Probleme de pub sur internet
gribouiles
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:26, on 03/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\TMController.exe
C:\Program Files\DVBT Application\Schedule_d.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\felicien\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fmsger%2ftabs%2f_pictos%2fcoca%2fPictoCoke02.png%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [TM Control] C:\Windows\system32\TMController.exe
O4 - HKLM\..\Run: [Schedule_d] "C:\Program Files\DVBT Application\Schedule_d.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Flaw burn] "C:\ProgramData\Else type type.zij3s"
O4 - HKCU\..\Run: [Bags Else Hole Lite] "C:\ProgramData\Info Global Glue.6w3abjw"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:26, on 03/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\TMController.exe
C:\Program Files\DVBT Application\Schedule_d.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\felicien\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fmsger%2ftabs%2f_pictos%2fcoca%2fPictoCoke02.png%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [TM Control] C:\Windows\system32\TMController.exe
O4 - HKLM\..\Run: [Schedule_d] "C:\Program Files\DVBT Application\Schedule_d.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Flaw burn] "C:\ProgramData\Else type type.zij3s"
O4 - HKCU\..\Run: [Bags Else Hole Lite] "C:\ProgramData\Info Global Glue.6w3abjw"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
A voir également:
- Probleme de pub sur internet
- Bloqueur de pub youtube - Accueil - Streaming
- Mon pc rame sur internet - Guide
- D'où peut venir un problème de connexion internet sur un ordinateur ? - Guide
- Gps sans internet - Guide
- Stop pub gratuit - Télécharger - Divers Utilitaires
4 réponses
slt
tu as des pubs de type CID? il faudrait expliquer! nous ne sommes pas des machines et puis par politesse....
_________
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
tu as des pubs de type CID? il faudrait expliquer! nous ne sommes pas des machines et puis par politesse....
_________
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
voila le rapport encore merci a vous
et la pub et du type cid
-----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : felicien ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 03/06/2008 | 13:49:22,83 ] [ PC : PC-DE-FELICIEN ]
[ MAJ : 01-06-2008 | 15:51 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Application Data ]------------
[10/03/2008|00:39] C:\Users\felicien\AppData\Roaming\Adobe\Linguistics
[10/03/2008|00:38] C:\Users\felicien\AppData\Roaming\Adobe\Acrobat
[28/02/2008|02:04] C:\Users\felicien\AppData\Roaming\Adobe\Flash Player
[01/05/2008|19:33] C:\Users\felicien\AppData\Roaming\ArcSoft\ArcSoft Registration
[01/05/2008|19:29] C:\Users\felicien\AppData\Roaming\ArcSoft\TotalMedia
[01/05/2008|19:29] C:\Users\felicien\AppData\Roaming\ArcSoft\TMMonitor
[08/05/2008|21:32] C:\Users\felicien\AppData\Roaming\CyberLink\PowerProducer
[20/03/2008|21:18] C:\Users\felicien\AppData\Roaming\CyberLink\MediaCache
[20/03/2008|21:18] C:\Users\felicien\AppData\Roaming\CyberLink\PowerDVD
[20/03/2008|21:18] C:\Users\felicien\AppData\Roaming\CyberLink\PlayMovie
[28/02/2008|15:53] C:\Users\felicien\AppData\Roaming\CyberLink\PowerCinema
[31/05/2008|09:49] C:\Users\felicien\AppData\Roaming\Google\Local Search History
[27/02/2008|18:45] C:\Users\felicien\AppData\Roaming\Identities\{AE7847CA-534C-439D-894A-5FDD21AC65B1}
[03/06/2008|12:11] C:\Users\felicien\AppData\Roaming\Macromedia\Flash Player
[02/06/2008|12:25] C:\Users\felicien\AppData\Roaming\Microsoft\Templates
[01/06/2008|21:35] C:\Users\felicien\AppData\Roaming\Microsoft\MSN Messenger
[29/05/2008|23:32] C:\Users\felicien\AppData\Roaming\Microsoft\Services Windows Live
[25/05/2008|13:22] C:\Users\felicien\AppData\Roaming\Microsoft\SystemCertificates
[23/05/2008|14:04] C:\Users\felicien\AppData\Roaming\Microsoft\Windows Live Call
[23/05/2008|14:04] C:\Users\felicien\AppData\Roaming\Microsoft\IdentityCRL
[18/05/2008|15:54] C:\Users\felicien\AppData\Roaming\Microsoft\eHome
[18/05/2008|15:26] C:\Users\felicien\AppData\Roaming\Microsoft\Network
[12/05/2008|17:31] C:\Users\felicien\AppData\Roaming\Microsoft\UProof
[12/05/2008|17:31] C:\Users\felicien\AppData\Roaming\Microsoft\Proof
[12/05/2008|15:50] C:\Users\felicien\AppData\Roaming\Microsoft\Crypto
[08/05/2008|02:49] C:\Users\felicien\AppData\Roaming\Microsoft\Windows Photo Gallery
[08/05/2008|02:42] C:\Users\felicien\AppData\Roaming\Microsoft\MMC
[06/05/2008|22:48] C:\Users\felicien\AppData\Roaming\Microsoft\Speech
[03/05/2008|16:07] C:\Users\felicien\AppData\Roaming\Microsoft\Windows
[17/04/2008|22:31] C:\Users\felicien\AppData\Roaming\Microsoft\Office
[17/04/2008|22:31] C:\Users\felicien\AppData\Roaming\Microsoft\Document Building Blocks
[17/04/2008|22:31] C:\Users\felicien\AppData\Roaming\Microsoft\Word
[06/03/2008|17:04] C:\Users\felicien\AppData\Roaming\Microsoft\HTML Help
[01/03/2008|17:41] C:\Users\felicien\AppData\Roaming\Microsoft\AddIns
[28/02/2008|00:44] C:\Users\felicien\AppData\Roaming\Microsoft\Internet Explorer
[27/02/2008|18:45] C:\Users\felicien\AppData\Roaming\Microsoft\Protect
[27/02/2008|18:45] C:\Users\felicien\AppData\Roaming\Microsoft\Credentials
[03/06/2008|13:34] C:\Users\felicien\AppData\Roaming\Mozilla\Firefox
[23/05/2008|23:34] C:\Users\felicien\AppData\Roaming\Nokia\LaunchApplication
[18/05/2008|15:37] C:\Users\felicien\AppData\Roaming\Nokia\ImageStore
[18/05/2008|15:31] C:\Users\felicien\AppData\Roaming\Nokia\Music Manager
[18/05/2008|15:25] C:\Users\felicien\AppData\Roaming\Nokia\PCSync
[18/05/2008|15:06] C:\Users\felicien\AppData\Roaming\Nokia\GetConnectedWizard
[18/05/2008|15:05] C:\Users\felicien\AppData\Roaming\Nokia\ContactsEditor
[26/05/2008|10:59] C:\Users\felicien\AppData\Roaming\PC Suite\356961016259940
[18/05/2008|15:06] C:\Users\felicien\AppData\Roaming\PC Suite\Settings
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[03/06/2008 13:48][--ah-----] C:\Windows\tasks\SA.DAT
[03/06/2008 13:47][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[31/07/2007|11:44] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[31/07/2007|11:29] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[28/05/2008|13:17] C:\ProgramData\Axis hole lies
[27/02/2008|18:37] C:\ProgramData\Bureau
[08/05/2008|21:32] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[17/05/2008|09:26] C:\ProgramData\Else type type.88ne326
[28/05/2008|13:16] C:\ProgramData\Else type type.959np
[28/05/2008|13:16] C:\ProgramData\Else type type.zij3s
[27/02/2008|18:37] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[28/02/2008|09:17] C:\ProgramData\Google
[01/06/2008|18:00] C:\ProgramData\Grisoft
[28/05/2008|13:17] C:\ProgramData\Info Global Glue.6w3abjw
[26/05/2008|10:48] C:\ProgramData\Installations
[28/05/2008|13:17] C:\ProgramData\Iso Web Bags Else
[03/06/2008|10:21] C:\ProgramData\Lavasoft
[27/02/2008|18:37] C:\ProgramData\Menu D‚marrer
[17/05/2008|09:27] C:\ProgramData\Messenger Plus!
[06/03/2008|17:04] C:\ProgramData\Microsoft
[15/05/2008|00:23] C:\ProgramData\Microsoft Help
[27/02/2008|18:37] C:\ProgramData\ModŠles
[03/06/2008|11:53] C:\ProgramData\ntuser.pol
[18/05/2008|15:25] C:\ProgramData\PC Suite
[18/05/2008|11:57] C:\ProgramData\QuickTime
[03/06/2008|10:50] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[27/02/2008|19:18] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[25/05/2008|11:45] C:\ProgramData\WindowsSearch
[17/05/2008|08:22] C:\ProgramData\WLInstaller
[29/02/2008|09:05] C:\ProgramData\Yahoo! Companion
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[03/12/2007|17:06] C:\Program Files\Acer Arcade Deluxe
[03/12/2007|17:00] C:\Program Files\ACER Crystal Eye webcam
[02/06/2008|11:13] C:\Program Files\Acer GameZone
[03/12/2007|17:15] C:\Program Files\Acer Inc
[31/07/2007|11:44] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[31/07/2007|11:28] C:\Program Files\Adobe
[27/02/2008|23:00] C:\Program Files\Alwil Software
[03/12/2007|17:14] C:\Program Files\Apoint2K
[01/05/2008|19:28] C:\Program Files\ArcSoft
[03/06/2008|13:29] C:\Program Files\a-squared Free
[03/06/2008|12:09] C:\Program Files\CCleaner
[28/02/2008|01:48] C:\Program Files\CFWebAdvancedU_BOBTV.FR
[17/05/2008|09:26] C:\Program Files\Circle Developement
[18/05/2008|12:02] C:\Program Files\Coktel
[03/06/2008|10:47] C:\Program Files\Common Files
[31/07/2007|10:20] C:\Program Files\CONEXANT
[31/07/2007|11:20] C:\Program Files\CyberLink
[07/04/2008|08:59] C:\Program Files\desktop.ini
[18/05/2008|15:04] C:\Program Files\DIFX
[01/05/2008|19:27] C:\Program Files\DVBT Application
[27/02/2008|18:37] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/02/2008|17:36] C:\Program Files\Google
[24/05/2008|18:37] C:\Program Files\InstallShield Installation Information
[31/07/2007|09:59] C:\Program Files\Intel
[18/05/2008|12:01] C:\Program Files\Internet Explorer
[28/02/2008|09:16] C:\Program Files\Java
[03/12/2007|17:05] C:\Program Files\Launch Manager
[17/05/2008|09:26] C:\Program Files\Messenger Plus! Live
[28/02/2008|02:32] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[31/07/2007|11:43] C:\Program Files\Microsoft Office
[23/05/2008|19:26] C:\Program Files\Microsoft Silverlight
[31/07/2007|11:43] C:\Program Files\Microsoft Works
[31/07/2007|11:36] C:\Program Files\Microsoft.NET
[07/04/2008|08:49] C:\Program Files\Movie Maker
[03/06/2008|11:49] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/02/2008|02:21] C:\Program Files\MSXML 4.0
[31/07/2007|11:02] C:\Program Files\NewTech Infosystems
[26/05/2008|10:49] C:\Program Files\Nokia
[23/05/2008|23:27] C:\Program Files\PC Connectivity Solution
[03/06/2008|11:52] C:\Program Files\Piratrax
[22/05/2008|18:19] C:\Program Files\PokerStars
[18/05/2008|12:01] C:\Program Files\QuickTime
[31/07/2007|10:14] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[03/06/2008|09:52] C:\Program Files\RegCleaner
[29/05/2008|23:36] C:\Program Files\ShoppingReport
[03/06/2008|10:49] C:\Program Files\Spybot - Search & Destroy
[03/12/2007|17:00] C:\Program Files\SUYIN
[03/06/2008|12:53] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[07/04/2008|08:49] C:\Program Files\Windows Calendar
[07/04/2008|08:49] C:\Program Files\Windows Collaboration
[07/04/2008|08:49] C:\Program Files\Windows Defender
[07/04/2008|08:49] C:\Program Files\Windows Journal
[27/02/2008|23:53] C:\Program Files\Windows Live
[15/05/2008|00:23] C:\Program Files\Windows Mail
[07/04/2008|08:49] C:\Program Files\Windows Media Player
[27/02/2008|18:37] C:\Program Files\Windows NT
[07/04/2008|08:49] C:\Program Files\Windows Photo Gallery
[07/04/2008|08:49] C:\Program Files\Windows Sidebar
[27/02/2008|18:45] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[31/07/2007|11:29] C:\Program Files\Common Files\Adobe
[01/05/2008|19:29] C:\Program Files\Common Files\ArcSoft
[31/07/2007|11:36] C:\Program Files\Common Files\DESIGNER
[31/07/2007|11:20] C:\Program Files\Common Files\InstallShield
[28/02/2008|09:14] C:\Program Files\Common Files\Java
[31/07/2007|11:01] C:\Program Files\Common Files\LightScribe
[28/02/2008|16:12] C:\Program Files\Common Files\microsoft shared
[31/07/2007|11:01] C:\Program Files\Common Files\muvee Technologies
[31/07/2007|11:02] C:\Program Files\Common Files\NewTech Infosystems
[26/05/2008|10:49] C:\Program Files\Common Files\Nokia
[26/05/2008|10:49] C:\Program Files\Common Files\PCSuite
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[03/12/2007|16:59] C:\Program Files\Common Files\snp2uvc
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[27/02/2008|19:20] C:\Program Files\Common Files\Symantec Shared
[07/04/2008|08:49] C:\Program Files\Common Files\System
[27/02/2008|23:53] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 79
iexplore.exe ~ [3672]
iexplore.exe ~ [3792]
----------------------[ Recherche avec S_Lop ]---------------------
C:\ProgramData\Else type type.88ne326
C:\ProgramData\Else type type.959np
C:\ProgramData\Else type type.zij3s
C:\ProgramData\Info Global Glue.6w3abjw
C:\ProgramData\Else type type.88ne326
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\ProgramData\Iso Web Bags Else
C:\ProgramData\Iso Web Bags Else\Log Fast.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-03 13:50:23
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\Windows\system32\nvs2.inf
C:\Users\felicien\AppData\Local\rsmjdojpw_navps.dat
C:\Users\felicien\AppData\Local\rsmjdojpw_nav.dat
C:\Users\felicien\AppData\Local\rsmjdojpw.dat
[b]! EGDACCESS !/b
[F:117][D:5]-> C:\Users\felicien\AppData\Local\Temp
[F:57][D:1]-> C:\Users\felicien\AppData\Roaming\MICROS~1\Windows\Cookies
[F:13][D:5]-> C:\Users\felicien\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:4][D:2]-> C:\$Recycle.Bin
[ UAC => 1 ]
--------------------[ Fin du rapport a 13:53:02,05 ]----------------------
et la pub et du type cid
-----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : felicien ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 03/06/2008 | 13:49:22,83 ] [ PC : PC-DE-FELICIEN ]
[ MAJ : 01-06-2008 | 15:51 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Application Data ]------------
[10/03/2008|00:39] C:\Users\felicien\AppData\Roaming\Adobe\Linguistics
[10/03/2008|00:38] C:\Users\felicien\AppData\Roaming\Adobe\Acrobat
[28/02/2008|02:04] C:\Users\felicien\AppData\Roaming\Adobe\Flash Player
[01/05/2008|19:33] C:\Users\felicien\AppData\Roaming\ArcSoft\ArcSoft Registration
[01/05/2008|19:29] C:\Users\felicien\AppData\Roaming\ArcSoft\TotalMedia
[01/05/2008|19:29] C:\Users\felicien\AppData\Roaming\ArcSoft\TMMonitor
[08/05/2008|21:32] C:\Users\felicien\AppData\Roaming\CyberLink\PowerProducer
[20/03/2008|21:18] C:\Users\felicien\AppData\Roaming\CyberLink\MediaCache
[20/03/2008|21:18] C:\Users\felicien\AppData\Roaming\CyberLink\PowerDVD
[20/03/2008|21:18] C:\Users\felicien\AppData\Roaming\CyberLink\PlayMovie
[28/02/2008|15:53] C:\Users\felicien\AppData\Roaming\CyberLink\PowerCinema
[31/05/2008|09:49] C:\Users\felicien\AppData\Roaming\Google\Local Search History
[27/02/2008|18:45] C:\Users\felicien\AppData\Roaming\Identities\{AE7847CA-534C-439D-894A-5FDD21AC65B1}
[03/06/2008|12:11] C:\Users\felicien\AppData\Roaming\Macromedia\Flash Player
[02/06/2008|12:25] C:\Users\felicien\AppData\Roaming\Microsoft\Templates
[01/06/2008|21:35] C:\Users\felicien\AppData\Roaming\Microsoft\MSN Messenger
[29/05/2008|23:32] C:\Users\felicien\AppData\Roaming\Microsoft\Services Windows Live
[25/05/2008|13:22] C:\Users\felicien\AppData\Roaming\Microsoft\SystemCertificates
[23/05/2008|14:04] C:\Users\felicien\AppData\Roaming\Microsoft\Windows Live Call
[23/05/2008|14:04] C:\Users\felicien\AppData\Roaming\Microsoft\IdentityCRL
[18/05/2008|15:54] C:\Users\felicien\AppData\Roaming\Microsoft\eHome
[18/05/2008|15:26] C:\Users\felicien\AppData\Roaming\Microsoft\Network
[12/05/2008|17:31] C:\Users\felicien\AppData\Roaming\Microsoft\UProof
[12/05/2008|17:31] C:\Users\felicien\AppData\Roaming\Microsoft\Proof
[12/05/2008|15:50] C:\Users\felicien\AppData\Roaming\Microsoft\Crypto
[08/05/2008|02:49] C:\Users\felicien\AppData\Roaming\Microsoft\Windows Photo Gallery
[08/05/2008|02:42] C:\Users\felicien\AppData\Roaming\Microsoft\MMC
[06/05/2008|22:48] C:\Users\felicien\AppData\Roaming\Microsoft\Speech
[03/05/2008|16:07] C:\Users\felicien\AppData\Roaming\Microsoft\Windows
[17/04/2008|22:31] C:\Users\felicien\AppData\Roaming\Microsoft\Office
[17/04/2008|22:31] C:\Users\felicien\AppData\Roaming\Microsoft\Document Building Blocks
[17/04/2008|22:31] C:\Users\felicien\AppData\Roaming\Microsoft\Word
[06/03/2008|17:04] C:\Users\felicien\AppData\Roaming\Microsoft\HTML Help
[01/03/2008|17:41] C:\Users\felicien\AppData\Roaming\Microsoft\AddIns
[28/02/2008|00:44] C:\Users\felicien\AppData\Roaming\Microsoft\Internet Explorer
[27/02/2008|18:45] C:\Users\felicien\AppData\Roaming\Microsoft\Protect
[27/02/2008|18:45] C:\Users\felicien\AppData\Roaming\Microsoft\Credentials
[03/06/2008|13:34] C:\Users\felicien\AppData\Roaming\Mozilla\Firefox
[23/05/2008|23:34] C:\Users\felicien\AppData\Roaming\Nokia\LaunchApplication
[18/05/2008|15:37] C:\Users\felicien\AppData\Roaming\Nokia\ImageStore
[18/05/2008|15:31] C:\Users\felicien\AppData\Roaming\Nokia\Music Manager
[18/05/2008|15:25] C:\Users\felicien\AppData\Roaming\Nokia\PCSync
[18/05/2008|15:06] C:\Users\felicien\AppData\Roaming\Nokia\GetConnectedWizard
[18/05/2008|15:05] C:\Users\felicien\AppData\Roaming\Nokia\ContactsEditor
[26/05/2008|10:59] C:\Users\felicien\AppData\Roaming\PC Suite\356961016259940
[18/05/2008|15:06] C:\Users\felicien\AppData\Roaming\PC Suite\Settings
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[03/06/2008 13:48][--ah-----] C:\Windows\tasks\SA.DAT
[03/06/2008 13:47][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[31/07/2007|11:44] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[31/07/2007|11:29] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[28/05/2008|13:17] C:\ProgramData\Axis hole lies
[27/02/2008|18:37] C:\ProgramData\Bureau
[08/05/2008|21:32] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[17/05/2008|09:26] C:\ProgramData\Else type type.88ne326
[28/05/2008|13:16] C:\ProgramData\Else type type.959np
[28/05/2008|13:16] C:\ProgramData\Else type type.zij3s
[27/02/2008|18:37] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[28/02/2008|09:17] C:\ProgramData\Google
[01/06/2008|18:00] C:\ProgramData\Grisoft
[28/05/2008|13:17] C:\ProgramData\Info Global Glue.6w3abjw
[26/05/2008|10:48] C:\ProgramData\Installations
[28/05/2008|13:17] C:\ProgramData\Iso Web Bags Else
[03/06/2008|10:21] C:\ProgramData\Lavasoft
[27/02/2008|18:37] C:\ProgramData\Menu D‚marrer
[17/05/2008|09:27] C:\ProgramData\Messenger Plus!
[06/03/2008|17:04] C:\ProgramData\Microsoft
[15/05/2008|00:23] C:\ProgramData\Microsoft Help
[27/02/2008|18:37] C:\ProgramData\ModŠles
[03/06/2008|11:53] C:\ProgramData\ntuser.pol
[18/05/2008|15:25] C:\ProgramData\PC Suite
[18/05/2008|11:57] C:\ProgramData\QuickTime
[03/06/2008|10:50] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[27/02/2008|19:18] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[25/05/2008|11:45] C:\ProgramData\WindowsSearch
[17/05/2008|08:22] C:\ProgramData\WLInstaller
[29/02/2008|09:05] C:\ProgramData\Yahoo! Companion
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[03/12/2007|17:06] C:\Program Files\Acer Arcade Deluxe
[03/12/2007|17:00] C:\Program Files\ACER Crystal Eye webcam
[02/06/2008|11:13] C:\Program Files\Acer GameZone
[03/12/2007|17:15] C:\Program Files\Acer Inc
[31/07/2007|11:44] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[31/07/2007|11:28] C:\Program Files\Adobe
[27/02/2008|23:00] C:\Program Files\Alwil Software
[03/12/2007|17:14] C:\Program Files\Apoint2K
[01/05/2008|19:28] C:\Program Files\ArcSoft
[03/06/2008|13:29] C:\Program Files\a-squared Free
[03/06/2008|12:09] C:\Program Files\CCleaner
[28/02/2008|01:48] C:\Program Files\CFWebAdvancedU_BOBTV.FR
[17/05/2008|09:26] C:\Program Files\Circle Developement
[18/05/2008|12:02] C:\Program Files\Coktel
[03/06/2008|10:47] C:\Program Files\Common Files
[31/07/2007|10:20] C:\Program Files\CONEXANT
[31/07/2007|11:20] C:\Program Files\CyberLink
[07/04/2008|08:59] C:\Program Files\desktop.ini
[18/05/2008|15:04] C:\Program Files\DIFX
[01/05/2008|19:27] C:\Program Files\DVBT Application
[27/02/2008|18:37] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/02/2008|17:36] C:\Program Files\Google
[24/05/2008|18:37] C:\Program Files\InstallShield Installation Information
[31/07/2007|09:59] C:\Program Files\Intel
[18/05/2008|12:01] C:\Program Files\Internet Explorer
[28/02/2008|09:16] C:\Program Files\Java
[03/12/2007|17:05] C:\Program Files\Launch Manager
[17/05/2008|09:26] C:\Program Files\Messenger Plus! Live
[28/02/2008|02:32] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[31/07/2007|11:43] C:\Program Files\Microsoft Office
[23/05/2008|19:26] C:\Program Files\Microsoft Silverlight
[31/07/2007|11:43] C:\Program Files\Microsoft Works
[31/07/2007|11:36] C:\Program Files\Microsoft.NET
[07/04/2008|08:49] C:\Program Files\Movie Maker
[03/06/2008|11:49] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/02/2008|02:21] C:\Program Files\MSXML 4.0
[31/07/2007|11:02] C:\Program Files\NewTech Infosystems
[26/05/2008|10:49] C:\Program Files\Nokia
[23/05/2008|23:27] C:\Program Files\PC Connectivity Solution
[03/06/2008|11:52] C:\Program Files\Piratrax
[22/05/2008|18:19] C:\Program Files\PokerStars
[18/05/2008|12:01] C:\Program Files\QuickTime
[31/07/2007|10:14] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[03/06/2008|09:52] C:\Program Files\RegCleaner
[29/05/2008|23:36] C:\Program Files\ShoppingReport
[03/06/2008|10:49] C:\Program Files\Spybot - Search & Destroy
[03/12/2007|17:00] C:\Program Files\SUYIN
[03/06/2008|12:53] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[07/04/2008|08:49] C:\Program Files\Windows Calendar
[07/04/2008|08:49] C:\Program Files\Windows Collaboration
[07/04/2008|08:49] C:\Program Files\Windows Defender
[07/04/2008|08:49] C:\Program Files\Windows Journal
[27/02/2008|23:53] C:\Program Files\Windows Live
[15/05/2008|00:23] C:\Program Files\Windows Mail
[07/04/2008|08:49] C:\Program Files\Windows Media Player
[27/02/2008|18:37] C:\Program Files\Windows NT
[07/04/2008|08:49] C:\Program Files\Windows Photo Gallery
[07/04/2008|08:49] C:\Program Files\Windows Sidebar
[27/02/2008|18:45] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[31/07/2007|11:29] C:\Program Files\Common Files\Adobe
[01/05/2008|19:29] C:\Program Files\Common Files\ArcSoft
[31/07/2007|11:36] C:\Program Files\Common Files\DESIGNER
[31/07/2007|11:20] C:\Program Files\Common Files\InstallShield
[28/02/2008|09:14] C:\Program Files\Common Files\Java
[31/07/2007|11:01] C:\Program Files\Common Files\LightScribe
[28/02/2008|16:12] C:\Program Files\Common Files\microsoft shared
[31/07/2007|11:01] C:\Program Files\Common Files\muvee Technologies
[31/07/2007|11:02] C:\Program Files\Common Files\NewTech Infosystems
[26/05/2008|10:49] C:\Program Files\Common Files\Nokia
[26/05/2008|10:49] C:\Program Files\Common Files\PCSuite
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[03/12/2007|16:59] C:\Program Files\Common Files\snp2uvc
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[27/02/2008|19:20] C:\Program Files\Common Files\Symantec Shared
[07/04/2008|08:49] C:\Program Files\Common Files\System
[27/02/2008|23:53] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 79
iexplore.exe ~ [3672]
iexplore.exe ~ [3792]
----------------------[ Recherche avec S_Lop ]---------------------
C:\ProgramData\Else type type.88ne326
C:\ProgramData\Else type type.959np
C:\ProgramData\Else type type.zij3s
C:\ProgramData\Info Global Glue.6w3abjw
C:\ProgramData\Else type type.88ne326
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\ProgramData\Iso Web Bags Else
C:\ProgramData\Iso Web Bags Else\Log Fast.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-03 13:50:23
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\Windows\system32\nvs2.inf
C:\Users\felicien\AppData\Local\rsmjdojpw_navps.dat
C:\Users\felicien\AppData\Local\rsmjdojpw_nav.dat
C:\Users\felicien\AppData\Local\rsmjdojpw.dat
[b]! EGDACCESS !/b
[F:117][D:5]-> C:\Users\felicien\AppData\Local\Temp
[F:57][D:1]-> C:\Users\felicien\AppData\Roaming\MICROS~1\Windows\Cookies
[F:13][D:5]-> C:\Users\felicien\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:4][D:2]-> C:\$Recycle.Bin
[ UAC => 1 ]
--------------------[ Fin du rapport a 13:53:02,05 ]----------------------
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
__________________________
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
Télécharge maintenant Navilog1 depuis-ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, Fais un Clic-droit sur le raccourci Navilog1 présent sur ton bureau et choisis "Exécuter
en tant qu'administrateur".
Au menu principal, Fais le choix 1
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le blocnote va s'ouvrir.
Copie-colle l'intégralité du rapport dans une réponse.
Referme le blocnote
Le rapport fixnavi.txt est en outre sauvegardé dans %systemdrive%.
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
__________________________
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
Télécharge maintenant Navilog1 depuis-ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, Fais un Clic-droit sur le raccourci Navilog1 présent sur ton bureau et choisis "Exécuter
en tant qu'administrateur".
Au menu principal, Fais le choix 1
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le blocnote va s'ouvrir.
Copie-colle l'intégralité du rapport dans une réponse.
Referme le blocnote
Le rapport fixnavi.txt est en outre sauvegardé dans %systemdrive%.
