Problème CID avec windos vista - Page 2

Précédent
  • 1
  • 2
Réponse 21 / 33
Utilisateur anonyme
 
De passage ,

Supprimer seulement les dossiers et fichiers de LOP ne sert à rien.
Il faut aussi supprimer la tâche planifiée.

L'infection reviendra toujours.

Chiquitine , pourquoi ne pas utiliser un outil dans le genre de LopXP ?

[Lop S&D par exemple ... ]

A++
0
Réponse 22 / 33
Utilisateur anonyme
 
Salut ciryl :

LopXP n est pas compatible vista ...

Pour Lop S&D je connaissai pas

t as un canned ??
0
Réponse 23 / 33
Utilisateur anonyme
 
Je le sais pour LopXP , c'est pour ça que j'ai proposé Lop S&D ;)

Voila le canned :

Désactive l'UAC (contrôle des comptes utilisateurs) car il peut gener l'execution du programme.

Démarrer --> Panneau de Configuration --> Comptes d'utilisateurs et protection des utilisateurs --> Comptes d'utilisateurs --> Activer ou désactiver le contrôle des comptes d'utilisateurs > désactive-le.

/!\ Pense à le remettre aprés la désinfection /!\

→ Télécharge LOP S&D sur ton bureau.

Ton Anti-virus risque de gueuler pendant la procédure , ne t'inquiète pas. Désactive-le si necessaire.

→ Ensuite clique droit sur LopSD.exe > 'exécuter en tant qu'administrateur' pour lancer l'installation. Accepte le contrat de license.

Un message va t'informer que le repertoire n'existe pas , répond ' oui ' à la question qui s'en suit.

→ Maintenant fait un clique droit sur Lop S&D > 'exécuter en tant qu'administrateur' (sur le raccourci Lop S&D présent sur le bureau).

Au menu principal, choisis l'option 1

--- Le programme va travailler ---

En fin d'analyse un rapport va apparaître , copie-en le contenu dans ta prochaine réponse.

( rapport sauvegardé aussi dans C:\lopR.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide) /!\

Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm

******************************************

+++
0
Réponse 24 / 33
Venatio Messages postés 13 Statut Membre
 
euh avant de commencer d une autre facon je pourrai pas d abord finir celle de chiquitine29 ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 33
Utilisateur anonyme
 
TU PEUX AVOIR CONFIANCE EN CIRYL FAIS CE QU IL EXPLIQUE STP
0
Réponse 26 / 33
Venatio
 
-----------------------[ Lop S&D 4.2.0-9 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Yann ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 28/05/2008 | 15:03:24,34 ] [ PC : PC-DE-YANN ]
[ MAJ : 16-05-2008 | 23:35 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[05/03/2008|11:37] C:\Users\Yann\AppData\Roaming\Adobe\Flash Player
[14/05/2007|16:51] C:\Users\Yann\AppData\Roaming\Adobe\Adobe PDF
[14/05/2007|16:51] C:\Users\Yann\AppData\Roaming\Adobe\Acrobat
[14/05/2007|15:50] C:\Users\Yann\AppData\Roaming\Adobe\Linguistics

[15/04/2008|01:08] C:\Users\Yann\AppData\Roaming\Apple Computer\iTunes

[19/05/2008|17:54] C:\Users\Yann\AppData\Roaming\AVSMedia\AVSVideoConverter

[10/11/2007|18:21] C:\Users\Yann\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium\MapPreviews
[04/11/2007|13:08] C:\Users\Yann\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium\Maps
[03/11/2007|19:47] C:\Users\Yann\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium\Profils

[04/03/2008|21:48] C:\Users\Yann\AppData\Roaming\CoreFTP\data

[02/04/2007|21:54] C:\Users\Yann\AppData\Roaming\DivX\DivX Codec

[03/12/2007|22:56] C:\Users\Yann\AppData\Roaming\Google\Local Search History
[20/10/2007|23:44] C:\Users\Yann\AppData\Roaming\Google\GoogleEarth

[29/03/2007|16:17] C:\Users\Yann\AppData\Roaming\Identities\{F0C715E6-2589-4610-BC21-20C042025E68}

[30/03/2007|13:33] C:\Users\Yann\AppData\Roaming\InstallShield\ISEngine12.0

[30/03/2007|11:23] C:\Users\Yann\AppData\Roaming\Macromedia\Flash Player

[28/05/2008|11:49] C:\Users\Yann\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware

[28/05/2008|00:10] C:\Users\Yann\AppData\Roaming\Microsoft\Word
[20/05/2008|13:58] C:\Users\Yann\AppData\Roaming\Microsoft\Office
[15/05/2008|22:19] C:\Users\Yann\AppData\Roaming\Microsoft\UProof
[10/05/2008|01:11] C:\Users\Yann\AppData\Roaming\Microsoft\eHome
[09/05/2008|23:33] C:\Users\Yann\AppData\Roaming\Microsoft\CLR Security Config
[10/03/2008|12:18] C:\Users\Yann\AppData\Roaming\Microsoft\Templates
[08/03/2008|21:05] C:\Users\Yann\AppData\Roaming\Microsoft\Credentials
[04/02/2008|22:22] C:\Users\Yann\AppData\Roaming\Microsoft\Publisher
[25/01/2008|01:50] C:\Users\Yann\AppData\Roaming\Microsoft\Excel
[14/01/2008|11:23] C:\Users\Yann\AppData\Roaming\Microsoft\Windows Photo Gallery
[09/01/2008|15:35] C:\Users\Yann\AppData\Roaming\Microsoft\Crypto
[21/11/2007|14:29] C:\Users\Yann\AppData\Roaming\Microsoft\Installer
[09/11/2007|23:05] C:\Users\Yann\AppData\Roaming\Microsoft\MSN Messenger
[20/08/2007|17:04] C:\Users\Yann\AppData\Roaming\Microsoft\IdentityCRL
[14/05/2007|10:12] C:\Users\Yann\AppData\Roaming\Microsoft\CLView
[14/05/2007|10:12] C:\Users\Yann\AppData\Roaming\Microsoft\Proof
[14/05/2007|10:10] C:\Users\Yann\AppData\Roaming\Microsoft\Document Building Blocks
[14/05/2007|09:46] C:\Users\Yann\AppData\Roaming\Microsoft\MS Project
[14/05/2007|09:45] C:\Users\Yann\AppData\Roaming\Microsoft\AddIns
[23/04/2007|13:08] C:\Users\Yann\AppData\Roaming\Microsoft\HTML Help
[02/04/2007|21:53] C:\Users\Yann\AppData\Roaming\Microsoft\Internet Explorer
[30/03/2007|19:35] C:\Users\Yann\AppData\Roaming\Microsoft\Speech
[30/03/2007|18:59] C:\Users\Yann\AppData\Roaming\Microsoft\Network
[30/03/2007|18:54] C:\Users\Yann\AppData\Roaming\Microsoft\Windows
[30/03/2007|13:37] C:\Users\Yann\AppData\Roaming\Microsoft\MMC
[29/03/2007|16:17] C:\Users\Yann\AppData\Roaming\Microsoft\SystemCertificates
[29/03/2007|16:17] C:\Users\Yann\AppData\Roaming\Microsoft\Protect

[01/12/2007|17:24] C:\Users\Yann\AppData\Roaming\Microsoft Games\Gears of War

[22/05/2008|01:46] C:\Users\Yann\AppData\Roaming\mIRC\logs
[16/05/2008|21:44] C:\Users\Yann\AppData\Roaming\mIRC\downloads
[16/05/2008|21:44] C:\Users\Yann\AppData\Roaming\mIRC\channels
[16/05/2008|21:44] C:\Users\Yann\AppData\Roaming\mIRC\sounds
[16/05/2008|21:31] C:\Users\Yann\AppData\Roaming\mIRC\scripts

[23/05/2008|16:19] C:\Users\Yann\AppData\Roaming\Mozilla\Firefox

[08/12/2007|22:15] C:\Users\Yann\AppData\Roaming\NewsLeecher\servers
[10/11/2007|19:56] C:\Users\Yann\AppData\Roaming\NewsLeecher\scripting
[10/11/2007|19:56] C:\Users\Yann\AppData\Roaming\NewsLeecher\cacheV3
[10/11/2007|19:56] C:\Users\Yann\AppData\Roaming\NewsLeecher\super search favorites
[10/11/2007|19:56] C:\Users\Yann\AppData\Roaming\NewsLeecher\Temp
[10/11/2007|19:56] C:\Users\Yann\AppData\Roaming\NewsLeecher\folder links

[02/09/2007|15:10] C:\Users\Yann\AppData\Roaming\PACE Anti-Piracy\4ejaZ9Cb
[02/09/2007|15:10] C:\Users\Yann\AppData\Roaming\PACE Anti-Piracy\eybLenuZOKg

[25/11/2007|00:35] C:\Users\Yann\AppData\Roaming\Real\RealMediaSDK

[03/11/2007|19:46] C:\Users\Yann\AppData\Roaming\SecuROM\UserData

[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\SystŠmes d'exploitation
[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\Navigateurs
[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\Mat‚riel
[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\Logiciels
[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\Jeux
[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\Anti-virus

[02/04/2007|21:44] C:\Users\Yann\AppData\Roaming\vlc\cache

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[28/05/2008 15:03][--a------] C:\Windows\tasks\RtlVistaStart.job
[27/05/2008 23:26][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{36E2899C-3F4C-4F92-B1BE-FA5C5F3BA3E7}.job
[28/05/2008 15:03][--ah-----] C:\Windows\tasks\SA.DAT
[28/05/2008 15:01][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[19/11/2007|16:38] C:\ProgramData\Adobe
[15/04/2008|01:05] C:\ProgramData\Apple
[15/04/2008|01:07] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[23/05/2008|16:20] C:\ProgramData\beep axis mode free
[23/05/2008|16:19] C:\ProgramData\Bib bold bold.rwy9hr
[29/03/2007|16:13] C:\ProgramData\Bureau
[20/01/2008|23:07] C:\ProgramData\CanonBJ
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[19/09/2007|16:17] C:\ProgramData\Electronic Arts
[29/03/2007|16:13] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[10/09/2007|17:46] C:\ProgramData\FLEXnet
[27/06/2007|17:33] C:\ProgramData\Google
[22/07/2007|15:25] C:\ProgramData\hash.dat
[18/04/2008|17:44] C:\ProgramData\InstallShield
[31/03/2007|09:36] C:\ProgramData\Logitech
[28/05/2008|11:49] C:\ProgramData\Malwarebytes
[10/05/2008|15:09] C:\ProgramData\Media Center Programs
[29/03/2007|16:13] C:\ProgramData\Menu D‚marrer
[09/12/2007|19:58] C:\ProgramData\Microsoft
[14/05/2008|02:59] C:\ProgramData\Microsoft Help
[29/03/2007|16:13] C:\ProgramData\ModŠles
[19/04/2008|07:19] C:\ProgramData\NVIDIA
[14/05/2007|10:12] C:\ProgramData\Office Genuine Advantage
[02/09/2007|15:10] C:\ProgramData\PACE Anti-Piracy
[12/08/2007|20:51] C:\ProgramData\Real
[23/05/2008|16:20] C:\ProgramData\site link test
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[15/05/2008|20:22] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[13/11/2007|17:00] C:\Program Files\Activision
[19/11/2007|16:36] C:\Program Files\Adobe
[08/05/2007|17:29] C:\Program Files\Alcohol Soft
[20/07/2007|14:08] C:\Program Files\Alwil Software
[15/04/2008|01:06] C:\Program Files\Apple Software Update
[26/01/2008|13:36] C:\Program Files\ASUS WiFi-AP Solo
[17/05/2008|09:18] C:\Program Files\Codemasters
[24/05/2008|13:54] C:\Program Files\Common Files
[08/05/2007|22:10] C:\Program Files\DAEMON Tools
[09/05/2007|09:16] C:\Program Files\DAEMON Tools SearchBar
[13/11/2007|16:57] C:\Program Files\DAMN NFO Viewer
[30/08/2007|12:18] C:\Program Files\desktop.ini
[02/04/2007|21:54] C:\Program Files\DivX
[29/01/2008|18:57] C:\Program Files\EA SPORTS
[24/11/2007|12:30] C:\Program Files\Electronic Arts
[28/05/2008|01:43] C:\Program Files\eMule
[29/03/2007|16:13] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[03/03/2008|20:20] C:\Program Files\FileZilla Client
[08/07/2007|20:10] C:\Program Files\FTP Commander
[02/09/2007|16:11] C:\Program Files\GameSpy
[01/12/2007|17:23] C:\Program Files\Gears of War
[12/01/2008|12:50] C:\Program Files\GOA
[17/11/2007|18:03] C:\Program Files\Google
[18/04/2008|17:39] C:\Program Files\Gpotato.eu
[26/11/2007|17:29] C:\Program Files\GUILD WARS
[22/01/2008|00:05] C:\Program Files\HLSW
[21/11/2007|14:29] C:\Program Files\Hp
[03/05/2008|15:46] C:\Program Files\InstallShield Installation Information
[15/04/2008|01:07] C:\Program Files\Internet Explorer
[15/04/2008|01:08] C:\Program Files\iPod
[03/03/2008|20:12] C:\Program Files\Ipswitch
[15/04/2008|01:08] C:\Program Files\iTunes
[17/11/2007|18:03] C:\Program Files\Java
[19/04/2007|10:06] C:\Program Files\LimeWire
[31/03/2007|09:36] C:\Program Files\Logitech
[09/02/2008|22:14] C:\Program Files\LucasArts
[28/05/2008|11:49] C:\Program Files\Malwarebytes' Anti-Malware
[12/08/2007|20:51] C:\Program Files\Media Player Classic
[01/12/2007|16:27] C:\Program Files\Microsoft Games
[13/11/2007|20:23] C:\Program Files\Microsoft Office
[21/11/2007|21:31] C:\Program Files\Microsoft SQL Server Compact Edition
[13/11/2007|20:23] C:\Program Files\Microsoft Visual Studio
[13/11/2007|20:19] C:\Program Files\Microsoft Visual Studio 8
[13/11/2007|20:24] C:\Program Files\Microsoft Works
[13/11/2007|20:22] C:\Program Files\Microsoft.NET
[02/04/2008|20:46] C:\Program Files\MIKSOFT
[16/05/2008|21:31] C:\Program Files\mIRC
[02/11/2006|14:42] C:\Program Files\Movie Maker
[17/11/2007|18:01] C:\Program Files\Mozilla Firefox
[13/11/2007|20:24] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[10/11/2007|19:56] C:\Program Files\NewsLeecher
[26/04/2008|19:19] C:\Program Files\PhotoFiltre
[11/11/2007|12:45] C:\Program Files\QuickPar
[15/04/2008|01:07] C:\Program Files\QuickTime
[12/08/2007|20:51] C:\Program Files\Real Alternative
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[24/11/2007|11:25] C:\Program Files\Registry Mechanic
[02/04/2007|21:47] C:\Program Files\RM-X Player V4
[05/02/2008|17:55] C:\Program Files\SAGEM
[31/03/2007|17:36] C:\Program Files\Schmads Inc
[27/10/2007|20:32] C:\Program Files\SopCast
[28/05/2008|15:03] C:\Program Files\Steam
[30/03/2007|19:33] C:\Program Files\Teamspeak2_RC2
[26/01/2008|18:35] C:\Program Files\THQ
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[01/04/2007|20:37] C:\Program Files\uTorrent
[14/04/2008|23:26] C:\Program Files\Veoh Networks
[01/04/2007|20:47] C:\Program Files\VideoLAN
[03/03/2008|19:57] C:\Program Files\Visicom Media
[30/08/2007|12:17] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[13/04/2007|03:09] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[15/05/2008|20:27] C:\Program Files\Windows Live
[14/05/2008|02:59] C:\Program Files\Windows Mail
[11/10/2007|09:40] C:\Program Files\Windows Media Player
[29/03/2007|16:13] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[10/01/2008|04:09] C:\Program Files\Windows Sidebar
[30/03/2007|20:02] C:\Program Files\WinRAR
[19/05/2008|11:43] C:\Program Files\World of Warcraft
[31/03/2007|14:38] C:\Program Files\WowCartographe
[03/03/2008|20:09] C:\Program Files\ZillaSoft.ws

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[19/11/2007|16:39] C:\Program Files\Common Files\Adobe
[15/04/2008|01:05] C:\Program Files\Common Files\Apple
[24/05/2008|13:52] C:\Program Files\Common Files\AVSMedia
[31/03/2007|09:35] C:\Program Files\Common Files\Blizzard Entertainment
[13/11/2007|20:23] C:\Program Files\Common Files\DESIGNER
[19/01/2008|02:06] C:\Program Files\Common Files\INCA Shared
[18/04/2008|17:39] C:\Program Files\Common Files\InstallShield
[19/04/2007|10:04] C:\Program Files\Common Files\Java
[31/03/2007|09:36] C:\Program Files\Common Files\Logitech
[14/05/2007|16:51] C:\Program Files\Common Files\Macrovision Shared
[01/12/2007|11:51] C:\Program Files\Common Files\Microsoft Games
[05/12/2007|20:09] C:\Program Files\Common Files\microsoft shared
[02/09/2007|18:32] C:\Program Files\Common Files\PACE Anti-Piracy
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[10/05/2008|14:44] C:\Program Files\Common Files\Steam
[13/11/2007|20:16] C:\Program Files\Common Files\System
[21/11/2007|21:29] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 58

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\Bib bold bold.rwy9hr
C:\ProgramData\SITELI~1
C:\ProgramData\SITELI~1\qaeaiaci.exe
C:\ProgramData\SITELI~1\setup okay mp3.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\ProgramData\beep axis mode free
C:\ProgramData\beep axis mode free\Joy jump.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload\BitDownload Downloads.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload\BitDownload Uninstall.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload\BitDownload.lnk

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bat nurb hide]
"DisplayName"="CiD Help"
"UninstallString"="C:\\PROGRA~2\\SITELI~1\\setup okay mp3.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-28 15:04:04
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Users\Yann\AppData\Local\VirtualStore\Program Files\eMule\Incoming\Theme.Park.World.Crack-NoCD.+.Update.Patch-v2.+.Trainer-Money.zip
=> C:\Users\Yann\AppData\Roaming\uTorrent\Age Of Empires III + Warchiefs Expansion + Crack and key.torrent

[F:13][D:4]-> C:\Users\Yann\AppData\Local\Temp
[F:75][D:1]-> C:\Users\Yann\AppData\Roaming\MICROS~1\Windows\Cookies
[F:19][D:4]-> C:\Users\Yann\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5][D:2]-> C:\$Recycle.Bin

[ UAC => 1 ]

--------------------[ Fin du rapport a 15:07:53,16 ]----------------------
0
Réponse 27 / 33
Utilisateur anonyme
 
Relance Lop S&D

> option2 ( suppression )

Et poste le rapport obtenu.

( rapport situé dans C:\lopR.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
Réponse 28 / 33
Venatio
 
-----------------------[ Lop S&D 4.2.0-9 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Yann ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 28/05/2008 | 15:21:20,42 ] [ PC : PC-DE-YANN ]
[ MAJ : 16-05-2008 | 23:35 ]
[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\ProgramData\beep axis mode free\Joy jump.exe
Supprimé! - C:\ProgramData\Bib bold bold.rwy9hr
Supprimé! - C:\ProgramData\SITELI~1\qaeaiaci.exe
Supprimé! - C:\ProgramData\SITELI~1\setup okay mp3.exe
Supprimé! - C:\ProgramData\beep axis mode free
Supprimé! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload
Supprimé! - C:\ProgramData\SITELI~1
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

[05/03/2008|11:37] C:\Users\Yann\AppData\Roaming\Adobe\Flash Player
[14/05/2007|16:51] C:\Users\Yann\AppData\Roaming\Adobe\Adobe PDF
[14/05/2007|16:51] C:\Users\Yann\AppData\Roaming\Adobe\Acrobat
[14/05/2007|15:50] C:\Users\Yann\AppData\Roaming\Adobe\Linguistics

[15/04/2008|01:08] C:\Users\Yann\AppData\Roaming\Apple Computer\iTunes

[19/05/2008|17:54] C:\Users\Yann\AppData\Roaming\AVSMedia\AVSVideoConverter

[10/11/2007|18:21] C:\Users\Yann\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium\MapPreviews
[04/11/2007|13:08] C:\Users\Yann\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium\Maps
[03/11/2007|19:47] C:\Users\Yann\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium\Profils

[04/03/2008|21:48] C:\Users\Yann\AppData\Roaming\CoreFTP\data

[02/04/2007|21:54] C:\Users\Yann\AppData\Roaming\DivX\DivX Codec

[03/12/2007|22:56] C:\Users\Yann\AppData\Roaming\Google\Local Search History
[20/10/2007|23:44] C:\Users\Yann\AppData\Roaming\Google\GoogleEarth

[29/03/2007|16:17] C:\Users\Yann\AppData\Roaming\Identities\{F0C715E6-2589-4610-BC21-20C042025E68}

[30/03/2007|13:33] C:\Users\Yann\AppData\Roaming\InstallShield\ISEngine12.0

[30/03/2007|11:23] C:\Users\Yann\AppData\Roaming\Macromedia\Flash Player

[28/05/2008|11:49] C:\Users\Yann\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware

[28/05/2008|00:10] C:\Users\Yann\AppData\Roaming\Microsoft\Word
[20/05/2008|13:58] C:\Users\Yann\AppData\Roaming\Microsoft\Office
[15/05/2008|22:19] C:\Users\Yann\AppData\Roaming\Microsoft\UProof
[10/05/2008|01:11] C:\Users\Yann\AppData\Roaming\Microsoft\eHome
[09/05/2008|23:33] C:\Users\Yann\AppData\Roaming\Microsoft\CLR Security Config
[10/03/2008|12:18] C:\Users\Yann\AppData\Roaming\Microsoft\Templates
[08/03/2008|21:05] C:\Users\Yann\AppData\Roaming\Microsoft\Credentials
[04/02/2008|22:22] C:\Users\Yann\AppData\Roaming\Microsoft\Publisher
[25/01/2008|01:50] C:\Users\Yann\AppData\Roaming\Microsoft\Excel
[14/01/2008|11:23] C:\Users\Yann\AppData\Roaming\Microsoft\Windows Photo Gallery
[09/01/2008|15:35] C:\Users\Yann\AppData\Roaming\Microsoft\Crypto
[21/11/2007|14:29] C:\Users\Yann\AppData\Roaming\Microsoft\Installer
[09/11/2007|23:05] C:\Users\Yann\AppData\Roaming\Microsoft\MSN Messenger
[20/08/2007|17:04] C:\Users\Yann\AppData\Roaming\Microsoft\IdentityCRL
[14/05/2007|10:12] C:\Users\Yann\AppData\Roaming\Microsoft\CLView
[14/05/2007|10:12] C:\Users\Yann\AppData\Roaming\Microsoft\Proof
[14/05/2007|10:10] C:\Users\Yann\AppData\Roaming\Microsoft\Document Building Blocks
[14/05/2007|09:46] C:\Users\Yann\AppData\Roaming\Microsoft\MS Project
[14/05/2007|09:45] C:\Users\Yann\AppData\Roaming\Microsoft\AddIns
[23/04/2007|13:08] C:\Users\Yann\AppData\Roaming\Microsoft\HTML Help
[02/04/2007|21:53] C:\Users\Yann\AppData\Roaming\Microsoft\Internet Explorer
[30/03/2007|19:35] C:\Users\Yann\AppData\Roaming\Microsoft\Speech
[30/03/2007|18:59] C:\Users\Yann\AppData\Roaming\Microsoft\Network
[30/03/2007|18:54] C:\Users\Yann\AppData\Roaming\Microsoft\Windows
[30/03/2007|13:37] C:\Users\Yann\AppData\Roaming\Microsoft\MMC
[29/03/2007|16:17] C:\Users\Yann\AppData\Roaming\Microsoft\SystemCertificates
[29/03/2007|16:17] C:\Users\Yann\AppData\Roaming\Microsoft\Protect

[01/12/2007|17:24] C:\Users\Yann\AppData\Roaming\Microsoft Games\Gears of War

[22/05/2008|01:46] C:\Users\Yann\AppData\Roaming\mIRC\logs
[16/05/2008|21:44] C:\Users\Yann\AppData\Roaming\mIRC\downloads
[16/05/2008|21:44] C:\Users\Yann\AppData\Roaming\mIRC\channels
[16/05/2008|21:44] C:\Users\Yann\AppData\Roaming\mIRC\sounds
[16/05/2008|21:31] C:\Users\Yann\AppData\Roaming\mIRC\scripts

[23/05/2008|16:19] C:\Users\Yann\AppData\Roaming\Mozilla\Firefox

[08/12/2007|22:15] C:\Users\Yann\AppData\Roaming\NewsLeecher\servers
[10/11/2007|19:56] C:\Users\Yann\AppData\Roaming\NewsLeecher\scripting
[10/11/2007|19:56] C:\Users\Yann\AppData\Roaming\NewsLeecher\cacheV3
[10/11/2007|19:56] C:\Users\Yann\AppData\Roaming\NewsLeecher\super search favorites
[10/11/2007|19:56] C:\Users\Yann\AppData\Roaming\NewsLeecher\Temp
[10/11/2007|19:56] C:\Users\Yann\AppData\Roaming\NewsLeecher\folder links

[02/09/2007|15:10] C:\Users\Yann\AppData\Roaming\PACE Anti-Piracy\4ejaZ9Cb
[02/09/2007|15:10] C:\Users\Yann\AppData\Roaming\PACE Anti-Piracy\eybLenuZOKg

[25/11/2007|00:35] C:\Users\Yann\AppData\Roaming\Real\RealMediaSDK

[03/11/2007|19:46] C:\Users\Yann\AppData\Roaming\SecuROM\UserData

[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\SystŠmes d'exploitation
[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\Navigateurs
[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\Mat‚riel
[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\Logiciels
[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\Jeux
[15/05/2007|21:13] C:\Users\Yann\AppData\Roaming\Sites pr‚d‚finis\Anti-virus

[02/04/2007|21:44] C:\Users\Yann\AppData\Roaming\vlc\cache

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[28/05/2008 15:21][--a------] C:\Windows\tasks\RtlVistaStart.job
[27/05/2008 23:26][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{36E2899C-3F4C-4F92-B1BE-FA5C5F3BA3E7}.job
[28/05/2008 15:20][--ah-----] C:\Windows\tasks\SA.DAT
[28/05/2008 15:19][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[19/11/2007|16:38] C:\ProgramData\Adobe
[15/04/2008|01:05] C:\ProgramData\Apple
[15/04/2008|01:07] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[29/03/2007|16:13] C:\ProgramData\Bureau
[20/01/2008|23:07] C:\ProgramData\CanonBJ
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[19/09/2007|16:17] C:\ProgramData\Electronic Arts
[29/03/2007|16:13] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[10/09/2007|17:46] C:\ProgramData\FLEXnet
[27/06/2007|17:33] C:\ProgramData\Google
[22/07/2007|15:25] C:\ProgramData\hash.dat
[18/04/2008|17:44] C:\ProgramData\InstallShield
[31/03/2007|09:36] C:\ProgramData\Logitech
[28/05/2008|11:49] C:\ProgramData\Malwarebytes
[10/05/2008|15:09] C:\ProgramData\Media Center Programs
[29/03/2007|16:13] C:\ProgramData\Menu D‚marrer
[09/12/2007|19:58] C:\ProgramData\Microsoft
[14/05/2008|02:59] C:\ProgramData\Microsoft Help
[29/03/2007|16:13] C:\ProgramData\ModŠles
[19/04/2008|07:19] C:\ProgramData\NVIDIA
[14/05/2007|10:12] C:\ProgramData\Office Genuine Advantage
[02/09/2007|15:10] C:\ProgramData\PACE Anti-Piracy
[12/08/2007|20:51] C:\ProgramData\Real
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[15/05/2008|20:22] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[13/11/2007|17:00] C:\Program Files\Activision
[19/11/2007|16:36] C:\Program Files\Adobe
[08/05/2007|17:29] C:\Program Files\Alcohol Soft
[20/07/2007|14:08] C:\Program Files\Alwil Software
[15/04/2008|01:06] C:\Program Files\Apple Software Update
[26/01/2008|13:36] C:\Program Files\ASUS WiFi-AP Solo
[17/05/2008|09:18] C:\Program Files\Codemasters
[24/05/2008|13:54] C:\Program Files\Common Files
[08/05/2007|22:10] C:\Program Files\DAEMON Tools
[09/05/2007|09:16] C:\Program Files\DAEMON Tools SearchBar
[13/11/2007|16:57] C:\Program Files\DAMN NFO Viewer
[30/08/2007|12:18] C:\Program Files\desktop.ini
[02/04/2007|21:54] C:\Program Files\DivX
[29/01/2008|18:57] C:\Program Files\EA SPORTS
[24/11/2007|12:30] C:\Program Files\Electronic Arts
[28/05/2008|01:43] C:\Program Files\eMule
[29/03/2007|16:13] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[03/03/2008|20:20] C:\Program Files\FileZilla Client
[08/07/2007|20:10] C:\Program Files\FTP Commander
[02/09/2007|16:11] C:\Program Files\GameSpy
[01/12/2007|17:23] C:\Program Files\Gears of War
[12/01/2008|12:50] C:\Program Files\GOA
[17/11/2007|18:03] C:\Program Files\Google
[18/04/2008|17:39] C:\Program Files\Gpotato.eu
[26/11/2007|17:29] C:\Program Files\GUILD WARS
[22/01/2008|00:05] C:\Program Files\HLSW
[21/11/2007|14:29] C:\Program Files\Hp
[03/05/2008|15:46] C:\Program Files\InstallShield Installation Information
[15/04/2008|01:07] C:\Program Files\Internet Explorer
[15/04/2008|01:08] C:\Program Files\iPod
[03/03/2008|20:12] C:\Program Files\Ipswitch
[15/04/2008|01:08] C:\Program Files\iTunes
[17/11/2007|18:03] C:\Program Files\Java
[19/04/2007|10:06] C:\Program Files\LimeWire
[31/03/2007|09:36] C:\Program Files\Logitech
[09/02/2008|22:14] C:\Program Files\LucasArts
[28/05/2008|11:49] C:\Program Files\Malwarebytes' Anti-Malware
[12/08/2007|20:51] C:\Program Files\Media Player Classic
[01/12/2007|16:27] C:\Program Files\Microsoft Games
[13/11/2007|20:23] C:\Program Files\Microsoft Office
[21/11/2007|21:31] C:\Program Files\Microsoft SQL Server Compact Edition
[13/11/2007|20:23] C:\Program Files\Microsoft Visual Studio
[13/11/2007|20:19] C:\Program Files\Microsoft Visual Studio 8
[13/11/2007|20:24] C:\Program Files\Microsoft Works
[13/11/2007|20:22] C:\Program Files\Microsoft.NET
[02/04/2008|20:46] C:\Program Files\MIKSOFT
[16/05/2008|21:31] C:\Program Files\mIRC
[02/11/2006|14:42] C:\Program Files\Movie Maker
[17/11/2007|18:01] C:\Program Files\Mozilla Firefox
[13/11/2007|20:24] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[10/11/2007|19:56] C:\Program Files\NewsLeecher
[26/04/2008|19:19] C:\Program Files\PhotoFiltre
[11/11/2007|12:45] C:\Program Files\QuickPar
[15/04/2008|01:07] C:\Program Files\QuickTime
[12/08/2007|20:51] C:\Program Files\Real Alternative
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[24/11/2007|11:25] C:\Program Files\Registry Mechanic
[02/04/2007|21:47] C:\Program Files\RM-X Player V4
[05/02/2008|17:55] C:\Program Files\SAGEM
[31/03/2007|17:36] C:\Program Files\Schmads Inc
[27/10/2007|20:32] C:\Program Files\SopCast
[28/05/2008|15:21] C:\Program Files\Steam
[30/03/2007|19:33] C:\Program Files\Teamspeak2_RC2
[26/01/2008|18:35] C:\Program Files\THQ
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[01/04/2007|20:37] C:\Program Files\uTorrent
[14/04/2008|23:26] C:\Program Files\Veoh Networks
[01/04/2007|20:47] C:\Program Files\VideoLAN
[03/03/2008|19:57] C:\Program Files\Visicom Media
[30/08/2007|12:17] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[13/04/2007|03:09] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[15/05/2008|20:27] C:\Program Files\Windows Live
[14/05/2008|02:59] C:\Program Files\Windows Mail
[11/10/2007|09:40] C:\Program Files\Windows Media Player
[29/03/2007|16:13] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[10/01/2008|04:09] C:\Program Files\Windows Sidebar
[30/03/2007|20:02] C:\Program Files\WinRAR
[19/05/2008|11:43] C:\Program Files\World of Warcraft
[31/03/2007|14:38] C:\Program Files\WowCartographe
[03/03/2008|20:09] C:\Program Files\ZillaSoft.ws

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[19/11/2007|16:39] C:\Program Files\Common Files\Adobe
[15/04/2008|01:05] C:\Program Files\Common Files\Apple
[24/05/2008|13:52] C:\Program Files\Common Files\AVSMedia
[31/03/2007|09:35] C:\Program Files\Common Files\Blizzard Entertainment
[13/11/2007|20:23] C:\Program Files\Common Files\DESIGNER
[19/01/2008|02:06] C:\Program Files\Common Files\INCA Shared
[18/04/2008|17:39] C:\Program Files\Common Files\InstallShield
[19/04/2007|10:04] C:\Program Files\Common Files\Java
[31/03/2007|09:36] C:\Program Files\Common Files\Logitech
[14/05/2007|16:51] C:\Program Files\Common Files\Macrovision Shared
[01/12/2007|11:51] C:\Program Files\Common Files\Microsoft Games
[05/12/2007|20:09] C:\Program Files\Common Files\microsoft shared
[02/09/2007|18:32] C:\Program Files\Common Files\PACE Anti-Piracy
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[10/05/2008|14:44] C:\Program Files\Common Files\Steam
[13/11/2007|20:16] C:\Program Files\Common Files\System
[21/11/2007|21:29] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 61

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-28 15:22:37
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Users\Yann\AppData\Local\VirtualStore\Program Files\eMule\Incoming\Theme.Park.World.Crack-NoCD.+.Update.Patch-v2.+.Trainer-Money.zip
=> C:\Users\Yann\AppData\Roaming\uTorrent\Age Of Empires III + Warchiefs Expansion + Crack and key.torrent

[F:14][D:5]-> C:\Users\Yann\AppData\Local\Temp
[F:88][D:1]-> C:\Users\Yann\AppData\Roaming\MICROS~1\Windows\Cookies
[F:732][D:4]-> C:\Users\Yann\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5][D:2]-> C:\$Recycle.Bin

[ UAC => 1 ]

--------------------[ Fin du rapport a 15:25:28,91 ]----------------------
0
Réponse 29 / 33
Utilisateur anonyme
 
Refais un scan hijackthis et poste le rapport stp
0
Réponse 30 / 33
Venatio
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:32:26, on 28/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\Yann\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [blue online] "C:\ProgramData\Bib bold bold.8u5urz"
O4 - HKCU\..\Run: [MODE FREE BIRD SURF] "C:\ProgramData\POLL TEST VC.p9qw1ut"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h30155.www3.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.2.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
0
Réponse 31 / 33
Utilisateur anonyme
 
ferme hijackthis

fais un clic droit dessus
chosi executer en tant qu administrateur

fais scan only
coche ces lignes :

O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h30155.www3.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.2.cab

tu les coches et tu clic sur fix checked

ensuite désinstal java car pas a jours et telecharge et instal cette version :

https://www.java.com/fr/download/manual.jsp

ensuite refais un scan hijackthis et poste le rapport stp
0
Réponse 32 / 33
Venatio
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:09:02, on 28/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\Yann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GC43CPEH\jre-6u6-windows-i586-p-iftw[1].exe
C:\Windows\system32\msiexec.exe
C:\Users\Yann\Desktop\HiJackThis.exe
C:\Windows\system32\MsiExec.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [blue online] "C:\ProgramData\Bib bold bold.8u5urz"
O4 - HKCU\..\Run: [MODE FREE BIRD SURF] "C:\ProgramData\POLL TEST VC.p9qw1ut"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
0
Réponse 33 / 33
Utilisateur anonyme
 
Télécharge sur ton bureau DSS (ex Comboscan) de Deckard:

http://deckard.geekstogo.com/dss.exe

(choisis enregistrer, puis Bureau comme emplacement)

Ferme toutes les applications en cours.

? Double-clic sur DSS.exe pour lancer l'outil.

? Une fenêtre s'ouvre, invitant à fermer toutes les applications, clique sur OK.

? A la fin de l'analyse, une fenêtre s'ouvre, clique sur OK.

Le rapport main.txt va s'afficher, copie le dans ta prochaine réponse.
Si un rapport complémentaire a été créé, poste le aussi dans ta réponse.

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
Précédent
  • 1
  • 2

Discussions similaires

remettre vista sans cd d'installation
titoine -
jenyz15 -

8 réponses
Comment restaurer son PC Vista sans CD?
iTouch92 -
angelo -

16 réponses
Télécharger Windows 7 gratuitement pour remplacer Vista
VIX91 -
Malekal_morte- -

8 réponses