Probleme de pub sur internet

gribouiles -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:26, on 03/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\TMController.exe
C:\Program Files\DVBT Application\Schedule_d.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\felicien\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fmsger%2ftabs%2f_pictos%2fcoca%2fPictoCoke02.png%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [TM Control] C:\Windows\system32\TMController.exe
O4 - HKLM\..\Run: [Schedule_d] "C:\Program Files\DVBT Application\Schedule_d.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Flaw burn] "C:\ProgramData\Else type type.zij3s"
O4 - HKCU\..\Run: [Bags Else Hole Lite] "C:\ProgramData\Info Global Glue.6w3abjw"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9302 bytes
Configuration: Windows Vista
Firefox 2.0

4 réponses

  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt
    tu as des pubs de type CID? il faudrait expliquer! nous ne sommes pas des machines et puis par politesse....

    _________

    tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    * Double-clique dessus pour lancer l'installation
    * Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
    * Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
    * Patiente jusqu'à la fin du scan
    * Poste le rapport généré (C:\lopR.txt)
    0
  2. Utilisateur anonyme
     
    merci, s il vous plait ??????

    0
    1. gribouiles
       
      aie je m'excuse madame bonjour etmerci d'avance
      0
  3. gribouiles
     
    voila le rapport encore merci a vous
    et la pub et du type cid

    -----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6001, Service Pack 1 ]
    [ USER : felicien ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 03/06/2008 | 13:49:22,83 ] [ PC : PC-DE-FELICIEN ]
    [ MAJ : 01-06-2008 | 15:51 ]
    [ UAC => 0 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [10/03/2008|00:39] C:\Users\felicien\AppData\Roaming\Adobe\Linguistics
    [10/03/2008|00:38] C:\Users\felicien\AppData\Roaming\Adobe\Acrobat
    [28/02/2008|02:04] C:\Users\felicien\AppData\Roaming\Adobe\Flash Player

    [01/05/2008|19:33] C:\Users\felicien\AppData\Roaming\ArcSoft\ArcSoft Registration
    [01/05/2008|19:29] C:\Users\felicien\AppData\Roaming\ArcSoft\TotalMedia
    [01/05/2008|19:29] C:\Users\felicien\AppData\Roaming\ArcSoft\TMMonitor

    [08/05/2008|21:32] C:\Users\felicien\AppData\Roaming\CyberLink\PowerProducer
    [20/03/2008|21:18] C:\Users\felicien\AppData\Roaming\CyberLink\MediaCache
    [20/03/2008|21:18] C:\Users\felicien\AppData\Roaming\CyberLink\PowerDVD
    [20/03/2008|21:18] C:\Users\felicien\AppData\Roaming\CyberLink\PlayMovie
    [28/02/2008|15:53] C:\Users\felicien\AppData\Roaming\CyberLink\PowerCinema

    [31/05/2008|09:49] C:\Users\felicien\AppData\Roaming\Google\Local Search History

    [27/02/2008|18:45] C:\Users\felicien\AppData\Roaming\Identities\{AE7847CA-534C-439D-894A-5FDD21AC65B1}

    [03/06/2008|12:11] C:\Users\felicien\AppData\Roaming\Macromedia\Flash Player

    [02/06/2008|12:25] C:\Users\felicien\AppData\Roaming\Microsoft\Templates
    [01/06/2008|21:35] C:\Users\felicien\AppData\Roaming\Microsoft\MSN Messenger
    [29/05/2008|23:32] C:\Users\felicien\AppData\Roaming\Microsoft\Services Windows Live
    [25/05/2008|13:22] C:\Users\felicien\AppData\Roaming\Microsoft\SystemCertificates
    [23/05/2008|14:04] C:\Users\felicien\AppData\Roaming\Microsoft\Windows Live Call
    [23/05/2008|14:04] C:\Users\felicien\AppData\Roaming\Microsoft\IdentityCRL
    [18/05/2008|15:54] C:\Users\felicien\AppData\Roaming\Microsoft\eHome
    [18/05/2008|15:26] C:\Users\felicien\AppData\Roaming\Microsoft\Network
    [12/05/2008|17:31] C:\Users\felicien\AppData\Roaming\Microsoft\UProof
    [12/05/2008|17:31] C:\Users\felicien\AppData\Roaming\Microsoft\Proof
    [12/05/2008|15:50] C:\Users\felicien\AppData\Roaming\Microsoft\Crypto
    [08/05/2008|02:49] C:\Users\felicien\AppData\Roaming\Microsoft\Windows Photo Gallery
    [08/05/2008|02:42] C:\Users\felicien\AppData\Roaming\Microsoft\MMC
    [06/05/2008|22:48] C:\Users\felicien\AppData\Roaming\Microsoft\Speech
    [03/05/2008|16:07] C:\Users\felicien\AppData\Roaming\Microsoft\Windows
    [17/04/2008|22:31] C:\Users\felicien\AppData\Roaming\Microsoft\Office
    [17/04/2008|22:31] C:\Users\felicien\AppData\Roaming\Microsoft\Document Building Blocks
    [17/04/2008|22:31] C:\Users\felicien\AppData\Roaming\Microsoft\Word
    [06/03/2008|17:04] C:\Users\felicien\AppData\Roaming\Microsoft\HTML Help
    [01/03/2008|17:41] C:\Users\felicien\AppData\Roaming\Microsoft\AddIns
    [28/02/2008|00:44] C:\Users\felicien\AppData\Roaming\Microsoft\Internet Explorer
    [27/02/2008|18:45] C:\Users\felicien\AppData\Roaming\Microsoft\Protect
    [27/02/2008|18:45] C:\Users\felicien\AppData\Roaming\Microsoft\Credentials

    [03/06/2008|13:34] C:\Users\felicien\AppData\Roaming\Mozilla\Firefox

    [23/05/2008|23:34] C:\Users\felicien\AppData\Roaming\Nokia\LaunchApplication
    [18/05/2008|15:37] C:\Users\felicien\AppData\Roaming\Nokia\ImageStore
    [18/05/2008|15:31] C:\Users\felicien\AppData\Roaming\Nokia\Music Manager
    [18/05/2008|15:25] C:\Users\felicien\AppData\Roaming\Nokia\PCSync
    [18/05/2008|15:06] C:\Users\felicien\AppData\Roaming\Nokia\GetConnectedWizard
    [18/05/2008|15:05] C:\Users\felicien\AppData\Roaming\Nokia\ContactsEditor

    [26/05/2008|10:59] C:\Users\felicien\AppData\Roaming\PC Suite\356961016259940
    [18/05/2008|15:06] C:\Users\felicien\AppData\Roaming\PC Suite\Settings

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [03/06/2008 13:48][--ah-----] C:\Windows\tasks\SA.DAT
    [03/06/2008 13:47][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [31/07/2007|11:44] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [31/07/2007|11:29] C:\ProgramData\Adobe
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [28/05/2008|13:17] C:\ProgramData\Axis hole lies
    [27/02/2008|18:37] C:\ProgramData\Bureau
    [08/05/2008|21:32] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [17/05/2008|09:26] C:\ProgramData\Else type type.88ne326
    [28/05/2008|13:16] C:\ProgramData\Else type type.959np
    [28/05/2008|13:16] C:\ProgramData\Else type type.zij3s
    [27/02/2008|18:37] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [28/02/2008|09:17] C:\ProgramData\Google
    [01/06/2008|18:00] C:\ProgramData\Grisoft
    [28/05/2008|13:17] C:\ProgramData\Info Global Glue.6w3abjw
    [26/05/2008|10:48] C:\ProgramData\Installations
    [28/05/2008|13:17] C:\ProgramData\Iso Web Bags Else
    [03/06/2008|10:21] C:\ProgramData\Lavasoft
    [27/02/2008|18:37] C:\ProgramData\Menu D‚marrer
    [17/05/2008|09:27] C:\ProgramData\Messenger Plus!
    [06/03/2008|17:04] C:\ProgramData\Microsoft
    [15/05/2008|00:23] C:\ProgramData\Microsoft Help
    [27/02/2008|18:37] C:\ProgramData\ModŠles
    [03/06/2008|11:53] C:\ProgramData\ntuser.pol
    [18/05/2008|15:25] C:\ProgramData\PC Suite
    [18/05/2008|11:57] C:\ProgramData\QuickTime
    [03/06/2008|10:50] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [27/02/2008|19:18] C:\ProgramData\Symantec
    [02/11/2006|15:02] C:\ProgramData\Templates
    [25/05/2008|11:45] C:\ProgramData\WindowsSearch
    [17/05/2008|08:22] C:\ProgramData\WLInstaller
    [29/02/2008|09:05] C:\ProgramData\Yahoo! Companion

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [03/12/2007|17:06] C:\Program Files\Acer Arcade Deluxe
    [03/12/2007|17:00] C:\Program Files\ACER Crystal Eye webcam
    [02/06/2008|11:13] C:\Program Files\Acer GameZone
    [03/12/2007|17:15] C:\Program Files\Acer Inc
    [31/07/2007|11:44] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [31/07/2007|11:28] C:\Program Files\Adobe
    [27/02/2008|23:00] C:\Program Files\Alwil Software
    [03/12/2007|17:14] C:\Program Files\Apoint2K
    [01/05/2008|19:28] C:\Program Files\ArcSoft
    [03/06/2008|13:29] C:\Program Files\a-squared Free
    [03/06/2008|12:09] C:\Program Files\CCleaner
    [28/02/2008|01:48] C:\Program Files\CFWebAdvancedU_BOBTV.FR
    [17/05/2008|09:26] C:\Program Files\Circle Developement
    [18/05/2008|12:02] C:\Program Files\Coktel
    [03/06/2008|10:47] C:\Program Files\Common Files
    [31/07/2007|10:20] C:\Program Files\CONEXANT
    [31/07/2007|11:20] C:\Program Files\CyberLink
    [07/04/2008|08:59] C:\Program Files\desktop.ini
    [18/05/2008|15:04] C:\Program Files\DIFX
    [01/05/2008|19:27] C:\Program Files\DVBT Application
    [27/02/2008|18:37] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [29/02/2008|17:36] C:\Program Files\Google
    [24/05/2008|18:37] C:\Program Files\InstallShield Installation Information
    [31/07/2007|09:59] C:\Program Files\Intel
    [18/05/2008|12:01] C:\Program Files\Internet Explorer
    [28/02/2008|09:16] C:\Program Files\Java
    [03/12/2007|17:05] C:\Program Files\Launch Manager
    [17/05/2008|09:26] C:\Program Files\Messenger Plus! Live
    [28/02/2008|02:32] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [31/07/2007|11:43] C:\Program Files\Microsoft Office
    [23/05/2008|19:26] C:\Program Files\Microsoft Silverlight
    [31/07/2007|11:43] C:\Program Files\Microsoft Works
    [31/07/2007|11:36] C:\Program Files\Microsoft.NET
    [07/04/2008|08:49] C:\Program Files\Movie Maker
    [03/06/2008|11:49] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [28/02/2008|02:21] C:\Program Files\MSXML 4.0
    [31/07/2007|11:02] C:\Program Files\NewTech Infosystems
    [26/05/2008|10:49] C:\Program Files\Nokia
    [23/05/2008|23:27] C:\Program Files\PC Connectivity Solution
    [03/06/2008|11:52] C:\Program Files\Piratrax
    [22/05/2008|18:19] C:\Program Files\PokerStars
    [18/05/2008|12:01] C:\Program Files\QuickTime
    [31/07/2007|10:14] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [03/06/2008|09:52] C:\Program Files\RegCleaner
    [29/05/2008|23:36] C:\Program Files\ShoppingReport
    [03/06/2008|10:49] C:\Program Files\Spybot - Search & Destroy
    [03/12/2007|17:00] C:\Program Files\SUYIN
    [03/06/2008|12:53] C:\Program Files\Trend Micro
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [07/04/2008|08:49] C:\Program Files\Windows Calendar
    [07/04/2008|08:49] C:\Program Files\Windows Collaboration
    [07/04/2008|08:49] C:\Program Files\Windows Defender
    [07/04/2008|08:49] C:\Program Files\Windows Journal
    [27/02/2008|23:53] C:\Program Files\Windows Live
    [15/05/2008|00:23] C:\Program Files\Windows Mail
    [07/04/2008|08:49] C:\Program Files\Windows Media Player
    [27/02/2008|18:37] C:\Program Files\Windows NT
    [07/04/2008|08:49] C:\Program Files\Windows Photo Gallery
    [07/04/2008|08:49] C:\Program Files\Windows Sidebar
    [27/02/2008|18:45] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [31/07/2007|11:29] C:\Program Files\Common Files\Adobe
    [01/05/2008|19:29] C:\Program Files\Common Files\ArcSoft
    [31/07/2007|11:36] C:\Program Files\Common Files\DESIGNER
    [31/07/2007|11:20] C:\Program Files\Common Files\InstallShield
    [28/02/2008|09:14] C:\Program Files\Common Files\Java
    [31/07/2007|11:01] C:\Program Files\Common Files\LightScribe
    [28/02/2008|16:12] C:\Program Files\Common Files\microsoft shared
    [31/07/2007|11:01] C:\Program Files\Common Files\muvee Technologies
    [31/07/2007|11:02] C:\Program Files\Common Files\NewTech Infosystems
    [26/05/2008|10:49] C:\Program Files\Common Files\Nokia
    [26/05/2008|10:49] C:\Program Files\Common Files\PCSuite
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [03/12/2007|16:59] C:\Program Files\Common Files\snp2uvc
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [27/02/2008|19:20] C:\Program Files\Common Files\Symantec Shared
    [07/04/2008|08:49] C:\Program Files\Common Files\System
    [27/02/2008|23:53] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 79

    iexplore.exe ~ [3672]
    iexplore.exe ~ [3792]

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\ProgramData\Else type type.88ne326
    C:\ProgramData\Else type type.959np
    C:\ProgramData\Else type type.zij3s
    C:\ProgramData\Info Global Glue.6w3abjw
    C:\ProgramData\Else type type.88ne326

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\ProgramData\Iso Web Bags Else
    C:\ProgramData\Iso Web Bags Else\Log Fast.exe
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-03 13:50:23
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\Windows\system32\nvs2.inf
    C:\Users\felicien\AppData\Local\rsmjdojpw_navps.dat
    C:\Users\felicien\AppData\Local\rsmjdojpw_nav.dat
    C:\Users\felicien\AppData\Local\rsmjdojpw.dat
    [b]! EGDACCESS !/b

    [F:117][D:5]-> C:\Users\felicien\AppData\Local\Temp
    [F:57][D:1]-> C:\Users\felicien\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:13][D:5]-> C:\Users\felicien\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:4][D:2]-> C:\$Recycle.Bin

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 13:53:02,05 ]----------------------
    0
  4. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    * Choisis cette fois ci l'Option 2 (Suppression)
    * Ne ferme pas la fenêtre lors de la suppression !
    * Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    __________________________

    Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

    - Va dans démarrer puis panneau de configuration
    - Double Clique sur l'icône "Comptes d'utilisateurs"
    - Clique ensuite sur désactiver et valide.

    Télécharge maintenant Navilog1 depuis-ce lien :

    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, Fais un Clic-droit sur le raccourci Navilog1 présent sur ton bureau et choisis "Exécuter

    en tant qu'administrateur".

    Au menu principal, Fais le choix 1
    Laisse toi guider et patiente.
    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche le blocnote va s'ouvrir.
    Copie-colle l'intégralité du rapport dans une réponse.
    Referme le blocnote
    Le rapport fixnavi.txt est en outre sauvegardé dans %systemdrive%.
    0