.pf
RUNDLL32.EXE-31C531CB.pf
RUNDLL32.EXE-435C3B42.pf
RUNDLL32.EXE-451FC2C0.pf
RUNDLL32.EXE-4BD19A5C.pf
SED.COM-281CC846.pf
SETPATH.COM-048AD5CE.pf
SETPATH.EXE-0EAA488E.pf
SOFTWAREUPDATE.EXE-32807C2B.pf
SPIDER.EXE-2D998CA6.pf
SPYBOTSD.EXE-1344276B.pf
SUBMARINE.EXE-2005E507.pf
SWREG.COM-3A277B41.pf
SWSC.COM-0DAE31A0.pf
SWWHOAMI.COM-284460C9.pf
UNINST.EXE-14B0B43E.pf
USNSVC.EXE-2DF2835C.pf
VERCLSID.EXE-3667BD89.pf
WINRAR.EXE-39C6DAD9.pf
WLMAIL.EXE-16F261CF.pf
WMIPRVSE.EXE-28F301A9.pf
WMPNSCFG.EXE-18926138.pf
WSCNTFY.EXE-1B24F5EB.pf
WSCRIPT.EXE-32960AB9.pf
WUAUCLT.EXE-399A8E72.pf
XPROC.COM-35533FBD.pf
 
 
 

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

zezette36 · Answer

je n arrive pas a desactiver AVG

Aide pour rapport navilog svp merci

31 réponses

Discussions similaires