Sujet Précédent Sujet Suivant

Fenetres CID

Résolu
Den360 Messages postés 13 Statut Membre -  
Den360 Messages postés 13 Statut Membre -
Bonjour,

Depuis quelques semaines j' ai des fenetres CId qui apparaissent et qui me dérange beaucoup. Je ne sais plus quoi faire pour m' en débarasser ... à l' aide .... je ne peut plus les voirs.

Merci de votre aide !

Den360

22 réponses

  • 1
  • 2
Réponse 1 / 22
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Salut,

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
0
Réponse 2 / 22
Den360 Messages postés 13 Statut Membre
 
Voici mon rapport .... merci de m' aider !

# Rapport Lopxp fait le 2008-07-21 à 20:27:08
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.06 - Maj du 05/02/2008

Killing 'iexplore.exe'
"C:\Program Files\Internet Explorer\iexplore.exe" (2704)
"C:\Program Files\Internet Explorer\iexplore.exe" (2728)
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" (3444)
"C:\Program Files\Internet Explorer\iexplore.exe" (560)
"C:\Program Files\Internet Explorer\iexplore.exe" (3440)
"C:\Program Files\Internet Explorer\iexplore.exe" -nohome (2976)
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" (2204)

========== Listing des dossiers Application Data

+- C:\Documents and Settings\Administrateur\Application Data

2005-06-16 à 00:10:42 - Lavasoft
2005-06-15 à 23:03:13 - Microsoft

+- C:\Documents and Settings\Administrateur\Local Settings\Application Data

2006-10-16 à 23:47:49 - IM
2005-06-15 à 23:04:17 - Microsoft

+- C:\Documents and Settings\All Users\Application Data

2004-06-20 à 16:10:33 - ACD Systems
2008-03-10 à 23:19:21 - Adobe
2008-01-22 à 15:00:04 - Apple Computer
2006-06-14 à 23:59:45 - Avery
2006-09-13 à 23:21:59 - Google
2007-08-30 à 00:08:45 - MailFrontier
2008-07-03 à 12:45:24 - Meal Memo Free View
2006-08-03 à 23:33:57 - Microsoft
2006-07-28 à 10:00:30 - QuickTime
2008-07-07 à 19:56:20 - Spybot - Search & Destroy
2004-03-12 à 00:39:30 - Symantec
2004-11-09 à 23:13:58 - Ulead Systems
2005-03-25 à 19:02:53 - Viewpoint
2006-07-23 à 22:16:41 - Windows Genuine Advantage
2007-09-17 à 02:55:44 - Windows Live Toolbar
2005-06-22 à 01:39:06 - wsxs
2007-01-06 à 01:45:55 - yahoo!

+- C:\Documents and Settings\Denis\Application Data

2004-07-17 à 11:57:07 - ACD Systems
2006-09-20 à 20:04:26 - Adobe
2007-02-09 à 01:52:35 - AdobeUM
2008-06-12 à 19:34:52 - Apple Computer
2006-09-23 à 14:55:07 - ArcSoft
2008-02-19 à 01:41:37 - BudgetExpress
2004-03-11 à 02:52:31 - Dossier de téléchargement Share-to-Web
2004-03-11 à 02:52:31 - Dossier de téléchargement Share-to-Web
2006-07-28 à 10:06:50 - FotoWire
2006-09-14 à 15:51:50 - Google
2004-06-24 à 13:13:03 - Help
2007-06-28 à 20:53:23 - ICAClient
2004-03-08 à 00:28:19 - Identities
2007-06-05 à 23:23:03 - IPC
2005-06-06 à 01:36:37 - Lavasoft
2004-11-09 à 01:06:35 - Leadertech
2004-11-30 à 01:08:12 - Macromedia
2008-04-28 à 20:08:14 - Microsoft
2004-03-08 à 00:33:55 - Microsoft Web Folders
2004-12-17 à 16:03:27 - Mozilla
2007-01-31 à 01:06:24 - Netscape
2005-05-16 à 13:13:37 - ntoc
2008-06-03 à 00:09:20 - OWNS LOVE OKAY
2008-06-14 à 19:02:48 - PPTminimizer
2005-02-09 à 00:35:25 - Real
2007-05-10 à 21:25:51 - Screenshot Sender
2004-09-10 à 01:47:25 - Sun
2004-11-26 à 23:56:06 - Symantec
2008-03-25 à 02:20:04 - U3
2004-11-09 à 23:14:43 - Ulead Systems

+- C:\Documents and Settings\Denis\Local Settings\Application Data

2006-08-29 à 00:07:15 - Adobe
2008-02-03 à 22:36:28 - Apple Computer
2006-09-14 à 15:47:19 - Google
2004-03-12 à 00:40:37 - Help
2004-03-13 à 17:47:34 - Identities
2006-12-03 à 16:18:59 - IM
2006-07-28 à 10:13:41 - Logitech-LS
2008-06-20 à 01:57:22 - Microsoft
2008-01-22 à 15:01:54 - OLYMPUS
2004-11-05 à 23:26:02 - Rio

+- C:\Documents and Settings\Joannie\Application Data

2008-01-24 à 21:35:23 - ACD Systems
2004-12-12 à 21:13:28 - Adobe
2006-06-29 à 14:52:59 - AdobeUM
2004-03-15 à 03:37:48 - Dossier de téléchargement Share-to-Web
2006-12-05 à 16:45:40 - Google
2004-03-08 à 01:12:23 - Help
2004-03-08 à 01:09:20 - Identities
2004-11-06 à 01:12:17 - Lavasoft
2004-12-12 à 21:19:55 - Macromedia
2007-09-17 à 02:55:38 - Microsoft
2008-05-25 à 11:05:31 - OWNS LOVE OKAY
2005-04-30 à 23:35:36 - Real
2004-11-20 à 03:01:17 - Sun
2005-12-05 à 23:22:46 - Symantec

+- C:\Documents and Settings\Joannie\Local Settings\Application Data

2006-12-31 à 20:24:26 - Adobe
2006-09-13 à 23:20:24 - Google
2004-03-08 à 01:12:23 - Help
2004-03-08 à 01:13:49 - Identities
2006-11-19 à 21:18:14 - IM
2006-08-03 à 18:36:02 - Logitech-LS
2006-07-06 à 16:38:38 - Microsoft

+- C:\Documents and Settings\Maryse\Application Data

2006-03-18 à 22:18:15 - ACD Systems
2007-02-12 à 22:05:22 - Adobe
2007-04-11 à 00:19:29 - AdobeUM
2006-11-08 à 01:25:15 - ArcSoft
2004-03-14 à 18:41:24 - Dossier de téléchargement Share-to-Web
2006-09-13 à 00:48:14 - Google
2004-05-03 à 01:42:59 - Help
2004-03-08 à 00:37:45 - Identities
2004-11-08 à 02:46:49 - Lavasoft
2005-01-13 à 01:57:58 - Macromedia
2007-09-18 à 23:26:56 - Microsoft
2005-04-03 à 23:30:16 - Mozilla
2008-07-03 à 12:45:33 - OWNS LOVE OKAY
2006-01-22 à 20:50:37 - Real
2004-09-27 à 00:45:59 - Sun
2005-08-02 à 16:14:26 - Symantec
2008-01-22 à 02:16:37 - U3
2004-11-28 à 17:01:19 - Ulead Systems
2007-01-06 à 01:47:58 - yahoo!

+- C:\Documents and Settings\Maryse\Local Settings\Application Data

2006-08-27 à 18:53:14 - Adobe
2008-02-27 à 13:03:14 - Apple Computer
2006-09-13 à 00:12:31 - Google
2004-05-03 à 01:42:59 - Help
2004-03-08 à 01:03:30 - Identities
2006-12-14 à 22:30:44 - IM
2007-03-03 à 03:04:02 - Logitech-LS
2008-06-14 à 01:20:12 - Microsoft

========== Listing du dossier Program Files

+- C:\Program Files

2005-05-22 à 20:43:20 - Access 97 Runtime
2004-06-20 à 16:10:33 - ACD Systems
2004-03-09 à 23:19:42 - acrobat reader
2008-03-10 à 23:14:54 - Adobe
2004-04-02 à 00:44:28 - Ahead
2006-09-23 à 14:25:01 - ArcSoft
2006-06-14 à 23:59:54 - Avery Dennison
2008-02-19 à 00:56:55 - BudgetExpress
2005-06-22 à 01:39:19 - C2Media
2005-07-02 à 11:22:29 - CCleaner
2005-06-19 à 02:00:12 - ComPlus Applications
2004-03-14 à 23:22:45 - Desktop Messenger
2008-01-22 à 15:01:31 - DIFX
2005-06-21 à 22:32:58 - ewido
2008-07-21 à 23:27:22 - Fichiers communs
2006-08-04 à 09:15:25 - Golden
2007-01-27 à 12:57:44 - Google
2004-03-11 à 02:52:27 - Hewlett-Packard
2006-11-15 à 22:10:14 - IncrediMail
2007-01-14 à 16:11:24 - InstallShield Installation Information
2005-11-20 à 15:59:50 - Internet Explorer
2007-10-16 à 23:18:15 - Java
2005-06-06 à 01:36:26 - Lavasoft
2006-07-28 à 10:06:47 - Logitech
2008-07-22 à 00:27:14 - Lopxp
2005-11-20 à 16:00:55 - Messenger
2005-06-06 à 01:38:46 - Messenger Plus! 3
2004-03-08 à 00:19:07 - microsoft frontpage
2007-01-31 à 01:08:23 - Microsoft Games
2006-07-05 à 01:39:59 - Microsoft Hardware
2006-09-23 à 15:31:36 - Microsoft Office
2004-12-07 à 13:33:55 - mIRC
2004-03-08 à 00:16:14 - Movie Maker
2004-03-08 à 00:14:06 - MSN Gaming Zone
2006-08-02 à 02:24:37 - MSXML 4.0
2004-03-14 à 23:23:26 - MUSICMATCH
2004-08-26 à 23:19:55 - NetMeeting
2006-09-19 à 17:14:14 - Netscape
2008-05-24 à 01:36:06 - Norton SystemWorks
2008-01-22 à 14:57:02 - OLYMPUS
2005-06-21 à 21:41:17 - Outlook Express
2008-07-03 à 12:45:20 - OWNS LOVE OKAY
2005-05-17 à 00:24:03 - PolderbitS
2008-01-22 à 15:01:23 - QuickTime
2004-12-17 à 20:29:15 - Real
2006-08-04 à 08:57:44 - Registry Mechanic
2008-01-22 à 14:42:16 - RescuePRO
2004-11-05 à 23:24:37 - Rio
2005-06-19 à 02:01:27 - Services en ligne
2005-01-25 à 01:39:14 - Siber Systems
2008-05-28 à 21:03:57 - Spybot - Search & Destroy
2008-06-17 à 21:11:54 - SpywareBlaster
2004-11-05 à 00:59:52 - StreamCast
2006-12-26 à 02:41:11 - Symantec
2005-02-12 à 19:39:22 - SymNetDrv
2005-03-06 à 20:56:09 - TablEdit
2004-08-26 à 23:17:41 - Uninstall Information
2004-12-17 à 20:35:14 - Winamp
2008-01-22 à 14:59:13 - Windows Media Player
2004-03-08 à 00:14:06 - Windows NT
2005-06-21 à 01:47:19 - WindowsUpdate
2005-05-22 à 22:14:14 - Wine Cellar
2005-11-20 à 16:06:16 - WinZip
2004-03-08 à 00:19:07 - xerox
2004-12-08 à 18:50:15 - ZeusCDRipper
2005-12-10 à 19:20:35 - Zone Labs

========== Tâches planifiées

A5F334F19184A9A1.job: c:\docume~1\joannie\applic~1\ownslo~1\way move keep.exe
A864E12E918F9872.job: c:\docume~1\maryse\applic~1\ownslo~1\way move keep.exe
Norton AntiVirus - Scan my computer.job: C:\PROGRA~1\NORTON~1\NORTON~1\NAVW32.exe /task:C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\NORTON~1\Tasks\mycomp.sca
Norton SystemWorks One Button Checkup.job: C:\Program Files\Norton SystemWorks\OBC.exe /CUSTOM /SCHEDULE
Symantec NetDetect.job: C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE

========== Clés registre

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FREE VIEW GRIM SOAP"="C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\fast global.exe"

========== Bloqueur popups Internet Explorer

Blocage des popups non géré par cette version du navigateur.

========== Suggestion ( /!\ Nécessite une interprétation.) ==========

C:\Documents and Settings\All Users\Application Data\Meal Memo Free View
C:\Documents and Settings\Denis\Application Data\OWNS LOVE OKAY
C:\Documents and Settings\Joannie\Application Data\OWNS LOVE OKAY
C:\Documents and Settings\Maryse\Application Data\OWNS LOVE OKAY
C:\Program Files\C2Media
C:\Program Files\OWNS LOVE OKAY
C:\WINDOWS\tasks\A5F334F19184A9A1.job
C:\WINDOWS\tasks\A864E12E918F9872.job

+- Registre:

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FREE VIEW GRIM SOAP"=-

- Fin du rapport -
0
Réponse 3 / 22
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Utilise mon programme s'il te plaît, celui-là ne gère pas le fichier Hosts.
0
Réponse 4 / 22
Den360 Messages postés 13 Statut Membre
 
voici le rapport !

--------------------\\ Lop S&D 4.2.2-2 XP/Vista

[ Windows XP (NT 5.1) Build 2600 ]
[ USER : Denis ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 2008-07-21 | 20:37:18,57 ] [ PC : BUREAU ]
[ MAJ : 20-07-2008 | 12:15 ]

--------------------\\ Listing des dossiers dans Application Data

[2004-12-10|11:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[2005-06-19|22:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Install.dat
[2005-06-15|20:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[2005-06-15|19:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[2004-06-20|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[2008-03-10|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-01-22|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2006-06-14|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avery
[2005-06-18|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2006-09-13|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2007-08-29|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[2008-07-03|08:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Meal Memo Free View
[2006-08-03|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-06-12|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[2006-07-28|06:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[2008-07-07|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2004-03-11|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2004-11-09|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2005-03-25|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[2006-07-23|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2007-09-16|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[2005-06-21|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\wsxs
[2007-01-05|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!

[2005-06-18|21:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2004-03-07|20:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2004-07-17|07:57] C:\DOCUME~1\Denis\APPLIC~1\ACD Systems
[2006-09-20|16:04] C:\DOCUME~1\Denis\APPLIC~1\Adobe
[2007-02-08|21:52] C:\DOCUME~1\Denis\APPLIC~1\AdobeUM
[2008-06-12|15:34] C:\DOCUME~1\Denis\APPLIC~1\Apple Computer
[2006-09-23|10:55] C:\DOCUME~1\Denis\APPLIC~1\ArcSoft
[2008-02-18|21:41] C:\DOCUME~1\Denis\APPLIC~1\BudgetExpress
[2004-03-07|13:59] C:\DOCUME~1\Denis\APPLIC~1\desktop.ini
[2004-03-10|22:52] C:\DOCUME~1\Denis\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[2004-03-10|22:52] C:\DOCUME~1\Denis\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[2006-07-28|06:06] C:\DOCUME~1\Denis\APPLIC~1\FotoWire
[2006-09-14|11:51] C:\DOCUME~1\Denis\APPLIC~1\Google
[2004-06-24|09:13] C:\DOCUME~1\Denis\APPLIC~1\Help
[2007-06-28|16:53] C:\DOCUME~1\Denis\APPLIC~1\ICAClient
[2004-03-07|20:28] C:\DOCUME~1\Denis\APPLIC~1\Identities
[2007-06-05|19:23] C:\DOCUME~1\Denis\APPLIC~1\IPC
[2005-06-05|21:36] C:\DOCUME~1\Denis\APPLIC~1\Lavasoft
[2004-11-08|21:06] C:\DOCUME~1\Denis\APPLIC~1\Leadertech
[2004-11-29|21:08] C:\DOCUME~1\Denis\APPLIC~1\Macromedia
[2008-04-28|16:08] C:\DOCUME~1\Denis\APPLIC~1\Microsoft
[2004-03-07|20:33] C:\DOCUME~1\Denis\APPLIC~1\Microsoft Web Folders
[2004-12-17|12:03] C:\DOCUME~1\Denis\APPLIC~1\Mozilla
[2007-01-30|21:06] C:\DOCUME~1\Denis\APPLIC~1\Netscape
[2005-05-16|09:13] C:\DOCUME~1\Denis\APPLIC~1\ntoc
[2008-06-02|20:09] C:\DOCUME~1\Denis\APPLIC~1\OWNS LOVE OKAY
[2008-06-14|15:02] C:\DOCUME~1\Denis\APPLIC~1\PPTminimizer
[2005-02-08|20:35] C:\DOCUME~1\Denis\APPLIC~1\Real
[2007-05-10|17:25] C:\DOCUME~1\Denis\APPLIC~1\Screenshot Sender
[2004-09-09|21:47] C:\DOCUME~1\Denis\APPLIC~1\Sun
[2004-11-26|19:56] C:\DOCUME~1\Denis\APPLIC~1\Symantec
[2004-12-09|21:00] C:\DOCUME~1\Denis\APPLIC~1\tvmcwrd.dll
[2004-12-09|20:43] C:\DOCUME~1\Denis\APPLIC~1\tvmknwrd.dll
[2008-03-24|22:20] C:\DOCUME~1\Denis\APPLIC~1\U3
[2004-11-09|19:14] C:\DOCUME~1\Denis\APPLIC~1\Ulead Systems

[2008-01-24|17:35] C:\DOCUME~1\Joannie\APPLIC~1\ACD Systems
[2004-12-12|17:13] C:\DOCUME~1\Joannie\APPLIC~1\Adobe
[2006-06-29|10:52] C:\DOCUME~1\Joannie\APPLIC~1\AdobeUM
[2004-03-07|13:59] C:\DOCUME~1\Joannie\APPLIC~1\desktop.ini
[2004-03-14|23:37] C:\DOCUME~1\Joannie\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[2006-12-05|12:45] C:\DOCUME~1\Joannie\APPLIC~1\Google
[2004-03-07|21:12] C:\DOCUME~1\Joannie\APPLIC~1\Help
[2004-03-07|21:09] C:\DOCUME~1\Joannie\APPLIC~1\Identities
[2004-11-05|21:12] C:\DOCUME~1\Joannie\APPLIC~1\Lavasoft
[2004-12-12|17:19] C:\DOCUME~1\Joannie\APPLIC~1\Macromedia
[2007-09-16|22:55] C:\DOCUME~1\Joannie\APPLIC~1\Microsoft
[2008-05-25|07:05] C:\DOCUME~1\Joannie\APPLIC~1\OWNS LOVE OKAY
[2005-04-30|19:35] C:\DOCUME~1\Joannie\APPLIC~1\Real
[2004-11-19|23:01] C:\DOCUME~1\Joannie\APPLIC~1\Sun
[2005-12-05|19:22] C:\DOCUME~1\Joannie\APPLIC~1\Symantec

[2004-03-09|22:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2006-03-18|18:18] C:\DOCUME~1\Maryse\APPLIC~1\ACD Systems
[2007-02-12|18:05] C:\DOCUME~1\Maryse\APPLIC~1\Adobe
[2007-04-10|20:19] C:\DOCUME~1\Maryse\APPLIC~1\AdobeUM
[2006-11-07|21:25] C:\DOCUME~1\Maryse\APPLIC~1\ArcSoft
[2004-03-07|13:59] C:\DOCUME~1\Maryse\APPLIC~1\desktop.ini
[2004-11-07|22:36] C:\DOCUME~1\Maryse\APPLIC~1\dm.ini
[2004-03-14|14:41] C:\DOCUME~1\Maryse\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[2006-09-12|20:48] C:\DOCUME~1\Maryse\APPLIC~1\Google
[2004-05-02|21:42] C:\DOCUME~1\Maryse\APPLIC~1\Help
[2004-03-07|20:37] C:\DOCUME~1\Maryse\APPLIC~1\Identities
[2004-11-07|22:46] C:\DOCUME~1\Maryse\APPLIC~1\Lavasoft
[2005-01-12|21:57] C:\DOCUME~1\Maryse\APPLIC~1\Macromedia
[2007-09-18|19:26] C:\DOCUME~1\Maryse\APPLIC~1\Microsoft
[2005-04-03|19:30] C:\DOCUME~1\Maryse\APPLIC~1\Mozilla
[2008-07-03|08:45] C:\DOCUME~1\Maryse\APPLIC~1\OWNS LOVE OKAY
[2006-01-22|16:50] C:\DOCUME~1\Maryse\APPLIC~1\Real
[2004-09-26|20:45] C:\DOCUME~1\Maryse\APPLIC~1\Sun
[2005-08-02|12:14] C:\DOCUME~1\Maryse\APPLIC~1\Symantec
[2008-01-21|22:16] C:\DOCUME~1\Maryse\APPLIC~1\U3
[2004-11-28|13:01] C:\DOCUME~1\Maryse\APPLIC~1\Ulead Systems
[2007-01-05|21:47] C:\DOCUME~1\Maryse\APPLIC~1\yahoo!

[2004-03-07|20:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2008-07-21 20:00][--ah-c---] C:\WINDOWS\tasks\A864E12E918F9872.job
[2008-05-25 18:00][--ah-c---] C:\WINDOWS\tasks\A5F334F19184A9A1.job
[2008-07-21 17:59][--a--c---] C:\WINDOWS\tasks\Symantec NetDetect.job
[2008-06-13 20:03][--a--c---] C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
[2008-06-13 19:29][--a--c---] C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[2008-07-21 14:09][--ah-c---] C:\WINDOWS\tasks\SA.DAT
[2001-08-28 08:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

( A5F334F19184A9A1.job )=( c:\docume~1\joannie\applic~1\ownslo~1\waymovekeep.exe )
( A864E12E918F9872.job )=( c:\docume~1\maryse\applic~1\ownslo~1\waymovekeep.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[2005-05-22|16:43] C:\Program Files\Access 97 Runtime
[2004-06-20|12:10] C:\Program Files\ACD Systems
[2004-03-09|19:19] C:\Program Files\acrobat reader
[2008-03-10|19:14] C:\Program Files\Adobe
[2004-04-01|20:44] C:\Program Files\Ahead
[2006-09-23|10:25] C:\Program Files\ArcSoft
[2006-06-14|19:59] C:\Program Files\Avery Dennison
[2008-02-18|20:56] C:\Program Files\BudgetExpress
[2005-06-21|21:39] C:\Program Files\C2Media
[2005-07-02|07:22] C:\Program Files\CCleaner
[2005-06-18|22:00] C:\Program Files\ComPlus Applications
[2004-03-14|19:22] C:\Program Files\Desktop Messenger
[2008-01-22|11:01] C:\Program Files\DIFX
[2005-06-21|18:32] C:\Program Files\ewido
[2008-07-21|19:27] C:\Program Files\Fichiers communs
[2006-08-04|05:15] C:\Program Files\Golden
[2007-01-27|08:57] C:\Program Files\Google
[2004-03-10|22:52] C:\Program Files\Hewlett-Packard
[2006-11-15|18:10] C:\Program Files\IncrediMail
[2007-01-14|12:11] C:\Program Files\InstallShield Installation Information
[2005-11-20|11:59] C:\Program Files\Internet Explorer
[2007-10-16|19:18] C:\Program Files\Java
[2005-06-05|21:36] C:\Program Files\Lavasoft
[2006-07-28|06:06] C:\Program Files\Logitech
[2008-07-21|20:27] C:\Program Files\Lopxp
[2005-11-20|12:00] C:\Program Files\Messenger
[2005-06-05|21:38] C:\Program Files\Messenger Plus! 3
[2004-03-07|20:19] C:\Program Files\microsoft frontpage
[2007-01-30|21:08] C:\Program Files\Microsoft Games
[2006-07-04|21:39] C:\Program Files\Microsoft Hardware
[2006-09-23|11:31] C:\Program Files\Microsoft Office
[2004-12-07|09:33] C:\Program Files\mIRC
[2004-03-07|20:16] C:\Program Files\Movie Maker
[2004-03-07|20:14] C:\Program Files\MSN Gaming Zone
[2006-08-01|22:24] C:\Program Files\MSXML 4.0
[2004-03-14|19:23] C:\Program Files\MUSICMATCH
[2004-08-26|19:19] C:\Program Files\NetMeeting
[2006-09-19|13:14] C:\Program Files\Netscape
[2008-05-23|21:36] C:\Program Files\Norton SystemWorks
[2008-01-22|10:57] C:\Program Files\OLYMPUS
[2005-06-21|17:41] C:\Program Files\Outlook Express
[2008-07-03|08:45] C:\Program Files\OWNS LOVE OKAY
[2005-05-16|20:24] C:\Program Files\PolderbitS
[2008-01-22|11:01] C:\Program Files\QuickTime
[2004-12-17|16:29] C:\Program Files\Real
[2006-08-04|04:57] C:\Program Files\Registry Mechanic
[2008-01-22|10:42] C:\Program Files\RescuePRO
[2004-11-05|19:24] C:\Program Files\Rio
[2005-06-18|22:01] C:\Program Files\Services en ligne
[2005-01-24|21:39] C:\Program Files\Siber Systems
[2008-05-28|17:03] C:\Program Files\Spybot - Search & Destroy
[2008-06-17|17:11] C:\Program Files\SpywareBlaster
[2004-11-04|20:59] C:\Program Files\StreamCast
[2006-12-25|22:41] C:\Program Files\Symantec
[2005-02-12|15:39] C:\Program Files\SymNetDrv
[2005-03-06|16:56] C:\Program Files\TablEdit
[2004-08-26|19:17] C:\Program Files\Uninstall Information
[2004-12-17|16:35] C:\Program Files\Winamp
[2008-01-22|10:59] C:\Program Files\Windows Media Player
[2004-03-07|20:14] C:\Program Files\Windows NT
[2005-06-20|21:47] C:\Program Files\WindowsUpdate
[2005-05-22|18:14] C:\Program Files\Wine Cellar
[2005-11-20|12:06] C:\Program Files\WinZip
[2004-03-07|20:19] C:\Program Files\xerox
[2004-12-08|14:50] C:\Program Files\ZeusCDRipper
[2005-12-10|15:20] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[2004-06-20|12:10] C:\Program Files\Fichiers communs\ACD Systems
[2008-03-10|19:14] C:\Program Files\Fichiers communs\Adobe
[2004-04-01|20:44] C:\Program Files\Fichiers communs\Ahead
[2004-03-07|20:35] C:\Program Files\Fichiers communs\Designer
[2006-07-28|06:06] C:\Program Files\Fichiers communs\FotoWire
[2004-11-05|19:24] C:\Program Files\Fichiers communs\Gracenote
[2004-03-10|22:52] C:\Program Files\Fichiers communs\Hewlett-Packard
[2006-06-14|19:58] C:\Program Files\Fichiers communs\InstallShield
[2004-09-09|21:46] C:\Program Files\Fichiers communs\Java
[2006-07-28|06:03] C:\Program Files\Fichiers communs\Logitech
[2008-06-05|16:22] C:\Program Files\Fichiers communs\Microsoft Shared
[2005-03-15|10:04] C:\Program Files\Fichiers communs\mozilla.org
[2005-03-11|14:32] C:\Program Files\Fichiers communs\MSSoap
[2004-03-07|14:00] C:\Program Files\Fichiers communs\ODBC
[2005-02-08|20:32] C:\Program Files\Fichiers communs\Real
[2004-03-07|20:15] C:\Program Files\Fichiers communs\Services
[2004-03-07|20:46] C:\Program Files\Fichiers communs\Sierra On-Line
[2004-03-07|14:00] C:\Program Files\Fichiers communs\SpeechEngines
[2008-07-21|19:28] C:\Program Files\Fichiers communs\Symantec Shared
[2005-06-21|17:41] C:\Program Files\Fichiers communs\System
[2004-11-09|19:11] C:\Program Files\Fichiers communs\Ulead Systems
[2005-06-21|21:39] C:\Program Files\Fichiers communs\Uninstall Information
[2005-02-08|20:32] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 70 Processus )

IEXPLORE.EXE ~ [2260]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Denis\APPLIC~1\ownslo~1
C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1
C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\BendDartStore.exe
C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\jwhkwdsk.exe
C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\The Copy Idle Program.exe
C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\way move keep.exe
C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1
C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\BendDartStore.exe
C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\rimtoves.exe
C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\The Copy Idle Program.exe
C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\way move keep.exe
C:\Program Files\ownslo~1
C:\Program Files\C2Media
C:\DOCUME~1\Denis\Cookies\denis@adopt.euroclick[2].txt
C:\WINDOWS\Tasks\A5F334F19184A9A1.job
C:\WINDOWS\Tasks\A864E12E918F9872.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 8506 [ 70 ## added by CiD ]

/!\ 1 Not 127.0.0.1 !!

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-21 20:38:22
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

=> C:\DOCUME~1\Denis\Favoris\download\AllSeek.iNFO The Ultimate Cracks Search Engine.url
=> C:\DOCUME~1\Denis\Favoris\download\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url
=> C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Letter\cracking_crackers.imf
=> C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Runtime\EmoticonCenter\cracker.gif
=> C:\DOCUME~1\Denis\Favoris\download\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url

[F:5][D:2]-> C:\DOCUME~1\Denis\LOCALS~1\Temp
[F:13][D:0]-> C:\DOCUME~1\Denis\Cookies
[F:467][D:10]-> C:\DOCUME~1\Denis\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 20:40:34,67
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
0
Réponse 6 / 22
Den360 Messages postés 13 Statut Membre
 
Rapport avec option supperssion !

--------------------\\ Lop S&D 4.2.2-2 XP/Vista

[ Windows XP (NT 5.1) Build 2600 ]
[ USER : Denis ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 2008-07-21 | 20:47:27,70 ] [ PC : BUREAU ]
[ MAJ : 20-07-2008 | 12:15 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprime! - C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\BendDartStore.exe
Supprime! - C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\jwhkwdsk.exe
Supprime! - C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\The Copy Idle Program.exe
Supprime! - C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\way move keep.exe
Supprime! - C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\BendDartStore.exe
Supprime! - C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\rimtoves.exe
Supprime! - C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\The Copy Idle Program.exe
Supprime! - C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\way move keep.exe
Supprime! - C:\DOCUME~1\Denis\Cookies\denis@adopt.euroclick[2].txt
Supprime! - C:\WINDOWS\Tasks\A5F334F19184A9A1.job
Supprime! - C:\WINDOWS\Tasks\A864E12E918F9872.job
Supprime! - C:\DOCUME~1\Denis\APPLIC~1\ownslo~1
Supprime! - C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1
Supprime! - C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1
Supprime! - C:\Program Files\ownslo~1
Supprime! - C:\Program Files\C2Media
RestaurÚ! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Application Data

[2004-12-10|11:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[2005-06-19|22:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Install.dat
[2005-06-15|20:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[2005-06-15|19:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[2004-06-20|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[2008-03-10|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-01-22|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2006-06-14|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avery
[2005-06-18|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2006-09-13|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2007-08-29|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[2008-07-03|08:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Meal Memo Free View
[2006-08-03|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-06-12|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[2006-07-28|06:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[2008-07-07|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2004-03-11|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2004-11-09|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2006-07-23|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2007-09-16|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[2005-06-21|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\wsxs
[2007-01-05|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!

[2005-06-18|21:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2004-03-07|20:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2004-07-17|07:57] C:\DOCUME~1\Denis\APPLIC~1\ACD Systems
[2006-09-20|16:04] C:\DOCUME~1\Denis\APPLIC~1\Adobe
[2007-02-08|21:52] C:\DOCUME~1\Denis\APPLIC~1\AdobeUM
[2008-06-12|15:34] C:\DOCUME~1\Denis\APPLIC~1\Apple Computer
[2006-09-23|10:55] C:\DOCUME~1\Denis\APPLIC~1\ArcSoft
[2008-02-18|21:41] C:\DOCUME~1\Denis\APPLIC~1\BudgetExpress
[2004-03-07|13:59] C:\DOCUME~1\Denis\APPLIC~1\desktop.ini
[2004-03-10|22:52] C:\DOCUME~1\Denis\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[2004-03-10|22:52] C:\DOCUME~1\Denis\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[2006-07-28|06:06] C:\DOCUME~1\Denis\APPLIC~1\FotoWire
[2006-09-14|11:51] C:\DOCUME~1\Denis\APPLIC~1\Google
[2004-06-24|09:13] C:\DOCUME~1\Denis\APPLIC~1\Help
[2007-06-28|16:53] C:\DOCUME~1\Denis\APPLIC~1\ICAClient
[2004-03-07|20:28] C:\DOCUME~1\Denis\APPLIC~1\Identities
[2007-06-05|19:23] C:\DOCUME~1\Denis\APPLIC~1\IPC
[2005-06-05|21:36] C:\DOCUME~1\Denis\APPLIC~1\Lavasoft
[2004-11-08|21:06] C:\DOCUME~1\Denis\APPLIC~1\Leadertech
[2004-11-29|21:08] C:\DOCUME~1\Denis\APPLIC~1\Macromedia
[2008-04-28|16:08] C:\DOCUME~1\Denis\APPLIC~1\Microsoft
[2004-03-07|20:33] C:\DOCUME~1\Denis\APPLIC~1\Microsoft Web Folders
[2004-12-17|12:03] C:\DOCUME~1\Denis\APPLIC~1\Mozilla
[2007-01-30|21:06] C:\DOCUME~1\Denis\APPLIC~1\Netscape
[2005-05-16|09:13] C:\DOCUME~1\Denis\APPLIC~1\ntoc
[2008-06-14|15:02] C:\DOCUME~1\Denis\APPLIC~1\PPTminimizer
[2005-02-08|20:35] C:\DOCUME~1\Denis\APPLIC~1\Real
[2007-05-10|17:25] C:\DOCUME~1\Denis\APPLIC~1\Screenshot Sender
[2004-09-09|21:47] C:\DOCUME~1\Denis\APPLIC~1\Sun
[2004-11-26|19:56] C:\DOCUME~1\Denis\APPLIC~1\Symantec
[2004-12-09|21:00] C:\DOCUME~1\Denis\APPLIC~1\tvmcwrd.dll
[2004-12-09|20:43] C:\DOCUME~1\Denis\APPLIC~1\tvmknwrd.dll
[2008-03-24|22:20] C:\DOCUME~1\Denis\APPLIC~1\U3
[2004-11-09|19:14] C:\DOCUME~1\Denis\APPLIC~1\Ulead Systems

[2008-01-24|17:35] C:\DOCUME~1\Joannie\APPLIC~1\ACD Systems
[2004-12-12|17:13] C:\DOCUME~1\Joannie\APPLIC~1\Adobe
[2006-06-29|10:52] C:\DOCUME~1\Joannie\APPLIC~1\AdobeUM
[2004-03-07|13:59] C:\DOCUME~1\Joannie\APPLIC~1\desktop.ini
[2004-03-14|23:37] C:\DOCUME~1\Joannie\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[2006-12-05|12:45] C:\DOCUME~1\Joannie\APPLIC~1\Google
[2004-03-07|21:12] C:\DOCUME~1\Joannie\APPLIC~1\Help
[2004-03-07|21:09] C:\DOCUME~1\Joannie\APPLIC~1\Identities
[2004-11-05|21:12] C:\DOCUME~1\Joannie\APPLIC~1\Lavasoft
[2004-12-12|17:19] C:\DOCUME~1\Joannie\APPLIC~1\Macromedia
[2007-09-16|22:55] C:\DOCUME~1\Joannie\APPLIC~1\Microsoft
[2005-04-30|19:35] C:\DOCUME~1\Joannie\APPLIC~1\Real
[2004-11-19|23:01] C:\DOCUME~1\Joannie\APPLIC~1\Sun
[2005-12-05|19:22] C:\DOCUME~1\Joannie\APPLIC~1\Symantec

[2004-03-09|22:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2006-03-18|18:18] C:\DOCUME~1\Maryse\APPLIC~1\ACD Systems
[2007-02-12|18:05] C:\DOCUME~1\Maryse\APPLIC~1\Adobe
[2007-04-10|20:19] C:\DOCUME~1\Maryse\APPLIC~1\AdobeUM
[2006-11-07|21:25] C:\DOCUME~1\Maryse\APPLIC~1\ArcSoft
[2004-03-07|13:59] C:\DOCUME~1\Maryse\APPLIC~1\desktop.ini
[2004-11-07|22:36] C:\DOCUME~1\Maryse\APPLIC~1\dm.ini
[2004-03-14|14:41] C:\DOCUME~1\Maryse\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[2006-09-12|20:48] C:\DOCUME~1\Maryse\APPLIC~1\Google
[2004-05-02|21:42] C:\DOCUME~1\Maryse\APPLIC~1\Help
[2004-03-07|20:37] C:\DOCUME~1\Maryse\APPLIC~1\Identities
[2004-11-07|22:46] C:\DOCUME~1\Maryse\APPLIC~1\Lavasoft
[2005-01-12|21:57] C:\DOCUME~1\Maryse\APPLIC~1\Macromedia
[2007-09-18|19:26] C:\DOCUME~1\Maryse\APPLIC~1\Microsoft
[2005-04-03|19:30] C:\DOCUME~1\Maryse\APPLIC~1\Mozilla
[2006-01-22|16:50] C:\DOCUME~1\Maryse\APPLIC~1\Real
[2004-09-26|20:45] C:\DOCUME~1\Maryse\APPLIC~1\Sun
[2005-08-02|12:14] C:\DOCUME~1\Maryse\APPLIC~1\Symantec
[2008-01-21|22:16] C:\DOCUME~1\Maryse\APPLIC~1\U3
[2004-11-28|13:01] C:\DOCUME~1\Maryse\APPLIC~1\Ulead Systems
[2007-01-05|21:47] C:\DOCUME~1\Maryse\APPLIC~1\yahoo!

[2004-03-07|20:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2008-07-21 17:59][--a--c---] C:\WINDOWS\tasks\Symantec NetDetect.job
[2008-06-13 20:03][--a--c---] C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
[2008-06-13 19:29][--a--c---] C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[2008-07-21 14:09][--ah-c---] C:\WINDOWS\tasks\SA.DAT
[2001-08-28 08:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[2005-05-22|16:43] C:\Program Files\Access 97 Runtime
[2004-06-20|12:10] C:\Program Files\ACD Systems
[2004-03-09|19:19] C:\Program Files\acrobat reader
[2008-03-10|19:14] C:\Program Files\Adobe
[2004-04-01|20:44] C:\Program Files\Ahead
[2006-09-23|10:25] C:\Program Files\ArcSoft
[2006-06-14|19:59] C:\Program Files\Avery Dennison
[2008-02-18|20:56] C:\Program Files\BudgetExpress
[2005-07-02|07:22] C:\Program Files\CCleaner
[2005-06-18|22:00] C:\Program Files\ComPlus Applications
[2004-03-14|19:22] C:\Program Files\Desktop Messenger
[2008-01-22|11:01] C:\Program Files\DIFX
[2005-06-21|18:32] C:\Program Files\ewido
[2008-07-21|19:27] C:\Program Files\Fichiers communs
[2006-08-04|05:15] C:\Program Files\Golden
[2007-01-27|08:57] C:\Program Files\Google
[2004-03-10|22:52] C:\Program Files\Hewlett-Packard
[2006-11-15|18:10] C:\Program Files\IncrediMail
[2007-01-14|12:11] C:\Program Files\InstallShield Installation Information
[2005-11-20|11:59] C:\Program Files\Internet Explorer
[2007-10-16|19:18] C:\Program Files\Java
[2005-06-05|21:36] C:\Program Files\Lavasoft
[2006-07-28|06:06] C:\Program Files\Logitech
[2008-07-21|20:27] C:\Program Files\Lopxp
[2005-11-20|12:00] C:\Program Files\Messenger
[2005-06-05|21:38] C:\Program Files\Messenger Plus! 3
[2004-03-07|20:19] C:\Program Files\microsoft frontpage
[2007-01-30|21:08] C:\Program Files\Microsoft Games
[2006-07-04|21:39] C:\Program Files\Microsoft Hardware
[2006-09-23|11:31] C:\Program Files\Microsoft Office
[2004-12-07|09:33] C:\Program Files\mIRC
[2004-03-07|20:16] C:\Program Files\Movie Maker
[2004-03-07|20:14] C:\Program Files\MSN Gaming Zone
[2006-08-01|22:24] C:\Program Files\MSXML 4.0
[2004-03-14|19:23] C:\Program Files\MUSICMATCH
[2004-08-26|19:19] C:\Program Files\NetMeeting
[2006-09-19|13:14] C:\Program Files\Netscape
[2008-05-23|21:36] C:\Program Files\Norton SystemWorks
[2008-01-22|10:57] C:\Program Files\OLYMPUS
[2005-06-21|17:41] C:\Program Files\Outlook Express
[2005-05-16|20:24] C:\Program Files\PolderbitS
[2008-01-22|11:01] C:\Program Files\QuickTime
[2004-12-17|16:29] C:\Program Files\Real
[2006-08-04|04:57] C:\Program Files\Registry Mechanic
[2008-01-22|10:42] C:\Program Files\RescuePRO
[2004-11-05|19:24] C:\Program Files\Rio
[2005-06-18|22:01] C:\Program Files\Services en ligne
[2005-01-24|21:39] C:\Program Files\Siber Systems
[2008-05-28|17:03] C:\Program Files\Spybot - Search & Destroy
[2008-06-17|17:11] C:\Program Files\SpywareBlaster
[2004-11-04|20:59] C:\Program Files\StreamCast
[2006-12-25|22:41] C:\Program Files\Symantec
[2005-02-12|15:39] C:\Program Files\SymNetDrv
[2005-03-06|16:56] C:\Program Files\TablEdit
[2004-08-26|19:17] C:\Program Files\Uninstall Information
[2004-12-17|16:35] C:\Program Files\Winamp
[2008-01-22|10:59] C:\Program Files\Windows Media Player
[2004-03-07|20:14] C:\Program Files\Windows NT
[2005-06-20|21:47] C:\Program Files\WindowsUpdate
[2005-05-22|18:14] C:\Program Files\Wine Cellar
[2005-11-20|12:06] C:\Program Files\WinZip
[2004-03-07|20:19] C:\Program Files\xerox
[2004-12-08|14:50] C:\Program Files\ZeusCDRipper
[2005-12-10|15:20] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[2004-06-20|12:10] C:\Program Files\Fichiers communs\ACD Systems
[2008-03-10|19:14] C:\Program Files\Fichiers communs\Adobe
[2004-04-01|20:44] C:\Program Files\Fichiers communs\Ahead
[2004-03-07|20:35] C:\Program Files\Fichiers communs\Designer
[2006-07-28|06:06] C:\Program Files\Fichiers communs\FotoWire
[2004-11-05|19:24] C:\Program Files\Fichiers communs\Gracenote
[2004-03-10|22:52] C:\Program Files\Fichiers communs\Hewlett-Packard
[2006-06-14|19:58] C:\Program Files\Fichiers communs\InstallShield
[2004-09-09|21:46] C:\Program Files\Fichiers communs\Java
[2006-07-28|06:03] C:\Program Files\Fichiers communs\Logitech
[2008-06-05|16:22] C:\Program Files\Fichiers communs\Microsoft Shared
[2005-03-15|10:04] C:\Program Files\Fichiers communs\mozilla.org
[2005-03-11|14:32] C:\Program Files\Fichiers communs\MSSoap
[2004-03-07|14:00] C:\Program Files\Fichiers communs\ODBC
[2005-02-08|20:32] C:\Program Files\Fichiers communs\Real
[2004-03-07|20:15] C:\Program Files\Fichiers communs\Services
[2004-03-07|20:46] C:\Program Files\Fichiers communs\Sierra On-Line
[2004-03-07|14:00] C:\Program Files\Fichiers communs\SpeechEngines
[2008-07-21|19:28] C:\Program Files\Fichiers communs\Symantec Shared
[2005-06-21|17:41] C:\Program Files\Fichiers communs\System
[2004-11-09|19:11] C:\Program Files\Fichiers communs\Ulead Systems
[2005-06-21|21:39] C:\Program Files\Fichiers communs\Uninstall Information
[2005-02-08|20:32] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 68 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-21 20:48:37
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

=> C:\DOCUME~1\Denis\Favoris\download\AllSeek.iNFO The Ultimate Cracks Search Engine.url
=> C:\DOCUME~1\Denis\Favoris\download\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url
=> C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Letter\cracking_crackers.imf
=> C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Runtime\EmoticonCenter\cracker.gif
=> C:\DOCUME~1\Denis\Favoris\download\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url

[F:5][D:2]-> C:\DOCUME~1\Denis\LOCALS~1\Temp
[F:12][D:0]-> C:\DOCUME~1\Denis\Cookies
[F:488][D:10]-> C:\DOCUME~1\Denis\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 20:50:26,83
0
Réponse 7 / 22
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
---> Télécharge OTMoveIt2 à partir du lien ci-dessous :
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

---> Enregistre le fichier sur le Bureau.

---> Double-clique sur le fichier OTMoveIt2.exe pour lancer l'outil.
Assure-toi que la case Unregister Dll's and Ocx's soit bien cochée.

---> Copie l'intégralité du texte ci-dessous et colle-le dans la fenêtre intitulée Paste Standard List of Files/Folders to be moved.

C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\

---> Clique sur MoveIt! pour lancer la suppression.
Lorsqu'un résultat apparaît dans le cadre Results, clique sur Exit.

Note : Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.

---> Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
0
Réponse 8 / 22
Den360 Messages postés 13 Statut Membre
 
C:\Documents and Settings\All Users\Application Data\Meal Memo Free View moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07212008_210439
0
Réponse 9 / 22
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

- Clique sur Install ensuite sur I Accept

- Clique sur Do a scan system and save log file

- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
0
Réponse 10 / 22
Den360 Messages postés 13 Statut Membre
 
et voila le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:11:24, on 2008-07-21
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\RioMSC.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [FREE VIEW GRIM SOAP] C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\fast global.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Maryse')
O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Maryse')
O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [BindKnob] C:\DOCUME~1\Maryse\APPLIC~1\OWNSLO~1\BendDartStore.exe (User 'Maryse')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Barre RoboForm &2 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le &formulaire [ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le &menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire ] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire ] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le &formulaire [ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {597F9140-0DC6-4657-A162-76EC0E7AEE81} (ActiveBroadcast Control) - http://www.meetstream.com/activex/28081/activebroadcast.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {BFD90062-6B5E-4F8F-87B1-5F022C14E32F} (ActiveReceiver Control) - http://www.meetstream.com/activex/28081/activereceiver.cab
O16 - DPF: {FA30EC32-668B-4B60-B13C-4C84EB90C3C9} (ActiveID Control) - http://www.meetstream.com/activex/28081/activeid.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: RIO Mass Storage C (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 11 / 22
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Ton Windows n'est pas à jour, c'est pas bien du tout.

Mets à jour Java et poste un nouveau rapport HijackThis :
https://www.java.com/fr/download/manual.jsp
0
Réponse 12 / 22
Den360 Messages postés 13 Statut Membre
 
j ai fais mon update java et voici le rapport de hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:31:25, on 2008-07-21
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\RioMSC.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [FREE VIEW GRIM SOAP] C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\fast global.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Maryse')
O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Maryse')
O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [BindKnob] C:\DOCUME~1\Maryse\APPLIC~1\OWNSLO~1\BendDartStore.exe (User 'Maryse')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Barre RoboForm &2 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le &formulaire [ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le &menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire ] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire ] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le &formulaire [ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {597F9140-0DC6-4657-A162-76EC0E7AEE81} (ActiveBroadcast Control) - http://www.meetstream.com/activex/28081/activebroadcast.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {BFD90062-6B5E-4F8F-87B1-5F022C14E32F} (ActiveReceiver Control) - http://www.meetstream.com/activex/28081/activereceiver.cab
O16 - DPF: {FA30EC32-668B-4B60-B13C-4C84EB90C3C9} (ActiveID Control) - http://www.meetstream.com/activex/28081/activeid.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: RIO Mass Storage C (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 13 / 22
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
---> Relance HijackThis et choisis Do a system scan only

---> Coche les cases qui sont devant les lignes suivantes :

R3 - Default URLSearchHook is missing

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [FREE VIEW GRIM SOAP] C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\fast global.exe

O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [BindKnob] C:\DOCUME~1\Maryse\APPLIC~1\OWNSLO~1\BendDartStore.exe (User 'Maryse')

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Poste un nouveau rapport HijackThis.

Je pourrais te virer des logiciels qui se lancent au démarrage mais je sais pas si tu en as besoin.
0
Réponse 14 / 22
Den360 Messages postés 13 Statut Membre
 
et voila c est fait !

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:48:06, on 2008-07-21
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\RioMSC.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Maryse')
O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Maryse')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Barre RoboForm &2 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le &formulaire [ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le &menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire ] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire ] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le &formulaire [ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {597F9140-0DC6-4657-A162-76EC0E7AEE81} (ActiveBroadcast Control) - http://www.meetstream.com/activex/28081/activebroadcast.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {BFD90062-6B5E-4F8F-87B1-5F022C14E32F} (ActiveReceiver Control) - http://www.meetstream.com/activex/28081/activereceiver.cab
O16 - DPF: {FA30EC32-668B-4B60-B13C-4C84EB90C3C9} (ActiveID Control) - http://www.meetstream.com/activex/28081/activeid.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: RIO Mass Storage C (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 15 / 22
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Plus de trace d'infection.

Je vais aller me coucher alors je vais te faire un pavé.

Télécharge Tools Cleaner sur ton bureau.
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
Clique sur Recherche et laisse le scan agir.
Clique sur Suppression pour finaliser.
Tu peux, si tu le souhaites, te servir des Options facultatives.
Clique sur Quitter pour obtenir le rapport.
Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

---> Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
https://www.ccleaner.com/ccleaner/download

---> Lance-le. Va dans "Options" puis "Avancé", tu décoches la case "Effacer uniquement les fichiers etc...". Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage. Puis tu vas dans "Registre", tu fais "Chercher des erreurs". Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.

---> Il est nécessaire de désactiver puis réactiver la restauration système, fais-le :
http://www.infos-du-net.com/forum/272480-11-desactiver-activer-restauration-systeme

---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
https://www.vulgarisation-informatique.com/creer-point-restauration.php

- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

- Mets-le à jour

- Redémarre en mode sans échec (Recommandé mais pas obligatoire) :
https://www.malekal.com/demarrer-windows-mode-sans-echec/

- Choisis ta session habituelle

- Fais un scan complet avec MalwareByte's Anti-Malware

- Supprime tout ce que le logiciel trouve, enregistre le rapport

- Redémarre en mode normal et poste le rapport ici

Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0
Réponse 16 / 22
Den360 Messages postés 13 Statut Membre
 
merci beaucoup , moi aussi je vais me coucher ... je vais continuer demain soir.

Bonne Nuit !

Den 360
0
Réponse 17 / 22
Den360 Messages postés 13 Statut Membre
 
rapport de tool cleaner

-->- Recherche:

C:\Lop SD: trouvé !
C:\HijackThis: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Denis\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Denis\Bureau\Lop S&D.lnk: trouvé !
C:\Documents and Settings\Denis\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\Denis\Bureau\KillBox.exe: trouvé !
C:\Documents and Settings\Denis\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\Denis\Menu Démarrer\Programmes\Lop S&D: trouvé !
C:\hijackthis\HijackThis.exe: trouvé !
C:\Lop SD\Lop S&D.lnk: trouvé !
C:\Program Files\Logitech\iTouch\Drivers\Clean: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Denis\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Denis\Bureau\Lop S&D.lnk: supprimé !
C:\Documents and Settings\Denis\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\Denis\Bureau\KillBox.exe: supprimé !
C:\Documents and Settings\Denis\Bureau\HJTInstall.exe: supprimé !
C:\hijackthis\HijackThis.exe: supprimé !
C:\Lop SD\Lop S&D.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Lop SD: supprimé !
C:\HijackThis: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Denis\Menu Démarrer\Programmes\Lop S&D: supprimé !
C:\Program Files\Logitech\iTouch\Drivers\Clean: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Corbeille vidée!
Fichiers temporaires nettoyés !
0
Réponse 18 / 22
Den360 Messages postés 13 Statut Membre
 
rapport

Malwarebytes' Anti-Malware 1.22
Version de la base de données: 980
Windows 5.1.2600

20:01:16 2008-07-22
mbam-log-7-22-2008 (20-01-16).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 127800
Temps écoulé: 38 minute(s), 20 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\tmlpcert2005 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\Denis\Application Data\tvmknwrd.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Est-ce que tu crois qu'il me reste de cette saloperie ?

Merci encore pour ton aide !
0
Réponse 19 / 22
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Le rapport MBAM montre une infection. On va utiliser Navilog1 :

- Télécharge Navilog1 (de IL-MAFIOSO) et enregistre-le sur le bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

- Double-clique sur Navilog1.exe afin de lancer l'installation

- Si le fix ne lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le bureau

- Appuie sur F ou f puis valide par Entrée

- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options

- Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix

- Patiente jusqu'au message : *** Analyse Termine le ..... ***

- Le scan fini, le bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse

- Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
0
Réponse 20 / 22
Den360 Messages postés 13 Statut Membre
 
rapport completé

Search Navipromo version 3.6.1 commencé le 2008-07-22 à 20:27:34,61

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Denis"

Mise à jour le 19.07.2008 à 20h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2600.0000
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Denis\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Joannie\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Maryse\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Denis\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Joannie\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Maryse\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Denis\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Joannie\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Maryse\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier Navipromo trouvé

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Denis\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\Joannie\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\Maryse\locals~1\applic~1" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

* Dans "C:\Documents and Settings\Denis\locals~1\applic~1" :

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :

* Dans "C:\DOCUME~1\Joannie\locals~1\applic~1" :

* Dans "C:\DOCUME~1\Maryse\locals~1\applic~1" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 2008-07-22 à 20:41:45,83 ***
0

Discussions similaires

Afficher deux fenêtres côte à côte
ptitchinoise -
pistouri -

11 réponses
Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses
Encore les CiD
doudoudim -
doudoudim -

18 réponses
Mon ordinateur ouvre des pages du bureau tout seul
Tanguy -
Tanguy -

9 réponses
appel intrusif sur Skype
FAMATHELY -
Utilisateur anonyme -

3 réponses