Fenetre CID

Résolu
rockstars Messages postés 49 Statut Membre -  
totobetourne Messages postés 5677 Statut Membre -
Bonjour,
j'ai fait la plus pard de chose dit sur le forum pour bloquer c'est fenetre de pub CID (msn+) mais le prob sa a l'air simple a l'aide delopxp sur windows xp mais j'ai vista donc si quelqu'un peu maider svp ou trouver un programe similair mais qui fonction sur vista merci d'avance
Configuration: Windows Vista
Firefox 2.0.0.14

41 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Une infection sous Windows Vista provoque des publicités intrusives liées à CID (MSN+), et plusieurs utilisateurs cherchent des solutions efficaces pour s'en défaire.
Des mesures essentielles consistent d'abord à réaliser un scan complet avec Malwarebytes' Anti-Malware et à supprimer les éléments détectés, puis à examiner le rapport pour dépannage.
Ensuite, des outils comme OTMoveIt2, exécuté avec les droits administrateur, permettent de déplacer et supprimer des fichiers suspects, tandis que d'autres utilitaires donnent des rapports pour diagnostiquer les entrées indésirables.
En cas de résidus, des techniques complémentaires existent pour traiter les programmes de démarrage et les composants restants, et il est recommandé de relancer un scanning après nettoyage.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. totobetourne Messages postés 5677 Statut Membre 65
     
    en avec ce lien cela devrait mieux se passer

    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    fais comme indique et colle les rapports.je ne sais pas comment il fonctionne , renseigne toi si c est comme lop xp pour le fonctionnement du programme.

    as tu d essayer d enlever le programme cid(dans ajout en suppression de programme) en mode sans echec?cela fonctionne mais pas chez tout le monde.
    0
  2. rockstars Messages postés 49 Statut Membre
     
    ok je vais essayer merci de la reponse aussi rapide
    0
  3. rockstars Messages postés 49 Statut Membre
     
    et pour les programme du type de bit dowload je nen n'st pas donc
    0
  4. totobetourne Messages postés 5677 Statut Membre 65
     
    commence par cela

    telecharge

    http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

    installe le normallement comme tout autre programme dans c/programme/...............
    clique sur do a scan and save a logfile, tu obtiens un rapport que tu colles.
    parfois alerte comme quoi, sans la fonction administrateur le rapport ne peut pas etre complet .
    a ce moment relance hijack avec un clique droit sur le raccourci et executer en tant qu administrateur.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. rockstars Messages postés 49 Statut Membre
     
    je vous le mais a vous la ici le raport car je les deja enfaite
    0
  7. rockstars Messages postés 49 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:48:29, on 02/07/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\pspvideo9\pspVideo9.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Winamp Remote\bin\OrbTray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
    C:\Program Files\Hamachi\hamachi.exe
    C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
    C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\hp\kbd\kbd.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [HopeDumb] "C:\ProgramData\beepmanagermanager.y7wkr"
    O4 - HKCU\..\Run: [Help Creative Meow City] "C:\ProgramData\body phone drive.x73p2"
    O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
    O4 - Startup: Lop S&D.lnk = C:\Lop SD\LopSD.cmd
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    0
  8. rockstars Messages postés 49 Statut Membre
     
    je reviendré plus tard si vous pouver me dire se qu'il y a merci sinon pas grave
    0
  9. plop
     
    tu es infecté par lop/swizzor,ca se voit avec ce style de lignes dans HJT:

    O4 - HKCU\..\Run: [HopeDumb] "C:\ProgramData\beepmanagermanager.y7wkr"
    O4 - HKCU\..\Run: [Help Creative Meow City] "C:\ProgramData\body phone drive.x73p2"

    télécharge lopsd (Eric71) cité plus haut,installe-le,lance-le,choisis directement l'option2,il va désactiver
    l'UAC tout seul et supprimer les daubes en rapport avec l'infection.copie-colle le rapport final
    parce que des fois ça arrive il reste des petits résidus.
    0
  10. rockstars Messages postés 49 Statut Membre
     
    ok je les fait je vous renvoire le raport de aprés loption 2
    0
  11. rockstars Messages postés 49 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:41:12, on 02/07/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\pspvideo9\pspVideo9.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Winamp Remote\bin\OrbTray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
    C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
    C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Windows\system32\conime.exe
    C:\hp\kbd\kbd.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [HopeDumb] "C:\ProgramData\beepmanagermanager.y7wkr"
    O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    0
  12. plop
     
    il reste une trace et il manque le rapport lopsd.
    0
  13. rockstars Messages postés 49 Statut Membre
     
    tien le rapport lopsd je te le mé
    0
  14. rockstars Messages postés 49 Statut Membre
     
    -----------------------[ Lop S&D 4.2.1-9 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
    [ USER : duncan ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 02/07/2008 | 13:21:32,43 ] [ PC : PC-DE-DUNCAN ]
    [ MAJ : 01-07-2008 | 00:25 ]
    [ UAC => 0 ]

    -------------[ Listing des dossiers dans Roaming ]------------

    [22/08/2007|17:02] C:\Users\duncan\AppData\Roaming\Ace\cache

    [20/01/2008|22:25] C:\Users\duncan\AppData\Roaming\Adobe\Flash Player
    [26/08/2007|22:21] C:\Users\duncan\AppData\Roaming\Adobe\ImageReady
    [25/08/2007|11:31] C:\Users\duncan\AppData\Roaming\Adobe\Workflow
    [25/08/2007|11:30] C:\Users\duncan\AppData\Roaming\Adobe\FileBrowser
    [25/08/2007|11:30] C:\Users\duncan\AppData\Roaming\Adobe\Photoshop
    [25/08/2007|10:59] C:\Users\duncan\AppData\Roaming\Adobe\Linguistics
    [25/08/2007|10:59] C:\Users\duncan\AppData\Roaming\Adobe\Acrobat

    [07/03/2008|16:51] C:\Users\duncan\AppData\Roaming\AVS4YOU\AVSVideoConverter

    [22/08/2007|20:15] C:\Users\duncan\AppData\Roaming\DivX\DivX Player
    [22/08/2007|20:14] C:\Users\duncan\AppData\Roaming\DivX\DivX Codec

    [05/12/2007|21:52] C:\Users\duncan\AppData\Roaming\Download Manager\AV Music Morpher

    [06/10/2007|21:22] C:\Users\duncan\AppData\Roaming\Google\GoogleEarth
    [23/08/2007|13:53] C:\Users\duncan\AppData\Roaming\Google\Local Search History

    [01/07/2008|12:33] C:\Users\duncan\AppData\Roaming\Grisoft\AVG Antispyware 7.5

    [29/12/2007|23:39] C:\Users\duncan\AppData\Roaming\Hamachi\RSA Keys
    [23/09/2007|17:31] C:\Users\duncan\AppData\Roaming\Hamachi\Chat Logs
    [23/09/2007|17:31] C:\Users\duncan\AppData\Roaming\Hamachi\Networks

    [22/08/2007|14:27] C:\Users\duncan\AppData\Roaming\Hewlett-Packard\HP Software UI

    [02/07/2008|12:37] C:\Users\duncan\AppData\Roaming\HP\CRMLogs
    [23/08/2007|15:04] C:\Users\duncan\AppData\Roaming\HP\ScLogs
    [22/08/2007|19:09] C:\Users\duncan\AppData\Roaming\HP\Digital Imaging

    [22/08/2007|14:37] C:\Users\duncan\AppData\Roaming\Identities\{7C456883-8281-4986-8656-C22E0911421D}

    [22/08/2007|16:37] C:\Users\duncan\AppData\Roaming\InstallShield\ISEngine12.0

    [03/10/2007|22:15] C:\Users\duncan\AppData\Roaming\InstallShield Installation Information\{A376CC14-A32D-4D4D-889E-5546BCC4B595}

    [23/08/2007|13:44] C:\Users\duncan\AppData\Roaming\LimeWire\.AppSpecialShare
    [23/08/2007|13:44] C:\Users\duncan\AppData\Roaming\LimeWire\xml
    [23/08/2007|13:44] C:\Users\duncan\AppData\Roaming\LimeWire\themes

    [02/07/2008|10:54] C:\Users\duncan\AppData\Roaming\Macromedia\Flash Player

    [23/06/2008|01:10] C:\Users\duncan\AppData\Roaming\Microsoft\Windows Photo Gallery
    [24/04/2008|12:16] C:\Users\duncan\AppData\Roaming\Microsoft\Word
    [24/04/2008|11:47] C:\Users\duncan\AppData\Roaming\Microsoft\MSN Messenger
    [01/04/2008|22:29] C:\Users\duncan\AppData\Roaming\Microsoft\Office
    [01/04/2008|20:07] C:\Users\duncan\AppData\Roaming\Microsoft\Clip Organizer
    [26/01/2008|00:46] C:\Users\duncan\AppData\Roaming\Microsoft\Installer
    [27/10/2007|21:38] C:\Users\duncan\AppData\Roaming\Microsoft\Crypto
    [13/10/2007|19:14] C:\Users\duncan\AppData\Roaming\Microsoft\CLView
    [02/10/2007|17:31] C:\Users\duncan\AppData\Roaming\Microsoft\Templates
    [29/09/2007|16:23] C:\Users\duncan\AppData\Roaming\Microsoft\MMC
    [27/09/2007|11:06] C:\Users\duncan\AppData\Roaming\Microsoft\Speech
    [25/09/2007|18:02] C:\Users\duncan\AppData\Roaming\Microsoft\Excel
    [23/09/2007|15:28] C:\Users\duncan\AppData\Roaming\Microsoft\IdentityCRL
    [20/09/2007|17:04] C:\Users\duncan\AppData\Roaming\Microsoft\UProof
    [22/08/2007|22:15] C:\Users\duncan\AppData\Roaming\Microsoft\Proof
    [22/08/2007|22:15] C:\Users\duncan\AppData\Roaming\Microsoft\Document Building Blocks
    [22/08/2007|22:15] C:\Users\duncan\AppData\Roaming\Microsoft\AddIns
    [22/08/2007|20:10] C:\Users\duncan\AppData\Roaming\Microsoft\Internet Explorer
    [22/08/2007|19:01] C:\Users\duncan\AppData\Roaming\Microsoft\Windows
    [22/08/2007|15:29] C:\Users\duncan\AppData\Roaming\Microsoft\HTML Help
    [22/08/2007|14:38] C:\Users\duncan\AppData\Roaming\Microsoft\SystemCertificates
    [22/08/2007|14:37] C:\Users\duncan\AppData\Roaming\Microsoft\Protect
    [22/08/2007|14:28] C:\Users\duncan\AppData\Roaming\Microsoft\CLR Security Config
    [22/08/2007|14:25] C:\Users\duncan\AppData\Roaming\Microsoft\Credentials

    [20/01/2008|19:29] C:\Users\duncan\AppData\Roaming\Mozilla\Firefox

    [14/12/2007|19:43] C:\Users\duncan\AppData\Roaming\Real\RealPlayer

    [03/05/2008|22:41] C:\Users\duncan\AppData\Roaming\Roxio\MediaManager9
    [03/05/2008|22:40] C:\Users\duncan\AppData\Roaming\Roxio\MyDVD9
    [03/05/2008|22:40] C:\Users\duncan\AppData\Roaming\Roxio\VideoUI9
    [23/09/2007|10:14] C:\Users\duncan\AppData\Roaming\Roxio\Dragon
    [23/09/2007|10:14] C:\Users\duncan\AppData\Roaming\Roxio\RoxioCentral

    [09/05/2008|11:13] C:\Users\duncan\AppData\Roaming\Ubisoft\Assassin's Creed

    [23/08/2007|13:44] C:\Users\duncan\AppData\Roaming\vlc\cache

    [02/07/2008|00:08] C:\Users\duncan\AppData\Roaming\Winamp\Plugins

    [14/12/2007|19:07] C:\Users\duncan\AppData\Roaming\Yahoo!\Companion

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [02/07/2008 02:01][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{46BC4B64-DC5F-454E-8898-2064FA4CC268}.job
    [02/07/2008 13:20][--ah-----] C:\Windows\tasks\SA.DAT
    [02/07/2008 13:19][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [18/06/2007|12:04] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
    [26/04/2008|03:35] C:\ProgramData\Adobe
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [07/03/2008|16:51] C:\ProgramData\AVS4YOU
    [22/12/2007|14:38] C:\ProgramData\beepmanagermanager.1xpm2
    [25/12/2007|19:33] C:\ProgramData\beepmanagermanager.3xb2ry
    [05/03/2008|13:45] C:\ProgramData\beepmanagermanager.48eca
    [04/01/2008|14:40] C:\ProgramData\beepmanagermanager.4e0e3t
    [04/01/2008|14:40] C:\ProgramData\beepmanagermanager.6khjgi
    [25/02/2008|23:16] C:\ProgramData\beepmanagermanager.8g37vle
    [16/01/2008|04:45] C:\ProgramData\beepmanagermanager.b9x030
    [22/06/2008|22:43] C:\ProgramData\beepmanagermanager.g001g
    [30/04/2008|02:59] C:\ProgramData\beepmanagermanager.n508e6h
    [07/01/2008|17:59] C:\ProgramData\beepmanagermanager.ok2uaw
    [30/05/2008|14:02] C:\ProgramData\beepmanagermanager.s5tlbw
    [04/01/2008|16:29] C:\ProgramData\beepmanagermanager.v8i5pw
    [04/01/2008|16:51] C:\ProgramData\beepmanagermanager.xoj1ug
    [22/06/2008|22:43] C:\ProgramData\beepmanagermanager.y7wkr
    [22/08/2007|14:19] C:\ProgramData\Bureau
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [22/08/2007|14:19] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [02/07/2008|10:57] C:\ProgramData\Google
    [01/07/2008|14:47] C:\ProgramData\Google Updater
    [01/07/2008|12:33] C:\ProgramData\Grisoft
    [22/08/2007|18:56] C:\ProgramData\Hewlett-Packard
    [22/08/2007|19:09] C:\ProgramData\HP
    [22/08/2007|19:04] C:\ProgramData\HPSSUPPLY
    [24/04/2008|12:13] C:\ProgramData\hpzinstall.log
    [25/09/2007|19:51] C:\ProgramData\Logishrd
    [23/08/2007|12:21] C:\ProgramData\Logitech
    [25/08/2007|11:25] C:\ProgramData\Macrovision
    [22/08/2007|14:19] C:\ProgramData\Menu D‚marrer
    [22/08/2007|15:29] C:\ProgramData\Microsoft
    [14/05/2008|03:04] C:\ProgramData\Microsoft Help
    [22/06/2008|22:43] C:\ProgramData\MixTwoPoke
    [22/08/2007|14:19] C:\ProgramData\ModŠles
    [18/06/2007|11:58] C:\ProgramData\muvee Technologies
    [29/06/2008|18:42] C:\ProgramData\OrbNetworks
    [18/06/2007|12:07] C:\ProgramData\PC-Doctor
    [01/07/2008|18:26] C:\ProgramData\Roxio
    [18/06/2007|11:54] C:\ProgramData\Sonic
    [11/05/2008|13:36] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [22/08/2007|23:39] C:\ProgramData\Symantec
    [26/11/2007|22:25] C:\ProgramData\TechSmith
    [11/05/2008|13:36] C:\ProgramData\TEMP
    [02/11/2006|15:02] C:\ProgramData\Templates
    [20/06/2008|17:56] C:\ProgramData\TrackMania
    [09/05/2008|11:10] C:\ProgramData\Ubisoft
    [22/08/2007|19:16] C:\ProgramData\WEBREG
    [29/06/2008|18:32] C:\ProgramData\Winamp Toolbar
    [08/02/2008|23:47] C:\ProgramData\WLInstaller
    [14/12/2007|19:07] C:\ProgramData\Yahoo! Companion

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [18/06/2007|12:04] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [24/08/2007|18:15] C:\Program Files\Activision
    [26/04/2008|03:34] C:\Program Files\Adobe
    [27/09/2007|20:07] C:\Program Files\AGEIA Technologies
    [22/08/2007|15:12] C:\Program Files\Alwil Software
    [05/12/2007|22:23] C:\Program Files\AV VCS 3.0
    [05/12/2007|22:19] C:\Program Files\AV Vcs 6.0 DIAMOND
    [02/12/2007|12:14] C:\Program Files\AV Vcs 6.0 GOLD
    [07/03/2008|14:12] C:\Program Files\AviSynth 2.5
    [07/03/2008|16:50] C:\Program Files\AVS4YOU
    [09/02/2008|12:20] C:\Program Files\CCleaner
    [07/03/2008|16:49] C:\Program Files\Common Files
    [10/05/2008|10:44] C:\Program Files\DAEMON Tools Lite
    [31/08/2007|10:37] C:\Program Files\desktop.ini
    [14/12/2007|19:07] C:\Program Files\DivX
    [24/04/2008|18:09] C:\Program Files\Dofus
    [18/06/2007|20:50] C:\Program Files\EasyBits
    [22/08/2007|14:19] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [16/12/2007|22:22] C:\Program Files\GIMP-2.0
    [02/07/2008|02:48] C:\Program Files\Google
    [01/07/2008|12:33] C:\Program Files\Grisoft
    [03/10/2007|22:05] C:\Program Files\GTA-FR.com
    [16/12/2007|14:02] C:\Program Files\Hamachi
    [18/06/2007|12:07] C:\Program Files\Hewlett-Packard
    [22/08/2007|19:04] C:\Program Files\HP
    [03/05/2008|13:49] C:\Program Files\Incomplete
    [09/05/2008|10:57] C:\Program Files\InstallShield Installation Information
    [11/06/2008|03:09] C:\Program Files\Internet Explorer
    [23/08/2007|13:43] C:\Program Files\Java
    [03/10/2007|21:14] C:\Program Files\Karasoft
    [03/05/2008|13:49] C:\Program Files\LimeWire
    [25/09/2007|17:40] C:\Program Files\Logitech
    [16/06/2008|13:03] C:\Program Files\Micro Application
    [20/09/2007|21:15] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [24/05/2008|11:02] C:\Program Files\Microsoft Games
    [31/03/2008|19:34] C:\Program Files\Microsoft Office
    [31/03/2008|19:36] C:\Program Files\Microsoft Visual Studio
    [18/06/2007|12:03] C:\Program Files\Microsoft Works
    [18/06/2007|12:03] C:\Program Files\Microsoft.NET
    [03/10/2007|21:48] C:\Program Files\Monopoly
    [18/06/2007|21:09] C:\Program Files\Movie Maker
    [29/04/2008|21:27] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [02/11/2006|14:37] C:\Program Files\MSN
    [02/04/2008|19:00] C:\Program Files\MSN Messenger
    [23/08/2007|10:52] C:\Program Files\MSXML 4.0
    [18/06/2007|11:58] C:\Program Files\muvee Technologies
    [02/07/2008|02:40] C:\Program Files\Navilog1
    [23/08/2007|10:46] C:\Program Files\Norton Internet Security
    [29/05/2008|20:07] C:\Program Files\OpenAL
    [18/06/2007|12:21] C:\Program Files\PC-Doctor 5 for Windows
    [07/03/2008|14:12] C:\Program Files\pspvideo9
    [16/06/2008|13:03] C:\Program Files\QuickTime
    [18/06/2007|11:57] C:\Program Files\Real
    [18/06/2007|11:42] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [18/06/2007|11:56] C:\Program Files\Roxio
    [18/06/2007|12:10] C:\Program Files\Services en ligne
    [09/05/2008|09:58] C:\Program Files\Smart Projects
    [11/05/2008|13:37] C:\Program Files\Spybot - Search & Destroy
    [02/07/2008|13:21] C:\Program Files\Steam
    [29/06/2008|22:52] C:\Program Files\StuffPlug3
    [18/06/2007|12:16] C:\Program Files\Symantec
    [26/08/2007|19:05] C:\Program Files\Teamspeak2_RC2
    [26/11/2007|22:25] C:\Program Files\TechSmith
    [16/12/2007|15:06] C:\Program Files\THQ
    [18/04/2008|20:15] C:\Program Files\TmNationsForever
    [02/07/2008|11:29] C:\Program Files\Trend Micro
    [09/05/2008|10:57] C:\Program Files\Ubisoft
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [23/09/2007|00:10] C:\Program Files\uTorrent
    [22/08/2007|16:36] C:\Program Files\VID_0E8F&PID_0003
    [23/08/2007|13:43] C:\Program Files\VideoLAN
    [03/06/2008|13:01] C:\Program Files\videoveille
    [29/06/2008|18:41] C:\Program Files\Winamp
    [29/06/2008|18:32] C:\Program Files\Winamp Remote
    [29/06/2008|18:32] C:\Program Files\Winamp Toolbar
    [30/08/2007|11:29] C:\Program Files\Windows Calendar
    [18/06/2007|21:09] C:\Program Files\Windows Collaboration
    [18/06/2007|11:43] C:\Program Files\Windows Defender
    [18/06/2007|21:09] C:\Program Files\Windows Journal
    [08/02/2008|23:48] C:\Program Files\Windows Live
    [11/06/2008|03:09] C:\Program Files\Windows Mail
    [11/10/2007|17:28] C:\Program Files\Windows Media Player
    [22/08/2007|14:19] C:\Program Files\Windows NT
    [18/06/2007|21:09] C:\Program Files\Windows Photo Gallery
    [10/01/2008|04:09] C:\Program Files\Windows Sidebar
    [25/08/2007|11:13] C:\Program Files\WinRAR
    [14/12/2007|19:07] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [26/04/2008|03:36] C:\Program Files\Common Files\Adobe
    [25/08/2007|11:25] C:\Program Files\Common Files\Adobe Systems Shared
    [07/03/2008|16:50] C:\Program Files\Common Files\AVSMedia
    [18/06/2007|12:03] C:\Program Files\Common Files\DESIGNER
    [22/08/2007|18:59] C:\Program Files\Common Files\Hewlett-Packard
    [22/08/2007|19:03] C:\Program Files\Common Files\HP
    [22/08/2007|14:53] C:\Program Files\Common Files\InstallShield
    [23/08/2007|13:42] C:\Program Files\Common Files\Java
    [18/06/2007|11:56] C:\Program Files\Common Files\LightScribe
    [25/09/2007|17:42] C:\Program Files\Common Files\logishrd
    [18/06/2007|11:56] C:\Program Files\Common Files\LS Getting Started
    [31/03/2008|19:33] C:\Program Files\Common Files\microsoft shared
    [18/06/2007|11:58] C:\Program Files\Common Files\muvee Technologies
    [23/08/2007|13:52] C:\Program Files\Common Files\PX Storage Engine
    [14/12/2007|19:43] C:\Program Files\Common Files\Real
    [18/06/2007|11:54] C:\Program Files\Common Files\Roxio Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [18/06/2007|11:55] C:\Program Files\Common Files\Sonic Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [11/06/2008|03:14] C:\Program Files\Common Files\Steam
    [18/06/2007|11:56] C:\Program Files\Common Files\SureThing Shared
    [22/08/2007|23:39] C:\Program Files\Common Files\Symantec Shared
    [31/03/2008|19:30] C:\Program Files\Common Files\System
    [08/02/2008|23:52] C:\Program Files\Common Files\WindowsLiveInstaller
    [27/09/2007|20:05] C:\Program Files\Common Files\Wise Installation Wizard

    ---------------------------[ Process ]--------------------------

    ... 81

    iexplore.exe ~ [3876]

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-02 13:23:11
    Windows 6.0.6000 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\Windows\pack.epk
    C:\Windows\system32\nvs2.inf
    C:\Users\duncan\AppData\Local\kmptnvco_navps.dat
    C:\Users\duncan\AppData\Local\kmptnvco_nav.dat
    C:\Users\duncan\AppData\Local\kmptnvco.dat
    [b]! EGDACCESS !/b

    => C:\Users\duncan\DOCUME~1\Downloads\Counter-Strike Source Original ----- No Crack!!! ----
    => C:\Users\duncan\DOCUME~1\Downloads\Counter-Strike Source Original ----- No Crack!!! ----\Counter-Strike Source Original ----- No Crack!!! ----.iso
    => C:\Users\duncan\DOCUME~1\Downloads\Counter-Strike Source Original ----- No Crack!!! ----\Torrent downloaded from Demonoid.com.txt
    => C:\Users\duncan\AppData\Local\Microsoft\Messenger\redbull-energy@hotmail.fr\Sharing Folders\hondaracing@hotmail.fr\Counter-Strike Source Original ----- No Crack!!! ----
    => C:\Users\duncan\AppData\Local\Microsoft\Messenger\redbull-energy@hotmail.fr\Sharing Folders\hondaracing@hotmail.fr\Counter-Strike Source Original ----- No Crack!!! ----\Counter-Strike Source Original ----- No Crack!!! ----.iso
    => C:\Users\duncan\AppData\Local\Microsoft\Messenger\redbull-energy@hotmail.fr\Sharing Folders\hondaracing@hotmail.fr\Counter-Strike Source Original ----- No Crack!!! ----\Torrent downloaded from Demonoid.com.txt
    => C:\Users\duncan\AppData\Roaming\Microsoft\Windows\Recent\Counter-Strike Source Original ----- No Crack!!! ---- (2).lnk
    => C:\Users\duncan\AppData\Roaming\Microsoft\Windows\Recent\Counter-Strike Source Original ----- No Crack!!! ---- (3).lnk
    => C:\Users\duncan\AppData\Roaming\Microsoft\Windows\Recent\Counter-Strike Source Original ----- No Crack!!! ---- (4).lnk
    => C:\Users\duncan\AppData\Roaming\Microsoft\Windows\Recent\Counter-Strike Source Original ----- No Crack!!! ----.lnk
    => C:\Users\duncan\AppData\Roaming\uTorrent\Counter - Strike - Source [ PC ] ++ Crack.torrent
    => C:\Users\duncan\AppData\Roaming\uTorrent\Counter-Strike Source Original ----- No Crack!!! ----.torrent
    => C:\Users\duncan\assasin's creed\ASSASSINS_CREED\crack
    => C:\Users\duncan\assasin's creed\ASSASSINS_CREED\crack\AssassinsCreed_Dx10.exe
    => C:\Users\duncan\assasin's creed\ASSASSINS_CREED\crack\AssassinsCreed_Dx9.exe
    => C:\Users\duncan\Documents\Downloads\Counter-Strike Source Original ----- No Crack!!! ----
    => C:\Users\duncan\Documents\Downloads\Counter-Strike Source Original ----- No Crack!!! ----\Counter-Strike Source Original ----- No Crack!!! ----.iso
    => C:\Users\duncan\Documents\Downloads\Counter-Strike Source Original ----- No Crack!!! ----\Torrent downloaded from Demonoid.com.txt
    => C:\Users\duncan\Karaoke_New\Cinema\Cinema\Fantasia (The Nutcracker) - Cinema.mid
    => C:\Users\duncan\MXvsATV\Crack
    => C:\Users\duncan\MXvsATV\Crack\MXvsATV.exe
    => C:\Users\duncan\MXvsATV\Crack\reloaded.nfo
    => C:\Users\duncan\ordi maman\Photoshop CS\Crack
    => C:\Users\duncan\ordi maman\Photoshop CS\Crack\tw10122.dat

    [F:130][D:6]-> C:\Users\duncan\AppData\Local\Temp
    [F:43][D:1]-> C:\Users\duncan\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:139][D:5]-> C:\Users\duncan\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:20][D:4]-> C:\$Recycle.Bin

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 13:26:42,50 ]----------------------
    0
  15. rockstars Messages postés 49 Statut Membre
     
    dit moi si il faut que je reface l'option 2 merci d'avance ou si il faut que je fasse un autre truc
    0
  16. totobetourne Messages postés 5677 Statut Membre 65
     
    ok d autres infections, tu ne recois jamais de pub par exemple.

    fais cela

    tu télécharge navilog1
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le blocnote.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
    0
  17. plop
     
    désactive ton UAC,voir ici:
    https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

    * télécharge Télécharge OTMoveIt2.( de OldTimer)
    http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

    * Enregistre le fichier sur le Bureau.
    * Fais un double clic sur OTMoveIt2.exe pour lancer l'exécution de l'outil.
    (tu utilises Vista, fais un clic droit sur le fichier puis choisis :Exécuter en tant qu'administrateur).
    * Sélectionne l'intégralité de la liste en gras,Copier :

    C:\ProgramData\beepmanagermanager.1xpm2
    C:\ProgramData\beepmanagermanager.3xb2ry
    C:\ProgramData\beepmanagermanager.48eca
    C:\ProgramData\beepmanagermanager.4e0e3t
    C:\ProgramData\beepmanagermanager.6khjgi
    C:\ProgramData\beepmanagermanager.8g37vle
    C:\ProgramData\beepmanagermanager.b9x030
    C:\ProgramData\beepmanagermanager.g001g
    C:\ProgramData\beepmanagermanager.n508e6h
    C:\ProgramData\beepmanagermanager.ok2uaw
    C:\ProgramData\beepmanagermanager.s5tlbw
    C:\ProgramData\beepmanagermanager.v8i5pw
    C:\ProgramData\beepmanagermanager.xoj1ug
    C:\ProgramData\beepmanagermanager.y7wkr
    C:\Program Files\Navilog1
    C:\Windows\pack.epk
    C:\Windows\system32\nvs2.inf
    C:\Users\duncan\AppData\Local\kmptnvco_navps.dat
    C:\Users\duncan\AppData\Local\kmptnvco_nav.dat
    C:\Users\duncan\AppData\Local\kmptnvco.dat


    * Retourne dans la fenêtre de OTMoveIt2, fais un clic droit dans la zone "Paste List of Files/Folders to Move" puis choisis Coller.
    * Clique sur le bouton rouge Moveit!.
    *Poste le rapport qui sera enregistré dans C:\\_OTMoveIt\MovedFiles.(xxxxxxxx_xxxxxx.log)
    0
  18. plop
     
    ajoute celui-ci à la liste en gras pour suppression

    C:\Users\duncan\AppData\Local\kmptnvco.exe

    si on oublie l'exécutable il va se régénérer à la prochaine connexion.
    0
  19. rockstars Messages postés 49 Statut Membre
     
    ok les gars mais le deja j'en est plsu m'est je ferai sa tout a lheure
    0
  20. rockstars Messages postés 49 Statut Membre
     
    mais vous etes 2 a avoir posté des truc a faire mais je fais le quel des 2 svp
    0
  21. plop
     
    désactive ton UAC,voir ici:
    https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

    * télécharge Télécharge OTMoveIt2.( de OldTimer)
    http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

    * Enregistre le fichier sur le Bureau.
    * Fais un double clic sur OTMoveIt2.exe pour lancer l'exécution de l'outil.
    (tu utilises Vista, fais un clic droit sur le fichier puis choisis :Exécuter en tant qu'administrateur).
    * Sélectionne l'intégralité de la liste en gras,Copier :

    C:\ProgramData\beepmanagermanager.1xpm2
    C:\ProgramData\beepmanagermanager.3xb2ry
    C:\ProgramData\beepmanagermanager.48eca
    C:\ProgramData\beepmanagermanager.4e0e3t
    C:\ProgramData\beepmanagermanager.6khjgi
    C:\ProgramData\beepmanagermanager.8g37vle
    C:\ProgramData\beepmanagermanager.b9x030
    C:\ProgramData\beepmanagermanager.g001g
    C:\ProgramData\beepmanagermanager.n508e6h
    C:\ProgramData\beepmanagermanager.ok2uaw
    C:\ProgramData\beepmanagermanager.s5tlbw
    C:\ProgramData\beepmanagermanager.v8i5pw
    C:\ProgramData\beepmanagermanager.xoj1ug
    C:\ProgramData\beepmanagermanager.y7wkr
    C:\Program Files\Navilog1
    C:\Windows\pack.epk
    C:\Windows\system32\nvs2.inf
    C:\Users\duncan\AppData\Local\kmptnvco_navps.dat
    C:\Users\duncan\AppData\Local\kmptnvco_nav.dat
    C:\Users\duncan\AppData\Local\kmptnvco.dat
    C:\Users\duncan\AppData\Local\kmptnvco.exe


    * Retourne dans la fenêtre de OTMoveIt2, fais un clic droit dans la zone "Paste List of Files/Folders to Move" puis choisis Coller.
    * Clique sur le bouton rouge Moveit!.
    *Poste le rapport qui sera enregistré dans C:\\_OTMoveIt\MovedFiles.(xxxxxxxx_xxxxxx.log)
    0
  • 1
  • 2
  • 3