Rapport Navilog... Un spécialiste svp ?

étoilée -  
 étoilée -
Bonjour,
Je joins l'analyse que je viens de faire avec navilog, pour me débarasser de mes fenêtres CiD. Quelqu'un peut il m'aider à l'interpréter et m'indiquer quoi faire ensuite ? MERCI

Search Navipromo version 3.5.4 commencé le 18/04/2008 à 16:04:01,86

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "alex"

Mise à jour le 15.04.2008 à 18h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Executé en mode normal

*** Recherche dossiers dans "C:\Windows" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "C:\ProgramData" ***

*** Recherche dossiers dans "C:\ProgramData\Microsoft\Windows\Start Menu\Programs" ***

*** Recherche dossiers dans "c:\users\alex\appdata\roaming\microsoft\windows\start menu\programs" ***

*** Recherche dossiers dans "C:\Users\alex\AppData\Local\virtualstore\Program Files" ***

*** Recherche dossiers dans "C:\Users\alex\AppData\Roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\alex\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\alex\AppData\Local" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\Windows\system32" :

* Dans "C:\Users\alex\AppData\Local\Microsoft" :

* Dans "C:\Users\alex\AppData\Local" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 18/04/2008 à 16:11:31,82 ***
Configuration: Windows Vista
Internet Explorer 7.0

2 réponses

  1. Takadormir
     
    slt,
    navilog n'a rien à voir avec Cid,passe directement à l'utilisation de LopSD
    qui lui te débarrassera de ces fenêtres.Option 1 ensuite option 2.
    il y a un tuto sur google dés que tu tapes : LopSD.
    0
  2. étoilée
     
    Voici le rapport LopSD, que faut il faire ensuite ?

    -----------------------[ Lop S&D 4.1.1-3 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
    [ USER : alex ] [ "C:\Lop SD" ]
    [ 18/04/2008 | 17:42:09,95 ] [ PC : PC-DE-ALEX ]
    [ MAJ : 17-04-2008 | 19:51 ]
    [ UAC => 0 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [16/04/2008|18:05] C:\Users\alex\AppData\Roaming\Adobe\..
    [16/04/2008|18:05] C:\Users\alex\AppData\Roaming\Adobe\Linguistics
    [16/04/2008|18:05] C:\Users\alex\AppData\Roaming\Adobe\.
    [16/04/2008|18:03] C:\Users\alex\AppData\Roaming\Adobe\Acrobat
    [18/03/2008|11:14] C:\Users\alex\AppData\Roaming\Adobe\Flash Player

    [15/03/2008|23:41] C:\Users\alex\AppData\Roaming\ATI\..
    [15/03/2008|23:41] C:\Users\alex\AppData\Roaming\ATI\ACE
    [15/03/2008|23:41] C:\Users\alex\AppData\Roaming\ATI\.

    [18/03/2008|11:52] C:\Users\alex\AppData\Roaming\CyberLink\..
    [18/03/2008|11:52] C:\Users\alex\AppData\Roaming\CyberLink\PowerCinema
    [18/03/2008|11:52] C:\Users\alex\AppData\Roaming\CyberLink\.

    [14/04/2008|18:32] C:\Users\alex\AppData\Roaming\F-Secure\..
    [14/04/2008|18:32] C:\Users\alex\AppData\Roaming\F-Secure\Spam Control
    [14/04/2008|18:32] C:\Users\alex\AppData\Roaming\F-Secure\.

    [15/03/2008|23:40] C:\Users\alex\AppData\Roaming\Identities\..
    [15/03/2008|23:40] C:\Users\alex\AppData\Roaming\Identities\{AEE038E5-8932-464B-8DB2-969D5B7D8D1F}
    [15/03/2008|23:40] C:\Users\alex\AppData\Roaming\Identities\.

    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\responses.cache
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\..
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\.
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\ttrees.cache
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\ttroot.cache
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\library.dat
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\spam.dat
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\filters.props
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\questions.props
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\tables.props
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\installation.props
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\mojito.props
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\limewire.props
    [01/04/2008|12:31] C:\Users\alex\AppData\Roaming\LimeWire\gnutella.net
    [01/04/2008|12:30] C:\Users\alex\AppData\Roaming\LimeWire\createtimes.cache
    [01/04/2008|12:29] C:\Users\alex\AppData\Roaming\LimeWire\fileurns.cache
    [01/04/2008|12:13] C:\Users\alex\AppData\Roaming\LimeWire\xml
    [01/04/2008|12:08] C:\Users\alex\AppData\Roaming\LimeWire\simpp.xml
    [01/04/2008|12:08] C:\Users\alex\AppData\Roaming\LimeWire\version.xml
    [01/04/2008|12:07] C:\Users\alex\AppData\Roaming\LimeWire\fileurns.bak
    [01/04/2008|12:07] C:\Users\alex\AppData\Roaming\LimeWire\.AppSpecialShare
    [01/04/2008|12:07] C:\Users\alex\AppData\Roaming\LimeWire\themes

    [17/04/2008|20:20] C:\Users\alex\AppData\Roaming\Macromedia\Flash Player
    [18/03/2008|11:14] C:\Users\alex\AppData\Roaming\Macromedia\..
    [18/03/2008|11:14] C:\Users\alex\AppData\Roaming\Macromedia\.

    [02/11/2006|14:37] C:\Users\alex\AppData\Roaming\Media Center Programs\..
    [02/11/2006|14:37] C:\Users\alex\AppData\Roaming\Media Center Programs\.

    [17/04/2008|21:27] C:\Users\alex\AppData\Roaming\Microsoft\Templates
    [17/04/2008|18:52] C:\Users\alex\AppData\Roaming\Microsoft\Word
    [17/04/2008|12:59] C:\Users\alex\AppData\Roaming\Microsoft\Office
    [17/04/2008|12:58] C:\Users\alex\AppData\Roaming\Microsoft\CLView
    [17/04/2008|12:58] C:\Users\alex\AppData\Roaming\Microsoft\..
    [17/04/2008|12:58] C:\Users\alex\AppData\Roaming\Microsoft\.
    [16/04/2008|11:22] C:\Users\alex\AppData\Roaming\Microsoft\UProof
    [08/04/2008|21:59] C:\Users\alex\AppData\Roaming\Microsoft\MSN Messenger
    [01/04/2008|11:58] C:\Users\alex\AppData\Roaming\Microsoft\Works
    [30/03/2008|13:00] C:\Users\alex\AppData\Roaming\Microsoft\Proof
    [30/03/2008|13:00] C:\Users\alex\AppData\Roaming\Microsoft\Document Building Blocks
    [30/03/2008|13:00] C:\Users\alex\AppData\Roaming\Microsoft\AddIns
    [27/03/2008|21:52] C:\Users\alex\AppData\Roaming\Microsoft\MMC
    [26/03/2008|12:02] C:\Users\alex\AppData\Roaming\Microsoft\Windows Photo Gallery
    [22/03/2008|14:09] C:\Users\alex\AppData\Roaming\Microsoft\IdentityCRL
    [18/03/2008|21:55] C:\Users\alex\AppData\Roaming\Microsoft\Crypto
    [18/03/2008|13:23] C:\Users\alex\AppData\Roaming\Microsoft\Internet Explorer
    [18/03/2008|13:15] C:\Users\alex\AppData\Roaming\Microsoft\eHome
    [18/03/2008|13:10] C:\Users\alex\AppData\Roaming\Microsoft\HTML Help
    [16/03/2008|20:23] C:\Users\alex\AppData\Roaming\Microsoft\Network
    [15/03/2008|23:40] C:\Users\alex\AppData\Roaming\Microsoft\SystemCertificates
    [15/03/2008|23:40] C:\Users\alex\AppData\Roaming\Microsoft\Protect
    [15/03/2008|23:40] C:\Users\alex\AppData\Roaming\Microsoft\Credentials
    [02/11/2006|13:18] C:\Users\alex\AppData\Roaming\Microsoft\Windows

    [01/04/2008|11:57] C:\Users\alex\AppData\Roaming\wklnhst.dat\wklnhst.dat

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [17/04/2008 20:20][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{74D2A305-5B5A-4692-AD83-5CB64F916860}.job
    [18/04/2008 17:41][--ah-----] C:\Windows\tasks\SA.DAT
    [18/04/2008 17:40][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [14/04/2008|23:39] C:\ProgramData\.
    [14/04/2008|23:39] C:\ProgramData\..
    [15/03/2008|23:42] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [06/12/2007|12:45] C:\ProgramData\Adobe
    [01/04/2008|12:50] C:\ProgramData\AmenDownloadVga
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [06/12/2007|13:16] C:\ProgramData\ATI
    [01/04/2008|12:50] C:\ProgramData\BoneJoyJoy.578sn99
    [01/04/2008|12:50] C:\ProgramData\BoneJoyJoy.mef5l52
    [15/03/2008|23:36] C:\ProgramData\Bureau
    [06/12/2007|13:04] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [15/03/2008|23:36] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [01/04/2008|12:50] C:\ProgramData\file cool soap.q18cx
    [14/04/2008|18:21] C:\ProgramData\F-Secure
    [14/04/2008|18:19] C:\ProgramData\fssg
    [15/03/2008|23:36] C:\ProgramData\Menu D‚marrer
    [14/04/2008|23:39] C:\ProgramData\Messenger Plus!
    [19/03/2008|13:18] C:\ProgramData\Microsoft
    [08/04/2008|23:59] C:\ProgramData\Microsoft Help
    [15/03/2008|23:36] C:\ProgramData\ModŠles
    [01/04/2008|12:50] C:\ProgramData\Move Bore Curb Tool
    [06/12/2007|12:52] C:\ProgramData\Nero
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [14/04/2008|17:48] C:\ProgramData\Symantec
    [02/11/2006|15:02] C:\ProgramData\Templates
    [18/03/2008|11:09] C:\ProgramData\WLInstaller

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [18/04/2008|15:55] C:\Program Files\.
    [18/04/2008|15:55] C:\Program Files\..
    [15/03/2008|23:42] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [06/12/2007|12:45] C:\Program Files\Adobe
    [18/03/2008|11:18] C:\Program Files\Alwil Software
    [06/12/2007|12:37] C:\Program Files\ATI
    [06/12/2007|12:38] C:\Program Files\ATI Technologies
    [08/04/2008|23:11] C:\Program Files\CCleaner
    [14/04/2008|19:59] C:\Program Files\Circle Developement
    [18/03/2008|10:39] C:\Program Files\Club-Internet
    [14/04/2008|17:48] C:\Program Files\Common Files
    [06/12/2007|13:04] C:\Program Files\CyberLink
    [06/12/2007|12:32] C:\Program Files\desktop.ini
    [15/03/2008|23:36] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [14/04/2008|23:36] C:\Program Files\InstallShield Installation Information
    [09/04/2008|17:44] C:\Program Files\Internet Explorer
    [01/04/2008|12:05] C:\Program Files\Java
    [01/04/2008|12:31] C:\Program Files\LimeWire
    [14/04/2008|20:08] C:\Program Files\Messenger Plus! Live
    [19/03/2008|20:28] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [06/12/2007|13:02] C:\Program Files\Microsoft Office
    [06/12/2007|13:05] C:\Program Files\Microsoft Works
    [06/12/2007|13:01] C:\Program Files\Microsoft.NET
    [02/11/2006|14:42] C:\Program Files\Movie Maker
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [02/11/2006|14:37] C:\Program Files\MSN
    [06/12/2007|12:44] C:\Program Files\MSXML 4.0
    [18/04/2008|16:42] C:\Program Files\Navilog1
    [06/12/2007|12:52] C:\Program Files\Nero
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [14/04/2008|18:04] C:\Program Files\Securitoo
    [18/04/2008|14:47] C:\Program Files\Trend Micro
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [14/04/2008|23:36] C:\Program Files\Vimicro
    [06/12/2007|12:28] C:\Program Files\Windows Calendar
    [02/11/2006|14:42] C:\Program Files\Windows Collaboration
    [06/12/2007|12:28] C:\Program Files\Windows Defender
    [02/11/2006|14:42] C:\Program Files\Windows Journal
    [18/03/2008|11:18] C:\Program Files\Windows Live
    [06/12/2007|12:28] C:\Program Files\Windows Mail
    [06/12/2007|12:28] C:\Program Files\Windows Media Player
    [15/03/2008|23:36] C:\Program Files\Windows NT
    [02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
    [19/03/2008|20:34] C:\Program Files\Windows Sidebar

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [14/04/2008|17:48] C:\Program Files\Common Files\.
    [14/04/2008|17:48] C:\Program Files\Common Files\..
    [06/12/2007|12:45] C:\Program Files\Common Files\Adobe
    [06/12/2007|12:53] C:\Program Files\Common Files\Ahead
    [06/12/2007|13:02] C:\Program Files\Common Files\DESIGNER
    [06/12/2007|13:08] C:\Program Files\Common Files\Fujitsu Siemens Computers
    [14/04/2008|23:36] C:\Program Files\Common Files\InstallShield
    [01/04/2008|12:03] C:\Program Files\Common Files\Java
    [18/03/2008|11:19] C:\Program Files\Common Files\microsoft shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [14/04/2008|17:50] C:\Program Files\Common Files\Symantec Shared
    [06/12/2007|12:28] C:\Program Files\Common Files\System
    [18/03/2008|11:17] C:\Program Files\Common Files\WindowsLiveInstaller

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\ProgramData\file cool soap.q18cx

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\ProgramData\Move Bore Curb Tool
    C:\ProgramData\Move Bore Curb Tool\mess clock.exe
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.0xe

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-18 17:42:24
    Windows 6.0.6000 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:126][Doss:6] C:\Users\alex\AppData\Local\Temp
    /!\ [Fich:92][Doss:1] C:\Users\alex\AppData\Roaming\MICROS~1\Windows\Cookies
    /!\ [Fich:295][Doss:5] C:\Users\alex\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 17:50:39,59 ]----------------------
    0