Sujet Précédent Sujet Suivant

Problémes CID aidez moi svp!!!

Résolu/Fermé
bat1 Messages postés 200 Date d'inscription jeudi 19 juin 2008 Statut Membre Dernière intervention 12 août 2009 - 19 juin 2008 à 21:17
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 19 juin 2008 à 23:08
Bonjour,
voila depuis un petit moment déja j'ai de gros problémes avec les CID ces fenêtres de pub intempestives!!! j'aurai vraiment bezoins d'aide je suis sous vista j'ai avast,spybot,CCleaner et Hijackthis je fé suivre le scan pour vous facilitez la tache merci a vous! J'éspére que l'on va me répondre amicalement bat

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:38:05, on 06/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\aol\1177233006\ee\aolsoftware.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1177233006\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Base bird] "C:\ProgramData\scr frag frag.ndza9x"
O4 - HKCU\..\Run: [book bows bolt bib] "C:\ProgramData\boob proc draw.1ay58"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

15 réponses

Réponse 1 / 15
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 juin 2008 à 21:22
salut,

Télécharge Lop S&D (de Angeldark et Eric71) sur le Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

[*]Double-clique sur Lop S&D.exe pour lancer l'installation,
[*]Puis double-clique sur le raccourci Lop S&D présent sur le Bureau.
[*]Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
Le scan prend moins d'une minute.
[*]A l'issue du scan, le bloc-notes va s'ouvrir avec le résultat de la recherche.
[*]Enregistre le rapport LopR.txt sur le Bureau pour le retrouver facilement, sinon il sauvegardé à la racine de la partition système : C:\LopR.txt

Post le rapport

@+
0
Réponse 2 / 15
bat1 Messages postés 200 Date d'inscription jeudi 19 juin 2008 Statut Membre Dernière intervention 12 août 2009 6
19 juin 2008 à 22:04
Merci d'avoir répondu aussi vite voila le rapport aprés de nombreux beug!


-----------------------[ Lop S&D 4.2.1-6 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Bat ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 19/06/2008 | 21:56:50,30 ] [ PC : PC-DE-BAT ]
[ MAJ : 16-06-2008 | 23:01 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[01/02/2008|19:36] C:\Users\Bat\AppData\Roaming\Adobe\Flash Player
[16/12/2007|16:00] C:\Users\Bat\AppData\Roaming\Adobe\Linguistics
[16/12/2007|15:03] C:\Users\Bat\AppData\Roaming\Adobe\Acrobat

[25/03/2008|23:15] C:\Users\Bat\AppData\Roaming\Apple Computer\iTunes
[03/01/2008|13:58] C:\Users\Bat\AppData\Roaming\Apple Computer\QuickTime

[20/02/2008|00:51] C:\Users\Bat\AppData\Roaming\dvdcss\RATATOUILLE-2007111414124000-2e97321f51

[06/06/2008|17:41] C:\Users\Bat\AppData\Roaming\Google\Local Search History
[21/03/2008|13:28] C:\Users\Bat\AppData\Roaming\Google\GoogleEarth

[11/11/2007|12:51] C:\Users\Bat\AppData\Roaming\Identities\{7FEC00DA-BDC6-4A4E-9A5E-9EBC910215E2}

[11/11/2007|20:03] C:\Users\Bat\AppData\Roaming\InstallShield\ISEngine12.0

[03/01/2008|23:44] C:\Users\Bat\AppData\Roaming\LimeWire\.AppSpecialShare
[03/01/2008|23:43] C:\Users\Bat\AppData\Roaming\LimeWire\xml
[03/01/2008|23:43] C:\Users\Bat\AppData\Roaming\LimeWire\themes

[17/06/2008|14:24] C:\Users\Bat\AppData\Roaming\Macromedia\Flash Player


[02/06/2008|00:32] C:\Users\Bat\AppData\Roaming\Microsoft\Windows Photo Gallery
[17/02/2008|19:55] C:\Users\Bat\AppData\Roaming\Microsoft\Installer
[17/02/2008|14:29] C:\Users\Bat\AppData\Roaming\Microsoft\IdentityCRL
[12/02/2008|12:47] C:\Users\Bat\AppData\Roaming\Microsoft\Credentials
[23/01/2008|17:51] C:\Users\Bat\AppData\Roaming\Microsoft\MMC
[30/12/2007|15:15] C:\Users\Bat\AppData\Roaming\Microsoft\MSN Messenger
[21/12/2007|00:56] C:\Users\Bat\AppData\Roaming\Microsoft\eHome
[08/12/2007|19:30] C:\Users\Bat\AppData\Roaming\Microsoft\Crypto
[04/12/2007|19:32] C:\Users\Bat\AppData\Roaming\Microsoft\Speech
[24/11/2007|02:33] C:\Users\Bat\AppData\Roaming\Microsoft\HTML Help
[16/11/2007|18:30] C:\Users\Bat\AppData\Roaming\Microsoft\Windows
[11/11/2007|22:17] C:\Users\Bat\AppData\Roaming\Microsoft\Internet Explorer
[11/11/2007|16:46] C:\Users\Bat\AppData\Roaming\Microsoft\Network
[11/11/2007|12:51] C:\Users\Bat\AppData\Roaming\Microsoft\SystemCertificates
[11/11/2007|12:51] C:\Users\Bat\AppData\Roaming\Microsoft\Protect

[03/01/2008|19:55] C:\Users\Bat\AppData\Roaming\Mozilla\Firefox



[11/11/2007|12:51] C:\Users\Bat\AppData\Roaming\OFFICE One v7\OFFICE One Startup v7

[11/11/2007|18:15] C:\Users\Bat\AppData\Roaming\OFFICEOne7\user

[19/06/2008|21:30] C:\Users\Bat\AppData\Roaming\Packard Bell\Setup my PC
[26/03/2008|12:14] C:\Users\Bat\AppData\Roaming\Packard Bell\InfoCentre
[16/11/2007|18:08] C:\Users\Bat\AppData\Roaming\Packard Bell\Smart Restore

[30/05/2008|19:41] C:\Users\Bat\AppData\Roaming\Panasonic\phdb



[17/01/2008|17:41] C:\Users\Bat\AppData\Roaming\vlc\cache

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[26/03/2008 12:15][--a------] C:\Windows\tasks\HDReg.job
[13/06/2008 20:08][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - Bat.job
[19/06/2008 18:10][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{5D31AB8B-AEAF-4471-8434-FF416FCDBA40}.job
[19/06/2008 21:30][--a------] C:\Windows\tasks\Extension de garantie.job
[19/06/2008 21:30][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[19/06/2008 21:56][--ah-----] C:\Windows\tasks\SA.DAT
[19/06/2008 21:55][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[26/04/2008|23:30] C:\ProgramData\Adobe
[16/11/2007|18:16] C:\ProgramData\AOL
[26/03/2008|09:59] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[17/06/2008|08:52] C:\ProgramData\BONE ABOUT BOOK BOWS
[31/12/2007|13:53] C:\ProgramData\boob proc draw.1ay58
[11/11/2007|12:37] C:\ProgramData\Bureau
[30/05/2008|14:19] C:\ProgramData\CheckPoint
[22/04/2007|11:20] C:\ProgramData\Ciel
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[11/11/2007|12:37] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[22/04/2007|11:12] C:\ProgramData\Google
[20/04/2008|11:57] C:\ProgramData\LogiShrd
[17/02/2008|19:51] C:\ProgramData\Logitech
[11/11/2007|12:37] C:\ProgramData\Menu D‚marrer
[31/12/2007|13:56] C:\ProgramData\Messenger Plus!
[05/03/2008|18:18] C:\ProgramData\Microsoft
[11/11/2007|12:37] C:\ProgramData\ModŠles
[17/06/2008|08:52] C:\ProgramData\Nurb Knob Audio
[22/04/2007|11:30] C:\ProgramData\OFFICE One v7
[17/06/2008|08:52] C:\ProgramData\program pure nurb.3ncjt
[17/06/2008|08:52] C:\ProgramData\scr frag frag.00gae3
[17/06/2008|08:52] C:\ProgramData\scr frag frag.2zuquna
[31/12/2007|13:53] C:\ProgramData\scr frag frag.6kx0mt5
[17/06/2008|13:40] C:\ProgramData\scr frag frag.irtt3ya
[17/06/2008|12:13] C:\ProgramData\scr frag frag.n1pi9ia
[17/06/2008|12:35] C:\ProgramData\scr frag frag.y7hmy
[02/05/2008|01:13] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[16/06/2008|13:49] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[22/04/2007|11:11] C:\ProgramData\Viewpoint
[10/04/2008|12:12] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[26/04/2008|23:30] C:\Program Files\Adobe
[11/11/2007|21:14] C:\Program Files\Alwil Software
[06/06/2008|17:37] C:\Program Files\CCleaner
[22/04/2007|11:20] C:\Program Files\Ciel
[26/12/2007|16:51] C:\Program Files\Citron
[26/04/2008|23:30] C:\Program Files\Common Files
[11/11/2007|21:06] C:\Program Files\desktop.ini
[11/11/2007|18:27] C:\Program Files\Eidos
[11/11/2007|12:37] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[19/06/2008|21:06] C:\Program Files\GameSpy Arcade
[16/06/2008|08:46] C:\Program Files\Google
[04/01/2008|01:46] C:\Program Files\GRETECH
[22/04/2007|11:08] C:\Program Files\HDReg
[26/03/2008|10:06] C:\Program Files\InstallShield Installation Information
[13/06/2008|09:43] C:\Program Files\Internet Explorer
[22/04/2007|11:26] C:\Program Files\ISSENDIS
[27/04/2008|12:03] C:\Program Files\Java
[20/04/2008|11:57] C:\Program Files\Logitech
[19/06/2008|19:03] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[10/04/2008|12:36] C:\Program Files\Microsoft SQL Server Compact Edition
[26/12/2007|02:56] C:\Program Files\MioNet
[22/04/2007|20:43] C:\Program Files\Movie Maker
[15/06/2008|11:53] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[17/06/2008|08:50] C:\Program Files\MSN Messenger
[11/11/2007|21:33] C:\Program Files\MSN Toolbar
[11/11/2007|20:38] C:\Program Files\MSXML 4.0
[22/04/2007|11:31] C:\Program Files\OFFICE ONE 7.0
[22/04/2007|11:30] C:\Program Files\OFFICE One v7
[11/11/2007|20:51] C:\Program Files\OrangeHSS
[26/03/2008|09:49] C:\Program Files\Packard Bell
[25/12/2007|11:37] C:\Program Files\Panasonic
[18/04/2008|16:49] C:\Program Files\PhotoFiltre
[22/04/2007|11:02] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[11/11/2007|20:04] C:\Program Files\SAGEM
[22/04/2007|11:32] C:\Program Files\Skype
[02/05/2008|00:40] C:\Program Files\Spybot - Search & Destroy
[21/12/2007|10:24] C:\Program Files\THQ
[06/06/2008|14:37] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[03/01/2008|18:19] C:\Program Files\UT2004
[03/01/2008|19:08] C:\Program Files\Valve
[17/11/2007|20:45] C:\Program Files\VideoLAN
[22/04/2007|11:11] C:\Program Files\Viewpoint
[11/11/2007|21:01] C:\Program Files\Windows Calendar
[22/04/2007|20:43] C:\Program Files\Windows Collaboration
[11/11/2007|21:01] C:\Program Files\Windows Defender
[22/04/2007|20:43] C:\Program Files\Windows Journal
[14/04/2008|00:05] C:\Program Files\Windows Live
[13/06/2008|09:43] C:\Program Files\Windows Mail
[03/01/2008|16:33] C:\Program Files\Windows Media Player
[11/11/2007|12:37] C:\Program Files\Windows NT
[22/04/2007|20:43] C:\Program Files\Windows Photo Gallery
[11/01/2008|17:26] C:\Program Files\Windows Sidebar
[30/05/2008|14:19] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[26/04/2008|23:31] C:\Program Files\Common Files\Adobe
[16/11/2007|18:16] C:\Program Files\Common Files\aol
[22/04/2007|11:11] C:\Program Files\Common Files\aolshare
[22/04/2007|11:20] C:\Program Files\Common Files\Ciel
[11/11/2007|20:44] C:\Program Files\Common Files\France Telecom
[26/12/2007|01:26] C:\Program Files\Common Files\InstallShield
[01/12/2007|15:11] C:\Program Files\Common Files\Java
[20/04/2008|12:05] C:\Program Files\Common Files\LogiShrd
[10/04/2008|12:16] C:\Program Files\Common Files\microsoft shared
[22/04/2007|11:20] C:\Program Files\Common Files\MSSoap
[22/04/2007|11:11] C:\Program Files\Common Files\Nullsoft
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[26/12/2007|16:44] C:\Program Files\Common Files\snpstd
[26/12/2007|01:26] C:\Program Files\Common Files\SPC610NC
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[03/01/2008|19:20] C:\Program Files\Common Files\Steam
[21/11/2007|16:22] C:\Program Files\Common Files\SWF Studio
[16/06/2008|13:53] C:\Program Files\Common Files\Symantec Shared
[11/11/2007|21:01] C:\Program Files\Common Files\System
[10/04/2008|12:16] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 50

iexplore.exe ~ [2552]
iexplore.exe ~ [2724]

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\boob proc draw.1ay58
C:\ProgramData\program pure nurb.3ncjt
C:\ProgramData\scr frag frag.00gae3
C:\ProgramData\scr frag frag.2zuquna
C:\ProgramData\scr frag frag.6kx0mt5
C:\ProgramData\scr frag frag.irtt3ya
C:\ProgramData\scr frag frag.n1pi9ia
C:\ProgramData\scr frag frag.y7hmy
C:\ProgramData\scr frag frag.00gae3
C:\ProgramData\scr frag frag.irtt3ya
C:\ProgramData\scr frag frag.y7hmy

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\ProgramData\BONE ABOUT BOOK BOWS
C:\ProgramData\BONE ABOUT BOOK BOWS\Corn title.exe
C:\ProgramData\BONE ABOUT BOOK BOWS\Fast for.exe
C:\Windows\Prefetch\FAST FOR.EXE-8F45BE83.pf
C:\Users\Bat\AppData\Roaming\MICROS~1\Windows\Cookies\bat@adopt.euroclick[2].txt

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Base bird"="\"C:\\ProgramData\\scr frag frag.irtt3ya\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-19 21:58:31
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

[F:210][D:6]-> C:\Users\Bat\AppData\Local\Temp
[F:191][D:1]-> C:\Users\Bat\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1593][D:5]-> C:\Users\Bat\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:4]-> C:\$Recycle.Bin

[ UAC => 1 ]

--------------------[ Fin du rapport a 22:00:57,31 ]----------------------
0
Réponse 3 / 15
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 juin 2008 à 22:10
re,

fais ceci :

* Télécharge OTMoveIt2 (de Old_Timer) sur ton bureau : http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
* Double-clique sur OTMoveIt.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste Custom List of Files/Folders to Move" :

C:\ProgramData\Viewpoint

* Clique sur MoveIt! pour lancer la suppression,
* Le résultat appraraîtra dans le cadre Results.
* Clique sur Exit pour fermer le programme.
* Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
* Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.

puis passe l´option 2 de lopsd et post son rapport egalement

@+
0
Réponse 4 / 15
bat1 Messages postés 200 Date d'inscription jeudi 19 juin 2008 Statut Membre Dernière intervention 12 août 2009 6
19 juin 2008 à 22:18
Excuse je suis pas très doué mais quel fichier veux tu que je colle??
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
bat1 Messages postés 200 Date d'inscription jeudi 19 juin 2008 Statut Membre Dernière intervention 12 août 2009 6
19 juin 2008 à 22:19
Nan c'est bon j'ai relu et j'ai compris escuses moi
0
Réponse 6 / 15
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 juin 2008 à 22:20
ok
0
Réponse 7 / 15
bat1 Messages postés 200 Date d'inscription jeudi 19 juin 2008 Statut Membre Dernière intervention 12 août 2009 6
19 juin 2008 à 22:23
J'ai suivi tes instructions a la lettre mais je n'est aucun rapport J'ai eu les résultats je n'ai rien touché et j'ai cliquer sur exit mais rien ne se passe??
0
Réponse 8 / 15
bat1 Messages postés 200 Date d'inscription jeudi 19 juin 2008 Statut Membre Dernière intervention 12 août 2009 6
19 juin 2008 à 22:27
J'ai trouver sa:

C:\ProgramData\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus moved successfully.
C:\ProgramData\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9 moved successfully.
C:\ProgramData\Viewpoint\Viewpoint Experience Technology\UserShell moved successfully.
C:\ProgramData\Viewpoint\Viewpoint Experience Technology moved successfully.
C:\ProgramData\Viewpoint moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06192008_221919
0
Réponse 9 / 15
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 juin 2008 à 22:29
ok

fais l´option 2 de lopsd et post son rapport également

@+
0
Réponse 10 / 15
bat1 Messages postés 200 Date d'inscription jeudi 19 juin 2008 Statut Membre Dernière intervention 12 août 2009 6
19 juin 2008 à 22:39
ok merci voila le rapport


-----------------------[ Lop S&D 4.2.1-6 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Bat ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 19/06/2008 | 22:32:59,97 ] [ PC : PC-DE-BAT ]
[ MAJ : 16-06-2008 | 23:01 ]
[ UAC => 0 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\ProgramData\BONE ABOUT BOOK BOWS\Corn title.exe
Supprimé! - C:\ProgramData\BONE ABOUT BOOK BOWS\Fast for.exe
Supprimé! - C:\Windows\Prefetch\FAST FOR.EXE-8F45BE83.pf
Supprimé! - C:\Users\Bat\AppData\Roaming\MICROS~1\Windows\Cookies\bat@adopt.euroclick[2].txt
Supprimé! - C:\ProgramData\boob proc draw.1ay58
Supprimé! - C:\ProgramData\program pure nurb.3ncjt
Supprimé! - C:\ProgramData\scr frag frag.00gae3
Supprimé! - C:\ProgramData\scr frag frag.2zuquna
Supprimé! - C:\ProgramData\scr frag frag.6kx0mt5
Supprimé! - C:\ProgramData\scr frag frag.irtt3ya
Supprimé! - C:\ProgramData\scr frag frag.n1pi9ia
Supprimé! - C:\ProgramData\scr frag frag.y7hmy
Supprimé! - C:\ProgramData\BONE ABOUT BOOK BOWS
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprimé! - C:\Program Files\Viewpoint

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[01/02/2008|19:36] C:\Users\Bat\AppData\Roaming\Adobe\Flash Player
[16/12/2007|16:00] C:\Users\Bat\AppData\Roaming\Adobe\Linguistics
[16/12/2007|15:03] C:\Users\Bat\AppData\Roaming\Adobe\Acrobat

[25/03/2008|23:15] C:\Users\Bat\AppData\Roaming\Apple Computer\iTunes
[03/01/2008|13:58] C:\Users\Bat\AppData\Roaming\Apple Computer\QuickTime

[20/02/2008|00:51] C:\Users\Bat\AppData\Roaming\dvdcss\RATATOUILLE-2007111414124000-2e97321f51

[06/06/2008|17:41] C:\Users\Bat\AppData\Roaming\Google\Local Search History
[21/03/2008|13:28] C:\Users\Bat\AppData\Roaming\Google\GoogleEarth

[11/11/2007|12:51] C:\Users\Bat\AppData\Roaming\Identities\{7FEC00DA-BDC6-4A4E-9A5E-9EBC910215E2}

[11/11/2007|20:03] C:\Users\Bat\AppData\Roaming\InstallShield\ISEngine12.0

[03/01/2008|23:44] C:\Users\Bat\AppData\Roaming\LimeWire\.AppSpecialShare
[03/01/2008|23:43] C:\Users\Bat\AppData\Roaming\LimeWire\xml
[03/01/2008|23:43] C:\Users\Bat\AppData\Roaming\LimeWire\themes

[17/06/2008|14:24] C:\Users\Bat\AppData\Roaming\Macromedia\Flash Player


[02/06/2008|00:32] C:\Users\Bat\AppData\Roaming\Microsoft\Windows Photo Gallery
[17/02/2008|19:55] C:\Users\Bat\AppData\Roaming\Microsoft\Installer
[17/02/2008|14:29] C:\Users\Bat\AppData\Roaming\Microsoft\IdentityCRL
[12/02/2008|12:47] C:\Users\Bat\AppData\Roaming\Microsoft\Credentials
[23/01/2008|17:51] C:\Users\Bat\AppData\Roaming\Microsoft\MMC
[30/12/2007|15:15] C:\Users\Bat\AppData\Roaming\Microsoft\MSN Messenger
[21/12/2007|00:56] C:\Users\Bat\AppData\Roaming\Microsoft\eHome
[08/12/2007|19:30] C:\Users\Bat\AppData\Roaming\Microsoft\Crypto
[04/12/2007|19:32] C:\Users\Bat\AppData\Roaming\Microsoft\Speech
[24/11/2007|02:33] C:\Users\Bat\AppData\Roaming\Microsoft\HTML Help
[16/11/2007|18:30] C:\Users\Bat\AppData\Roaming\Microsoft\Windows
[11/11/2007|22:17] C:\Users\Bat\AppData\Roaming\Microsoft\Internet Explorer
[11/11/2007|16:46] C:\Users\Bat\AppData\Roaming\Microsoft\Network
[11/11/2007|12:51] C:\Users\Bat\AppData\Roaming\Microsoft\SystemCertificates
[11/11/2007|12:51] C:\Users\Bat\AppData\Roaming\Microsoft\Protect

[03/01/2008|19:55] C:\Users\Bat\AppData\Roaming\Mozilla\Firefox



[11/11/2007|12:51] C:\Users\Bat\AppData\Roaming\OFFICE One v7\OFFICE One Startup v7

[11/11/2007|18:15] C:\Users\Bat\AppData\Roaming\OFFICEOne7\user

[19/06/2008|22:30] C:\Users\Bat\AppData\Roaming\Packard Bell\Setup my PC
[26/03/2008|12:14] C:\Users\Bat\AppData\Roaming\Packard Bell\InfoCentre
[16/11/2007|18:08] C:\Users\Bat\AppData\Roaming\Packard Bell\Smart Restore

[30/05/2008|19:41] C:\Users\Bat\AppData\Roaming\Panasonic\phdb



[17/01/2008|17:41] C:\Users\Bat\AppData\Roaming\vlc\cache

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[26/03/2008 12:15][--a------] C:\Windows\tasks\HDReg.job
[13/06/2008 20:08][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - Bat.job
[19/06/2008 18:10][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{5D31AB8B-AEAF-4471-8434-FF416FCDBA40}.job
[19/06/2008 22:30][--a------] C:\Windows\tasks\Extension de garantie.job
[19/06/2008 22:30][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[19/06/2008 22:32][--ah-----] C:\Windows\tasks\SA.DAT
[19/06/2008 22:31][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[26/04/2008|23:30] C:\ProgramData\Adobe
[16/11/2007|18:16] C:\ProgramData\AOL
[26/03/2008|09:59] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[11/11/2007|12:37] C:\ProgramData\Bureau
[30/05/2008|14:19] C:\ProgramData\CheckPoint
[22/04/2007|11:20] C:\ProgramData\Ciel
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[11/11/2007|12:37] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[22/04/2007|11:12] C:\ProgramData\Google
[20/04/2008|11:57] C:\ProgramData\LogiShrd
[17/02/2008|19:51] C:\ProgramData\Logitech
[11/11/2007|12:37] C:\ProgramData\Menu D‚marrer
[31/12/2007|13:56] C:\ProgramData\Messenger Plus!
[05/03/2008|18:18] C:\ProgramData\Microsoft
[11/11/2007|12:37] C:\ProgramData\ModŠles
[17/06/2008|08:52] C:\ProgramData\Nurb Knob Audio
[22/04/2007|11:30] C:\ProgramData\OFFICE One v7
[02/05/2008|01:13] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[16/06/2008|13:49] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[10/04/2008|12:12] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[26/04/2008|23:30] C:\Program Files\Adobe
[11/11/2007|21:14] C:\Program Files\Alwil Software
[06/06/2008|17:37] C:\Program Files\CCleaner
[22/04/2007|11:20] C:\Program Files\Ciel
[26/12/2007|16:51] C:\Program Files\Citron
[26/04/2008|23:30] C:\Program Files\Common Files
[11/11/2007|21:06] C:\Program Files\desktop.ini
[11/11/2007|18:27] C:\Program Files\Eidos
[11/11/2007|12:37] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[19/06/2008|21:06] C:\Program Files\GameSpy Arcade
[16/06/2008|08:46] C:\Program Files\Google
[04/01/2008|01:46] C:\Program Files\GRETECH
[22/04/2007|11:08] C:\Program Files\HDReg
[26/03/2008|10:06] C:\Program Files\InstallShield Installation Information
[13/06/2008|09:43] C:\Program Files\Internet Explorer
[22/04/2007|11:26] C:\Program Files\ISSENDIS
[27/04/2008|12:03] C:\Program Files\Java
[20/04/2008|11:57] C:\Program Files\Logitech
[19/06/2008|19:03] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[10/04/2008|12:36] C:\Program Files\Microsoft SQL Server Compact Edition
[26/12/2007|02:56] C:\Program Files\MioNet
[22/04/2007|20:43] C:\Program Files\Movie Maker
[15/06/2008|11:53] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[17/06/2008|08:50] C:\Program Files\MSN Messenger
[11/11/2007|21:33] C:\Program Files\MSN Toolbar
[11/11/2007|20:38] C:\Program Files\MSXML 4.0
[22/04/2007|11:31] C:\Program Files\OFFICE ONE 7.0
[22/04/2007|11:30] C:\Program Files\OFFICE One v7
[11/11/2007|20:51] C:\Program Files\OrangeHSS
[26/03/2008|09:49] C:\Program Files\Packard Bell
[25/12/2007|11:37] C:\Program Files\Panasonic
[18/04/2008|16:49] C:\Program Files\PhotoFiltre
[22/04/2007|11:02] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[11/11/2007|20:04] C:\Program Files\SAGEM
[22/04/2007|11:32] C:\Program Files\Skype
[02/05/2008|00:40] C:\Program Files\Spybot - Search & Destroy
[21/12/2007|10:24] C:\Program Files\THQ
[06/06/2008|14:37] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[03/01/2008|18:19] C:\Program Files\UT2004
[03/01/2008|19:08] C:\Program Files\Valve
[17/11/2007|20:45] C:\Program Files\VideoLAN
[11/11/2007|21:01] C:\Program Files\Windows Calendar
[22/04/2007|20:43] C:\Program Files\Windows Collaboration
[11/11/2007|21:01] C:\Program Files\Windows Defender
[22/04/2007|20:43] C:\Program Files\Windows Journal
[14/04/2008|00:05] C:\Program Files\Windows Live
[13/06/2008|09:43] C:\Program Files\Windows Mail
[03/01/2008|16:33] C:\Program Files\Windows Media Player
[11/11/2007|12:37] C:\Program Files\Windows NT
[22/04/2007|20:43] C:\Program Files\Windows Photo Gallery
[11/01/2008|17:26] C:\Program Files\Windows Sidebar
[30/05/2008|14:19] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[26/04/2008|23:31] C:\Program Files\Common Files\Adobe
[16/11/2007|18:16] C:\Program Files\Common Files\aol
[22/04/2007|11:11] C:\Program Files\Common Files\aolshare
[22/04/2007|11:20] C:\Program Files\Common Files\Ciel
[11/11/2007|20:44] C:\Program Files\Common Files\France Telecom
[26/12/2007|01:26] C:\Program Files\Common Files\InstallShield
[01/12/2007|15:11] C:\Program Files\Common Files\Java
[20/04/2008|12:05] C:\Program Files\Common Files\LogiShrd
[10/04/2008|12:16] C:\Program Files\Common Files\microsoft shared
[22/04/2007|11:20] C:\Program Files\Common Files\MSSoap
[22/04/2007|11:11] C:\Program Files\Common Files\Nullsoft
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[26/12/2007|16:44] C:\Program Files\Common Files\snpstd
[26/12/2007|01:26] C:\Program Files\Common Files\SPC610NC
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[03/01/2008|19:20] C:\Program Files\Common Files\Steam
[21/11/2007|16:22] C:\Program Files\Common Files\SWF Studio
[16/06/2008|13:53] C:\Program Files\Common Files\Symantec Shared
[11/11/2007|21:01] C:\Program Files\Common Files\System
[10/04/2008|12:16] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 64

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-19 22:35:23
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

[F:215][D:6]-> C:\Users\Bat\AppData\Local\Temp
[F:194][D:1]-> C:\Users\Bat\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1746][D:5]-> C:\Users\Bat\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:4]-> C:\$Recycle.Bin

[ UAC => 1 ]

--------------------[ Fin du rapport a 22:37:19,97 ]----------------------
0
Réponse 11 / 15
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 juin 2008 à 22:41
ok

post un nouveau rapport hijack this stp

@+
0
Réponse 12 / 15
bat1 Messages postés 200 Date d'inscription jeudi 19 juin 2008 Statut Membre Dernière intervention 12 août 2009 6
19 juin 2008 à 22:43
tiens sans probléme mais d'abord un grand merci!!!!!!!!!!! si tu passe dans la Niévre jte paye un coup^^ voila le rapport mais déja sa beug moin Merci énormémen!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:42:36, on 19/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\aol\1177233006\ee\aolsoftware.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1177233006\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
0
Réponse 13 / 15
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 juin 2008 à 22:50
De rien ; )

Je suis d´helsinki, la Nièvre ça fait un peu loin, mais merci`

a l´aide de hijack this coche et fix :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

comment fixer :

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

desinstale correctement norton :

Desinstalleur Norton:
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924

puis

demarrer / executer tape sc stop FTRTSVC puis valide par ok

demarrer/ executer tape sc delete FTRTSVC puis valide par ok"

et

pour éviter des déboires de la sorte :

spywareblaster :

http://www.brightfort.com/spywareblaster.html

c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"

tuto : https://www.malekal.com/tutorial-spywareblaster/

pour supprimer les outils utilisés

Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telechargement 34055291 toolsclean(...)
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

voila`
0
Réponse 14 / 15
bat1 Messages postés 200 Date d'inscription jeudi 19 juin 2008 Statut Membre Dernière intervention 12 août 2009 6
19 juin 2008 à 23:03
OK je vais faire tous sa!! Mais encore une fois merci pour tous!! en effet sa fait loin et une biére par la poste elle va tourner lool mais vrément un grand merci toi vous étes vraiment des génie lool Merci a plus!!!
0
Réponse 15 / 15
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 juin 2008 à 23:08
de rien ;`)

oui la bière frelatée non merci ;D

@+
0

Discussions similaires

Encore les CiD
doudoudim -
doudoudim -

18 réponses
appel intrusif sur Skype
FAMATHELY -
Utilisateur anonyme -

3 réponses
comment donner les droits sur fichier partage
ch'ti du 57 -
fil1958 -

2 réponses
Problème CiD
Djemalounet -
Djemalounet -

104 réponses
Probleme CiD
jijipo -
wacco -

9 réponses